Není spuštěna služba DPS

Zpráva

Pitrs56 · #1 Příspěvek od **Pitrs56** » 10 čer 2012 10:42

Dobrý den,
Včera mi přestal jít internet na druhým počítači (wifi), zkoušel jsem kliknout na odstranit potíže a vyskočilo mi :"Není spuštěna služba DPS(Diagnostic Policy Service.)" Pak jsem přes Služby zkoušel zapnout DPS a napsalo mi :"Systém Windows nemohl v počítači Local Computer spustit službu DPS (Diagnostic policy Service).Chyba 5: Přístup odepřen.."Tak prosím o kontrolu logu z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Labojovi at 2012-06-10 11:33:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 103 GB (68%) free of 153 GB
Total RAM: 4061 MB (66% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -switch-3be2f036c43042cdb03588591c9325c3
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\programy\avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {0EBA87B2-0537-4528-8586-CA21766CB0CD}
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\programy\Comodo\Dragon\dragon_updater.exe
taskeng.exe {BA481FA4-74BB-4FA1-802D-EA71D65340A7}
"C:\Program Files\Windows Sidebar\sidebar.exe"
"C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
KBFiltr.exe
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
WDC.exe
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"C:\programy\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Users\Labojovi\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\programy\avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
C:\Windows\system32\AUDIODG.EXE 0x49c
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5dde52c5-5ad9-4ca1-b65b-d7c30612c729 -SystemEventPortName:HostProcess-d5624db2-0930-4fc2-a296-2be6eab321a2 -IoCancelEventPortName:HostProcess-8f361ae3-8c8b-4f87-adc5-e31b938da465 -NonStateChangingEventPortName:HostProcess-9086be4d-7104-448e-9987-20ce0040b750 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bdbc790b-2c9b-4043-bdb6-e28a0438dabe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Users\Labojovi\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\system32\WININET.dll",DispatchAPICall 1

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Labojovi\AppData\Roaming\Mozilla\Firefox\Profiles\ttrgmg6a.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.19"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

C:\programy\firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\programy\firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\programy\firefox\plugins\
npnul32.dll

C:\programy\firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\programy\avast\aswWebRepIE64.dll [2011-11-28 963064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\programy\avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-02-19 1337648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\programy\avast\aswWebRepIE64.dll [2011-11-28 963064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\programy\avast\aswWebRepIE.dll [2011-11-28 809040]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2011-02-28 1048888]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-02-19 1337648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 2185032]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-09-12 17351304]
"DAEMON Tools Lite"=C:\programy\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"ICQ"=~C:\Program Files (x86)\ICQ7.7\ICQ.exe silent loginmode=4 []
"msnmsgr"=~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background []
"Facebook Update"=C:\Users\Labojovi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-13 137536]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
"avast"=C:\programy\avast\avastUI.exe [2011-11-28 3744552]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-03-20 1564368]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-02-16 114992]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-02-26 295728]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2009-10-06 72248]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-10-06 3054136]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe
tmchlang.lnk - C:\Program Files\Trend Micro\Internet Security\TmChLang.exe

C:\Users\Labojovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Labojovi\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-06-10 11:33:28 ----D---- C:\rsit
2012-06-10 11:33:28 ----D---- C:\Program Files\trend micro
2012-05-18 09:30:03 ----SHD---- C:\Config.Msi
2012-05-13 11:58:06 ----D---- C:\Program Files\Microsoft Silverlight
2012-05-13 11:58:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight

======List of files/folders modified in the last 1 month======

2012-06-10 11:33:28 ----RD---- C:\Program Files
2012-06-10 11:33:24 ----D---- C:\Windows\Temp
2012-06-10 11:16:31 ----D---- C:\Windows\system32\config
2012-06-10 11:16:23 ----D---- C:\Windows\system32\Tasks
2012-06-10 11:15:53 ----D---- C:\Windows\Tasks
2012-06-10 11:15:52 ----D---- C:\Windows\system32\wbem
2012-06-10 11:15:52 ----D---- C:\Windows
2012-06-10 11:15:17 ----D---- C:\Windows\SYSWOW64\Fast Boot
2012-06-10 11:15:17 ----D---- C:\Windows\system32\Msdtc
2012-06-10 11:15:17 ----D---- C:\Windows\system32\DriverStore
2012-06-10 11:15:17 ----D---- C:\Windows\System32
2012-06-10 11:15:15 ----D---- C:\Windows\system32\catroot2
2012-06-10 11:15:15 ----D---- C:\Windows\security
2012-06-10 11:15:15 ----D---- C:\Windows\registration
2012-06-10 11:15:15 ----D---- C:\Windows\inf
2012-06-10 11:15:15 ----D---- C:\ProgramData\P4G
2012-06-10 11:15:08 ----SD---- C:\ProgramData\Microsoft
2012-06-10 11:13:20 ----SHD---- C:\System Volume Information
2012-06-09 19:31:28 ----D---- C:\Windows\Prefetch
2012-06-09 18:44:53 ----D---- C:\Users\Labojovi\AppData\Roaming\Skype
2012-06-09 17:40:43 ----D---- C:\Windows\system32\FxsTmp
2012-06-07 20:28:24 ----D---- C:\Users\Labojovi\AppData\Roaming\ICQ
2012-06-07 19:32:02 ----D---- C:\ProgramData\CanonIJPLM
2012-06-05 18:42:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-04 21:21:22 ----D---- C:\Windows\system32\catroot
2012-06-02 16:15:27 ----HD---- C:\ProgramData
2012-05-28 10:46:33 ----D---- C:\Users\Labojovi\AppData\Roaming\Mozilla
2012-05-28 10:46:25 ----D---- C:\programy
2012-05-28 10:46:05 ----RD---- C:\Program Files (x86)
2012-05-25 12:38:54 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2012-05-24 19:40:09 ----D---- C:\ProgramData\ICQ
2012-05-23 06:07:09 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-05-22 10:58:41 ----D---- C:\Windows\system32\NDF
2012-05-21 22:09:18 ----SHD---- C:\Windows\Installer
2012-05-21 12:29:01 ----D---- C:\Windows\SysWOW64
2012-05-21 08:23:24 ----D---- C:\Windows\system32\wfp
2012-05-21 08:22:41 ----SD---- C:\Users\Labojovi\AppData\Roaming\Microsoft
2012-05-21 08:22:41 ----D---- C:\Windows\AppCompat
2012-05-21 08:22:39 ----D---- C:\Program Files (x86)\Microsoft Office
2012-05-16 22:57:15 ----D---- C:\Windows\tracing
2012-05-13 12:09:52 ----D---- C:\Windows\winsxs
2012-05-13 11:51:50 ----D---- C:\Program Files (x86)\Windows Live
2012-05-11 08:05:19 ----D---- C:\Windows\Microsoft.NET
2012-05-11 08:05:18 ----RSD---- C:\Windows\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 304472]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-29 279616]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2012-03-23 33344]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-15 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\programy\avast\AvastSvc.exe [2011-11-28 44768]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 DragonUpdater;COMODO Dragon Update Service; C:\programy\Comodo\Dragon\dragon_updater.exe [2012-05-29 412304]
R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-03-20 1564368]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2011-02-28 247096]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-30 1255736]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 10 čer 2012 10:47

Zdravím!
Pro jistotu dejte log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Pitrs56 · #3 Příspěvek od **Pitrs56** » 10 čer 2012 11:22

Takže zde přikládám log s ComboFixu..Dělalo to asi 30 minut..
Po kontrole jsem zkoušel spustit služby,jestli už pujde zapnout DPS a napsalo mi:
"C:\Windows\system32\services.msc
Pokus použít neplatnou operaci na klíš registru,který je označen pro odstranění"

ComboFix 12-06-09.02 - Labojovi 10.06.2012 11:52:37.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4061.2626 [GMT 2:00]
Spuštěný z: c:\users\Labojovi\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
C:\uninstall.exe
c:\windows\SysWow64\DEBUG.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-10 do 2012-06-10 )))))))))))))))))))))))))))))))
.
.
2012-06-10 10:02 . 2012-06-10 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-10 09:33 . 2012-06-10 09:33 -------- d-----w- C:\rsit
2012-06-10 09:33 . 2012-06-10 09:33 -------- d-----w- c:\program files\trend micro
2012-06-09 08:24 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2A0D00EB-2723-43F4-90E9-69B19BB76AE9}\mpengine.dll
2012-05-13 09:58 . 2012-05-13 09:58 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-13 09:58 . 2012-05-13 09:58 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-31 06:05 . 2012-05-10 06:25 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 04:39 . 2012-05-10 06:25 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-10 06:25 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10 . 2012-05-10 06:25 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 11:35 . 2012-05-10 06:23 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-23 17:19 . 2012-03-23 17:19 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2012-03-17 07:58 . 2012-05-10 06:24 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2012-02-19 130864]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-02-19 12:46 1337648 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-02-19 1337648]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-09-12 17351304]
"DAEMON Tools Lite"="c:\programy\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"Facebook Update"="c:\users\Labojovi\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-04-13 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"avast"="c:\programy\avast\avastUI.exe" [2011-11-28 3744552]
"Guard.Mail.ru.gui"="c:\program files (x86)\Guard-ICQ\GuardICQ.exe" [2012-03-20 1564368]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-02-16 114992]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-02-26 295728]
.
c:\users\Labojovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Labojovi\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe [2012-5-17 200704]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2009-10-6 12862]
tmchlang.lnk - c:\program files\Trend Micro\Internet Security\TmChLang.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-28 00:10 35696 ----a-w- c:\program files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-10-06 09:32 72248 ----a-w- c:\windows\AsScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-10-06 09:32 3054136 ----a-w- c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52 104936 ----a-w- c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 DragonUpdater;COMODO Dragon Update Service;c:\programy\Comodo\Dragon\dragon_updater.exe [2012-05-29 412304]
S2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
S2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Guard-ICQ\GuardICQ.exe [2012-03-20 1564368]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1001Core.job
- c:\users\Labojovi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-13 16:23]
.
2012-06-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1001UA.job
- c:\users\Labojovi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-13 16:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\programy\avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 2185032]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://home.sweetim.com/?st=1&barid={7F98E032-9852-46F6-8988-789B5C995823}
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://home.sweetim.com/?st=1&barid={7F98E032-9852-46F6-8988-789B5C995823}
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{7F540C33-BD95-4B19-9C5E-E8A441441705}: NameServer = 10.0.31.254,80.82.144.242
FF - ProfilePath - c:\users\Labojovi\AppData\Roaming\Mozilla\Firefox\Profiles\ttrgmg6a.default\
FF - prefs.js: browser.startup.homepage - http://www.seznam.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programy\firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-ICQ - ~c:\program files (x86)\ICQ7.7\ICQ.exe
Wow6432Node-HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
Toolbar-Locked - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\programy\avast\AvastSvc.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Celkový čas: 2012-06-10 12:19:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-06-10 10:19
.
Před spuštěním: Volných bajtů: 108 274 597 888
Po spuštění: Volných bajtů: 109 990 531 072
.
- - End Of File - - 53CADA8FDF6F9F230473942917C10FEE

#4 Příspěvek od **Rudy** » 10 čer 2012 11:45

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder:
c:\program files (x86)\SweetIM
c:\users\Labojovi\AppData\Local\Facebook\Update

File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1001UA.job

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=-
"Sweetpacks Communicator"=-

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Pitrs56 · #5 Příspěvek od **Pitrs56** » 10 čer 2012 12:36

ComboFix 12-06-09.02 - Labojovi 10.06.2012 13:08:08.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4061.2780 [GMT 2:00]
Spuštěný z: c:\users\Labojovi\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Labojovi\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1001UA.job
.
c:\windows\SysWow64\drivers\ntfs.sys . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-10 do 2012-06-10 )))))))))))))))))))))))))))))))
.
.
2012-06-10 11:25 . 2012-06-10 11:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-10 09:33 . 2012-06-10 09:33 -------- d-----w- C:\rsit
2012-06-10 09:33 . 2012-06-10 09:33 -------- d-----w- c:\program files\trend micro
2012-06-09 08:24 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2A0D00EB-2723-43F4-90E9-69B19BB76AE9}\mpengine.dll
2012-05-13 09:58 . 2012-05-13 09:58 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-13 09:58 . 2012-05-13 09:58 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-31 06:05 . 2012-05-10 06:25 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 04:39 . 2012-05-10 06:25 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-10 06:25 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10 . 2012-05-10 06:25 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 11:35 . 2012-05-10 06:23 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-23 17:19 . 2012-03-23 17:19 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2012-03-17 07:58 . 2012-05-10 06:24 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-10_10.06.04 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-06-10 10:04 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-06-10 11:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-06-10 10:04 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-10 11:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-29 07:36 . 2012-06-10 10:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-29 07:36 . 2012-06-10 11:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-29 07:36 . 2012-06-10 11:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-29 07:36 . 2012-06-10 10:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-06-10 10:04 . 2012-06-10 10:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-10 11:25 . 2012-06-10 11:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-10 11:25 . 2012-06-10 11:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-06-10 10:04 . 2012-06-10 10:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-01-29 21:59 . 2012-06-10 09:16 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2012-01-29 21:59 . 2012-06-10 11:05 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:54 . 2012-06-10 11:26 344064 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-10 10:04 344064 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 05:01 . 2012-06-10 11:25 387992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-06-10 10:03 387992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-09-12 17351304]
"DAEMON Tools Lite"="c:\programy\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"avast"="c:\programy\avast\avastUI.exe" [2011-11-28 3744552]
"Guard.Mail.ru.gui"="c:\program files (x86)\Guard-ICQ\GuardICQ.exe" [2012-03-20 1564368]
.
c:\users\Labojovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Labojovi\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe [2012-5-17 200704]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2009-10-6 12862]
tmchlang.lnk - c:\program files\Trend Micro\Internet Security\TmChLang.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-28 00:10 35696 ----a-w- c:\program files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-10-06 09:32 72248 ----a-w- c:\windows\AsScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-10-06 09:32 3054136 ----a-w- c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52 104936 ----a-w- c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 DragonUpdater;COMODO Dragon Update Service;c:\programy\Comodo\Dragon\dragon_updater.exe [2012-05-29 412304]
S2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
S2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Guard-ICQ\GuardICQ.exe [2012-03-20 1564368]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\programy\avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 2185032]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://home.sweetim.com/?st=1&barid={7F98E032-9852-46F6-8988-789B5C995823}
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://home.sweetim.com/?st=1&barid={7F98E032-9852-46F6-8988-789B5C995823}
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{7F540C33-BD95-4B19-9C5E-E8A441441705}: NameServer = 10.0.31.254,80.82.144.242
FF - ProfilePath - c:\users\Labojovi\AppData\Roaming\Mozilla\Firefox\Profiles\ttrgmg6a.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programy\firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\programy\avast\AvastSvc.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\ASUS Live Update\ALU.exe
.
**************************************************************************
.
Celkový čas: 2012-06-10 13:30:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-06-10 11:30
ComboFix2.txt 2012-06-10 10:19
.
Před spuštěním: Volných bajtů: 109 764 456 448
Po spuštění: Volných bajtů: 109 450 448 896
.
- - End Of File - - 5144F04CEBDE27D1E885658733459715

#6 Příspěvek od **Rudy** » 10 čer 2012 16:27

Stáhněte, robalte a spusťte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip . Nechte pracovat a pak sem zkopírujte log.

Pitrs56 · #7 Příspěvek od **Pitrs56** » 10 čer 2012 16:32

17:30:04.0637 0412 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
17:30:04.0778 0412 ============================================================
17:30:04.0778 0412 Current date / time: 2012/06/10 17:30:04.0778
17:30:04.0778 0412 SystemInfo:
17:30:04.0778 0412
17:30:04.0778 0412 OS Version: 6.1.7601 ServicePack: 1.0
17:30:04.0778 0412 Product type: Workstation
17:30:04.0778 0412 ComputerName: LABOJOVI-PC
17:30:04.0778 0412 UserName: Labojovi
17:30:04.0778 0412 Windows directory: C:\Windows
17:30:04.0778 0412 System windows directory: C:\Windows
17:30:04.0778 0412 Running under WOW64
17:30:04.0778 0412 Processor architecture: Intel x64
17:30:04.0778 0412 Number of processors: 2
17:30:04.0778 0412 Page size: 0x1000
17:30:04.0778 0412 Boot type: Normal boot
17:30:04.0778 0412 ============================================================
17:30:05.0386 0412 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:30:05.0386 0412 Drive \Device\Harddisk1\DR1 - Size: 0xEED00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:30:05.0386 0412 ============================================================
17:30:05.0386 0412 \Device\Harddisk0\DR0:
17:30:05.0386 0412 MBR partitions:
17:30:05.0386 0412 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1D4B000, BlocksNum 0x12A18C39
17:30:05.0417 0412 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14763C78, BlocksNum 0x10CC9A49
17:30:05.0417 0412 \Device\Harddisk1\DR1:
17:30:05.0417 0412 MBR partitions:
17:30:05.0417 0412 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0xC40, BlocksNum 0x775BC0
17:30:05.0417 0412 ============================================================
17:30:05.0449 0412 C: <-> \Device\Harddisk0\DR0\Partition0
17:30:05.0480 0412 D: <-> \Device\Harddisk0\DR0\Partition1
17:30:05.0480 0412 ============================================================
17:30:05.0480 0412 Initialize success
17:30:05.0480 0412 ============================================================
17:30:07.0087 2956 ============================================================
17:30:07.0087 2956 Scan started
17:30:07.0087 2956 Mode: Manual;
17:30:07.0087 2956 ============================================================
17:30:07.0882 2956 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:30:07.0898 2956 1394ohci - ok
17:30:07.0945 2956 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:30:07.0960 2956 ACPI - ok
17:30:08.0007 2956 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:30:08.0007 2956 AcpiPmi - ok
17:30:08.0069 2956 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:30:08.0101 2956 adp94xx - ok
17:30:08.0116 2956 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:30:08.0132 2956 adpahci - ok
17:30:08.0147 2956 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:30:08.0163 2956 adpu320 - ok
17:30:08.0194 2956 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:30:08.0194 2956 AeLookupSvc - ok
17:30:08.0257 2956 AFBAgent (114c042ff784b4c5670290a661799357) C:\Windows\system32\FBAgent.exe
17:30:08.0272 2956 AFBAgent - ok
17:30:08.0397 2956 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:30:08.0413 2956 AFD - ok
17:30:08.0459 2956 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:30:08.0475 2956 agp440 - ok
17:30:08.0522 2956 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:30:08.0522 2956 ALG - ok
17:30:08.0569 2956 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:30:08.0584 2956 aliide - ok
17:30:08.0600 2956 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:30:08.0600 2956 amdide - ok
17:30:08.0647 2956 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:30:08.0647 2956 AmdK8 - ok
17:30:08.0662 2956 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:30:08.0678 2956 AmdPPM - ok
17:30:08.0709 2956 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:30:08.0709 2956 amdsata - ok
17:30:08.0740 2956 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:30:08.0756 2956 amdsbs - ok
17:30:08.0771 2956 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:30:08.0787 2956 amdxata - ok
17:30:08.0818 2956 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
17:30:08.0818 2956 AmUStor - ok
17:30:08.0881 2956 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:30:08.0881 2956 AppID - ok
17:30:08.0912 2956 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:30:08.0912 2956 AppIDSvc - ok
17:30:08.0974 2956 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:30:08.0990 2956 Appinfo - ok
17:30:09.0083 2956 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:30:09.0083 2956 arc - ok
17:30:09.0099 2956 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:30:09.0115 2956 arcsas - ok
17:30:09.0208 2956 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
17:30:09.0208 2956 ASLDRService - ok
17:30:09.0317 2956 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
17:30:09.0317 2956 ASMMAP64 - ok
17:30:09.0349 2956 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
17:30:09.0349 2956 aswFsBlk - ok
17:30:09.0442 2956 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
17:30:09.0442 2956 aswMonFlt - ok
17:30:09.0458 2956 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
17:30:09.0458 2956 aswRdr - ok
17:30:09.0520 2956 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
17:30:09.0520 2956 aswSnx - ok
17:30:09.0551 2956 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
17:30:09.0551 2956 aswSP - ok
17:30:09.0583 2956 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
17:30:09.0583 2956 aswTdi - ok
17:30:09.0645 2956 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:30:09.0645 2956 AsyncMac - ok
17:30:09.0707 2956 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:30:09.0707 2956 atapi - ok
17:30:09.0910 2956 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
17:30:09.0988 2956 athr - ok
17:30:10.0097 2956 ATKGFNEXSrv (7c157574a181b19b9dcf5f339e25337e) C:\Program Files\ATKGFNEX\GFNEXSrv.exe
17:30:10.0097 2956 ATKGFNEXSrv - ok
17:30:10.0269 2956 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:30:10.0316 2956 AudioEndpointBuilder - ok
17:30:10.0331 2956 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:30:10.0331 2956 AudioSrv - ok
17:30:10.0409 2956 avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\programy\avast\AvastSvc.exe
17:30:10.0425 2956 avast! Antivirus - ok
17:30:10.0503 2956 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:30:10.0503 2956 AxInstSV - ok
17:30:10.0612 2956 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:30:10.0643 2956 b06bdrv - ok
17:30:10.0706 2956 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:30:10.0706 2956 b57nd60a - ok
17:30:10.0846 2956 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:30:10.0846 2956 BBSvc - ok
17:30:10.0924 2956 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:30:10.0924 2956 BBUpdate - ok
17:30:10.0987 2956 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:30:11.0002 2956 BDESVC - ok
17:30:11.0049 2956 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:30:11.0049 2956 Beep - ok
17:30:11.0174 2956 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:30:11.0221 2956 BFE - ok
17:30:11.0267 2956 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
17:30:11.0314 2956 BITS - ok
17:30:11.0408 2956 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:30:11.0408 2956 blbdrive - ok
17:30:11.0439 2956 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:30:11.0439 2956 bowser - ok
17:30:11.0486 2956 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:30:11.0486 2956 BrFiltLo - ok
17:30:11.0517 2956 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:30:11.0517 2956 BrFiltUp - ok
17:30:11.0595 2956 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:30:11.0595 2956 BridgeMP - ok
17:30:11.0626 2956 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:30:11.0642 2956 Browser - ok
17:30:11.0673 2956 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:30:11.0689 2956 Brserid - ok
17:30:11.0720 2956 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:30:11.0720 2956 BrSerWdm - ok
17:30:11.0767 2956 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:30:11.0767 2956 BrUsbMdm - ok
17:30:11.0782 2956 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:30:11.0782 2956 BrUsbSer - ok
17:30:11.0829 2956 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:30:11.0829 2956 BTHMODEM - ok
17:30:11.0891 2956 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:30:11.0891 2956 bthserv - ok
17:30:11.0969 2956 catchme - ok
17:30:12.0001 2956 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:30:12.0016 2956 cdfs - ok
17:30:12.0079 2956 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
17:30:12.0079 2956 cdrom - ok
17:30:12.0172 2956 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:30:12.0172 2956 CertPropSvc - ok
17:30:12.0235 2956 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:30:12.0235 2956 circlass - ok
17:30:12.0281 2956 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:30:12.0297 2956 CLFS - ok
17:30:12.0375 2956 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:30:12.0375 2956 clr_optimization_v2.0.50727_32 - ok
17:30:12.0422 2956 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:30:12.0437 2956 clr_optimization_v2.0.50727_64 - ok
17:30:12.0515 2956 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:30:12.0531 2956 clr_optimization_v4.0.30319_32 - ok
17:30:12.0562 2956 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:30:12.0562 2956 clr_optimization_v4.0.30319_64 - ok
17:30:12.0625 2956 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:30:12.0625 2956 CmBatt - ok
17:30:12.0656 2956 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:30:12.0656 2956 cmdide - ok
17:30:12.0718 2956 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:30:12.0749 2956 CNG - ok
17:30:12.0796 2956 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:30:12.0812 2956 Compbatt - ok
17:30:12.0874 2956 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:30:12.0874 2956 CompositeBus - ok
17:30:12.0890 2956 COMSysApp - ok
17:30:12.0921 2956 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:30:12.0921 2956 crcdisk - ok
17:30:12.0983 2956 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
17:30:12.0999 2956 CryptSvc - ok
17:30:13.0061 2956 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:30:13.0093 2956 DcomLaunch - ok
17:30:13.0139 2956 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:30:13.0155 2956 defragsvc - ok
17:30:13.0186 2956 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:30:13.0186 2956 DfsC - ok
17:30:13.0264 2956 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:30:13.0280 2956 Dhcp - ok
17:30:13.0311 2956 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:30:13.0311 2956 discache - ok
17:30:13.0358 2956 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:30:13.0358 2956 Disk - ok
17:30:13.0420 2956 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:30:13.0436 2956 Dnscache - ok
17:30:13.0483 2956 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:30:13.0483 2956 dot3svc - ok
17:30:13.0514 2956 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:30:13.0514 2956 DPS - ok
17:30:13.0685 2956 DragonUpdater (90e9a0cbc4779a7f20a963c0ba7219b2) C:\programy\Comodo\Dragon\dragon_updater.exe
17:30:13.0701 2956 DragonUpdater - ok
17:30:13.0748 2956 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:30:13.0748 2956 drmkaud - ok
17:30:13.0810 2956 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:30:13.0810 2956 dtsoftbus01 - ok
17:30:13.0888 2956 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:30:13.0888 2956 DXGKrnl - ok
17:30:13.0966 2956 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:30:13.0982 2956 EapHost - ok
17:30:14.0153 2956 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:30:14.0247 2956 ebdrv - ok
17:30:14.0341 2956 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:30:14.0356 2956 EFS - ok
17:30:14.0434 2956 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:30:14.0465 2956 ehRecvr - ok
17:30:14.0481 2956 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:30:14.0481 2956 ehSched - ok
17:30:14.0621 2956 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:30:14.0653 2956 elxstor - ok
17:30:14.0684 2956 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:30:14.0684 2956 ErrDev - ok
17:30:14.0746 2956 ETD (5cd1005b9bc241c3ab8501d5fbf09fd4) C:\Windows\system32\DRIVERS\ETD.sys
17:30:14.0746 2956 ETD - ok
17:30:14.0809 2956 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:30:14.0824 2956 EventSystem - ok
17:30:14.0871 2956 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:30:14.0871 2956 exfat - ok
17:30:14.0980 2956 FastBootAgent (8c89f06dbc239492e0aaaa0b0d8645ea) C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
17:30:14.0996 2956 FastBootAgent - ok
17:30:15.0027 2956 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:30:15.0043 2956 fastfat - ok
17:30:15.0121 2956 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:30:15.0152 2956 Fax - ok
17:30:15.0214 2956 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:30:15.0214 2956 fdc - ok
17:30:15.0261 2956 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:30:15.0277 2956 fdPHost - ok
17:30:15.0308 2956 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:30:15.0308 2956 FDResPub - ok
17:30:15.0323 2956 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:30:15.0339 2956 FileInfo - ok
17:30:15.0355 2956 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:30:15.0355 2956 Filetrace - ok
17:30:15.0401 2956 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:30:15.0401 2956 flpydisk - ok
17:30:15.0448 2956 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:30:15.0448 2956 FltMgr - ok
17:30:15.0542 2956 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:30:15.0589 2956 FontCache - ok
17:30:15.0651 2956 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:30:15.0651 2956 FontCache3.0.0.0 - ok
17:30:15.0729 2956 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:30:15.0729 2956 FsDepends - ok
17:30:15.0776 2956 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
17:30:15.0776 2956 fssfltr - ok
17:30:15.0901 2956 fsssvc (f6717211c1ec2cddaa81b97b0727c2e9) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:30:15.0916 2956 fsssvc - ok
17:30:15.0947 2956 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:30:15.0947 2956 Fs_Rec - ok
17:30:16.0010 2956 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:30:16.0025 2956 fvevol - ok
17:30:16.0057 2956 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:30:16.0057 2956 gagp30kx - ok
17:30:16.0119 2956 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:30:16.0150 2956 gpsvc - ok
17:30:16.0306 2956 Guard.Mail.ru (e859ca020ed61899f3c74a8d0032d05c) C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
17:30:16.0322 2956 Guard.Mail.ru - ok
17:30:16.0493 2956 hamachi (f8f0851d336c3b88dbd7232b6348e09a) C:\Windows\system32\DRIVERS\hamachi.sys
17:30:16.0493 2956 hamachi - ok
17:30:16.0525 2956 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:30:16.0525 2956 hcw85cir - ok
17:30:16.0603 2956 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:30:16.0618 2956 HdAudAddService - ok
17:30:16.0665 2956 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:30:16.0665 2956 HDAudBus - ok
17:30:16.0712 2956 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:30:16.0712 2956 HidBatt - ok
17:30:16.0727 2956 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:30:16.0759 2956 HidBth - ok
17:30:16.0774 2956 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:30:16.0774 2956 HidIr - ok
17:30:16.0837 2956 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
17:30:16.0837 2956 hidserv - ok
17:30:16.0868 2956 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:30:16.0868 2956 HidUsb - ok
17:30:16.0899 2956 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:30:16.0915 2956 hkmsvc - ok
17:30:16.0946 2956 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:30:16.0946 2956 HomeGroupListener - ok
17:30:16.0993 2956 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:30:17.0008 2956 HomeGroupProvider - ok
17:30:17.0039 2956 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:30:17.0039 2956 HpSAMD - ok
17:30:17.0102 2956 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:30:17.0133 2956 HTTP - ok
17:30:17.0164 2956 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:30:17.0164 2956 hwpolicy - ok
17:30:17.0242 2956 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:30:17.0242 2956 i8042prt - ok
17:30:17.0305 2956 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
17:30:17.0305 2956 iaStor - ok
17:30:17.0383 2956 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:30:17.0398 2956 iaStorV - ok
17:30:17.0539 2956 ICQ Service (2716367ab53f81da8e3a98bf6fbb7e58) C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
17:30:17.0539 2956 ICQ Service - ok
17:30:17.0648 2956 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:30:17.0695 2956 idsvc - ok
17:30:18.0225 2956 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:30:18.0490 2956 igfx - ok
17:30:18.0615 2956 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:30:18.0615 2956 iirsp - ok
17:30:18.0740 2956 IJPLMSVC (a06efd4965f8a3f97a8c9a291d032678) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
17:30:18.0740 2956 IJPLMSVC - ok
17:30:18.0833 2956 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:30:18.0896 2956 IKEEXT - ok
17:30:18.0927 2956 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:30:18.0927 2956 intelide - ok
17:30:18.0974 2956 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:30:18.0974 2956 intelppm - ok
17:30:19.0005 2956 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:30:19.0021 2956 IPBusEnum - ok
17:30:19.0052 2956 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:30:19.0052 2956 IpFilterDriver - ok
17:30:19.0099 2956 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:30:19.0145 2956 iphlpsvc - ok
17:30:19.0177 2956 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:30:19.0177 2956 IPMIDRV - ok
17:30:19.0239 2956 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:30:19.0255 2956 IPNAT - ok
17:30:19.0301 2956 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:30:19.0301 2956 IRENUM - ok
17:30:19.0317 2956 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:30:19.0333 2956 isapnp - ok
17:30:19.0364 2956 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:30:19.0379 2956 iScsiPrt - ok
17:30:19.0411 2956 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
17:30:19.0411 2956 kbdclass - ok
17:30:19.0442 2956 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:30:19.0442 2956 kbdhid - ok
17:30:19.0489 2956 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
17:30:19.0489 2956 kbfiltr - ok
17:30:19.0535 2956 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:30:19.0535 2956 KeyIso - ok
17:30:19.0567 2956 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:30:19.0567 2956 KSecDD - ok
17:30:19.0598 2956 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:30:19.0598 2956 KSecPkg - ok
17:30:19.0676 2956 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:30:19.0676 2956 ksthunk - ok
17:30:19.0754 2956 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:30:19.0769 2956 KtmRm - ok
17:30:19.0832 2956 L1E (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys
17:30:19.0832 2956 L1E - ok
17:30:19.0925 2956 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
17:30:19.0941 2956 LanmanServer - ok
17:30:19.0972 2956 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:30:19.0988 2956 LanmanWorkstation - ok
17:30:20.0050 2956 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:30:20.0050 2956 lltdio - ok
17:30:20.0128 2956 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:30:20.0144 2956 lltdsvc - ok
17:30:20.0175 2956 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:30:20.0175 2956 lmhosts - ok
17:30:20.0237 2956 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:30:20.0237 2956 LSI_FC - ok
17:30:20.0269 2956 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:30:20.0284 2956 LSI_SAS - ok
17:30:20.0331 2956 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:30:20.0331 2956 LSI_SAS2 - ok
17:30:20.0362 2956 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:30:20.0393 2956 LSI_SCSI - ok
17:30:20.0409 2956 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:30:20.0409 2956 luafv - ok
17:30:20.0456 2956 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
17:30:20.0456 2956 lullaby - ok
17:30:20.0487 2956 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:30:20.0503 2956 Mcx2Svc - ok
17:30:20.0534 2956 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:30:20.0534 2956 megasas - ok
17:30:20.0565 2956 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:30:20.0581 2956 MegaSR - ok
17:30:20.0612 2956 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:30:20.0612 2956 MMCSS - ok
17:30:20.0627 2956 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:30:20.0627 2956 Modem - ok
17:30:20.0690 2956 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:30:20.0690 2956 monitor - ok
17:30:20.0737 2956 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:30:20.0737 2956 mouclass - ok
17:30:20.0799 2956 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:30:20.0799 2956 mouhid - ok
17:30:20.0830 2956 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:30:20.0830 2956 mountmgr - ok
17:30:20.0877 2956 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:30:20.0877 2956 mpio - ok
17:30:20.0908 2956 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:30:20.0908 2956 mpsdrv - ok
17:30:20.0986 2956 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:30:21.0049 2956 MpsSvc - ok
17:30:21.0080 2956 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:30:21.0080 2956 MRxDAV - ok
17:30:21.0127 2956 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:30:21.0127 2956 mrxsmb - ok
17:30:21.0158 2956 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:30:21.0158 2956 mrxsmb10 - ok
17:30:21.0189 2956 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:30:21.0189 2956 mrxsmb20 - ok
17:30:21.0220 2956 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:30:21.0220 2956 msahci - ok
17:30:21.0267 2956 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:30:21.0267 2956 msdsm - ok
17:30:21.0314 2956 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:30:21.0314 2956 MSDTC - ok
17:30:21.0376 2956 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:30:21.0376 2956 Msfs - ok
17:30:21.0392 2956 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:30:21.0392 2956 mshidkmdf - ok
17:30:21.0423 2956 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:30:21.0423 2956 msisadrv - ok
17:30:21.0485 2956 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:30:21.0485 2956 MSiSCSI - ok
17:30:21.0501 2956 msiserver - ok
17:30:21.0548 2956 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:30:21.0548 2956 MSKSSRV - ok
17:30:21.0579 2956 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:30:21.0579 2956 MSPCLOCK - ok
17:30:21.0595 2956 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:30:21.0595 2956 MSPQM - ok
17:30:21.0657 2956 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:30:21.0673 2956 MsRPC - ok
17:30:21.0704 2956 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:30:21.0704 2956 mssmbios - ok
17:30:21.0766 2956 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:30:21.0766 2956 MSTEE - ok
17:30:21.0782 2956 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:30:21.0782 2956 MTConfig - ok
17:30:21.0844 2956 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
17:30:21.0844 2956 MTsensor - ok
17:30:21.0875 2956 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:30:21.0875 2956 Mup - ok
17:30:21.0922 2956 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:30:21.0938 2956 napagent - ok
17:30:22.0000 2956 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:30:22.0016 2956 NativeWifiP - ok
17:30:22.0109 2956 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:30:22.0172 2956 NDIS - ok
17:30:22.0234 2956 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:30:22.0234 2956 NdisCap - ok
17:30:22.0281 2956 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:30:22.0281 2956 NdisTapi - ok
17:30:22.0328 2956 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:30:22.0343 2956 Ndisuio - ok
17:30:22.0375 2956 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:30:22.0375 2956 NdisWan - ok
17:30:22.0421 2956 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:30:22.0421 2956 NDProxy - ok
17:30:22.0453 2956 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:30:22.0468 2956 NetBIOS - ok
17:30:22.0499 2956 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:30:22.0499 2956 NetBT - ok
17:30:22.0546 2956 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:30:22.0546 2956 Netlogon - ok
17:30:22.0624 2956 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:30:22.0640 2956 Netman - ok
17:30:22.0687 2956 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:30:22.0702 2956 netprofm - ok
17:30:22.0796 2956 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:30:22.0796 2956 NetTcpPortSharing - ok
17:30:22.0827 2956 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:30:22.0827 2956 nfrd960 - ok
17:30:22.0874 2956 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:30:22.0905 2956 NlaSvc - ok
17:30:22.0921 2956 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:30:22.0921 2956 Npfs - ok
17:30:22.0952 2956 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:30:22.0952 2956 nsi - ok
17:30:22.0983 2956 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:30:22.0983 2956 nsiproxy - ok
17:30:23.0108 2956 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:30:23.0186 2956 Ntfs - ok
17:30:23.0279 2956 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:30:23.0279 2956 Null - ok
17:30:23.0342 2956 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:30:23.0342 2956 nvraid - ok
17:30:23.0404 2956 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:30:23.0404 2956 nvstor - ok
17:30:23.0435 2956 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:30:23.0435 2956 nv_agp - ok
17:30:23.0482 2956 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:30:23.0482 2956 ohci1394 - ok
17:30:23.0576 2956 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:30:23.0576 2956 ose - ok
17:30:23.0623 2956 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:30:23.0623 2956 p2pimsvc - ok
17:30:23.0685 2956 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:30:23.0716 2956 p2psvc - ok
17:30:23.0747 2956 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:30:23.0747 2956 Parport - ok
17:30:23.0779 2956 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:30:23.0779 2956 partmgr - ok
17:30:23.0810 2956 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:30:23.0825 2956 PcaSvc - ok
17:30:23.0872 2956 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:30:23.0872 2956 pci - ok
17:30:23.0888 2956 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:30:23.0888 2956 pciide - ok
17:30:23.0950 2956 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:30:23.0950 2956 pcmcia - ok
17:30:23.0981 2956 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:30:23.0981 2956 pcw - ok
17:30:24.0028 2956 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:30:24.0106 2956 PEAUTH - ok
17:30:24.0184 2956 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:30:24.0184 2956 PerfHost - ok
17:30:24.0293 2956 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:30:24.0371 2956 pla - ok
17:30:24.0434 2956 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:30:24.0449 2956 PlugPlay - ok
17:30:24.0481 2956 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:30:24.0481 2956 PNRPAutoReg - ok
17:30:24.0527 2956 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:30:24.0527 2956 PNRPsvc - ok
17:30:24.0590 2956 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:30:24.0621 2956 PolicyAgent - ok
17:30:24.0668 2956 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:30:24.0668 2956 Power - ok
17:30:24.0746 2956 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:30:24.0761 2956 PptpMiniport - ok
17:30:24.0793 2956 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:30:24.0793 2956 Processor - ok
17:30:24.0839 2956 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
17:30:24.0855 2956 ProfSvc - ok
17:30:24.0886 2956 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:30:24.0886 2956 ProtectedStorage - ok
17:30:24.0949 2956 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:30:24.0949 2956 Psched - ok
17:30:25.0058 2956 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:30:25.0120 2956 ql2300 - ok
17:30:25.0214 2956 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:30:25.0214 2956 ql40xx - ok
17:30:25.0276 2956 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:30:25.0292 2956 QWAVE - ok
17:30:25.0323 2956 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:30:25.0323 2956 QWAVEdrv - ok
17:30:25.0339 2956 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:30:25.0339 2956 RasAcd - ok
17:30:25.0401 2956 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:30:25.0401 2956 RasAgileVpn - ok
17:30:25.0432 2956 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:30:25.0448 2956 RasAuto - ok
17:30:25.0479 2956 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:30:25.0495 2956 Rasl2tp - ok
17:30:25.0541 2956 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:30:25.0541 2956 RasMan - ok
17:30:25.0588 2956 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:30:25.0588 2956 RasPppoe - ok
17:30:25.0604 2956 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:30:25.0619 2956 RasSstp - ok
17:30:25.0651 2956 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:30:25.0666 2956 rdbss - ok
17:30:25.0682 2956 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:30:25.0682 2956 rdpbus - ok
17:30:25.0713 2956 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:30:25.0713 2956 RDPCDD - ok
17:30:25.0760 2956 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:30:25.0775 2956 RDPENCDD - ok
17:30:25.0791 2956 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:30:25.0807 2956 RDPREFMP - ok
17:30:25.0838 2956 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
17:30:25.0838 2956 RDPWD - ok
17:30:25.0900 2956 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:30:25.0916 2956 rdyboost - ok
17:30:25.0978 2956 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:30:25.0994 2956 RemoteAccess - ok
17:30:26.0025 2956 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:30:26.0025 2956 RemoteRegistry - ok
17:30:26.0056 2956 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:30:26.0056 2956 RpcEptMapper - ok
17:30:26.0087 2956 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:30:26.0103 2956 RpcLocator - ok
17:30:26.0165 2956 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
17:30:26.0181 2956 RpcSs - ok
17:30:26.0243 2956 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:30:26.0243 2956 rspndr - ok
17:30:26.0275 2956 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:30:26.0275 2956 SamSs - ok
17:30:26.0321 2956 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:30:26.0321 2956 sbp2port - ok
17:30:26.0368 2956 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:30:26.0368 2956 SCardSvr - ok
17:30:26.0415 2956 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:30:26.0415 2956 scfilter - ok
17:30:26.0477 2956 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:30:26.0524 2956 Schedule - ok
17:30:26.0555 2956 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:30:26.0555 2956 SCPolicySvc - ok
17:30:26.0602 2956 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:30:26.0602 2956 SDRSVC - ok
17:30:26.0680 2956 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:30:26.0680 2956 secdrv - ok
17:30:26.0711 2956 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:30:26.0711 2956 seclogon - ok
17:30:26.0758 2956 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
17:30:26.0758 2956 SENS - ok
17:30:26.0789 2956 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:30:26.0789 2956 SensrSvc - ok
17:30:26.0836 2956 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:30:26.0852 2956 Serenum - ok
17:30:26.0899 2956 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:30:26.0914 2956 Serial - ok
17:30:26.0977 2956 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:30:26.0992 2956 sermouse - ok
17:30:27.0039 2956 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:30:27.0055 2956 SessionEnv - ok
17:30:27.0086 2956 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:30:27.0086 2956 sffdisk - ok
17:30:27.0117 2956 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:30:27.0117 2956 sffp_mmc - ok
17:30:27.0133 2956 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:30:27.0133 2956 sffp_sd - ok
17:30:27.0164 2956 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:30:27.0164 2956 sfloppy - ok
17:30:27.0242 2956 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:30:27.0257 2956 SharedAccess - ok
17:30:27.0304 2956 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:30:27.0335 2956 ShellHWDetection - ok
17:30:27.0382 2956 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
17:30:27.0398 2956 SiSGbeLH - ok
17:30:27.0413 2956 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:30:27.0413 2956 SiSRaid2 - ok
17:30:27.0429 2956 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:30:27.0429 2956 SiSRaid4 - ok
17:30:27.0476 2956 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:30:27.0491 2956 Smb - ok
17:30:27.0554 2956 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:30:27.0554 2956 SNMPTRAP - ok
17:30:27.0694 2956 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
17:30:27.0710 2956 SNP2UVC - ok
17:30:27.0819 2956 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:30:27.0819 2956 spldr - ok
17:30:27.0866 2956 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:30:27.0897 2956 Spooler - ok
17:30:28.0069 2956 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:30:28.0193 2956 sppsvc - ok
17:30:28.0303 2956 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:30:28.0303 2956 sppuinotify - ok
17:30:28.0365 2956 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:30:28.0381 2956 srv - ok
17:30:28.0427 2956 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:30:28.0443 2956 srv2 - ok
17:30:28.0474 2956 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:30:28.0474 2956 srvnet - ok
17:30:28.0537 2956 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:30:28.0552 2956 SSDPSRV - ok
17:30:28.0583 2956 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:30:28.0583 2956 SstpSvc - ok
17:30:28.0615 2956 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:30:28.0615 2956 stexstor - ok
17:30:28.0677 2956 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:30:28.0708 2956 stisvc - ok
17:30:28.0739 2956 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:30:28.0739 2956 swenum - ok
17:30:28.0802 2956 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:30:28.0817 2956 swprv - ok
17:30:28.0927 2956 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:30:28.0973 2956 SysMain - ok
17:30:29.0067 2956 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:30:29.0067 2956 TabletInputService - ok
17:30:29.0129 2956 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:30:29.0145 2956 TapiSrv - ok
17:30:29.0176 2956 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:30:29.0192 2956 TBS - ok
17:30:29.0363 2956 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:30:29.0410 2956 Tcpip - ok
17:30:29.0644 2956 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:30:29.0660 2956 TCPIP6 - ok
17:30:29.0800 2956 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:30:29.0816 2956 tcpipreg - ok
17:30:29.0863 2956 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:30:29.0878 2956 TDPIPE - ok
17:30:29.0925 2956 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:30:29.0925 2956 TDTCP - ok
17:30:29.0956 2956 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:30:29.0956 2956 tdx - ok
17:30:30.0003 2956 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:30:30.0003 2956 TermDD - ok
17:30:30.0050 2956 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:30:30.0081 2956 TermService - ok
17:30:30.0128 2956 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:30:30.0128 2956 Themes - ok
17:30:30.0175 2956 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:30:30.0175 2956 THREADORDER - ok
17:30:30.0206 2956 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:30:30.0221 2956 TrkWks - ok
17:30:30.0268 2956 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:30:30.0284 2956 TrustedInstaller - ok
17:30:30.0315 2956 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:30:30.0331 2956 tssecsrv - ok
17:30:30.0393 2956 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:30:30.0393 2956 TsUsbFlt - ok
17:30:30.0455 2956 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:30:30.0455 2956 tunnel - ok
17:30:30.0487 2956 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:30:30.0502 2956 uagp35 - ok
17:30:30.0549 2956 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:30:30.0565 2956 udfs - ok
17:30:30.0596 2956 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:30:30.0611 2956 UI0Detect - ok
17:30:30.0658 2956 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:30:30.0658 2956 uliagpkx - ok
17:30:30.0721 2956 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:30:30.0721 2956 umbus - ok
17:30:30.0752 2956 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:30:30.0752 2956 UmPass - ok
17:30:30.0799 2956 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:30:30.0830 2956 upnphost - ok
17:30:30.0877 2956 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:30:30.0877 2956 usbccgp - ok
17:30:30.0939 2956 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:30:30.0939 2956 usbcir - ok
17:30:30.0970 2956 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:30:30.0970 2956 usbehci - ok
17:30:31.0033 2956 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:30:31.0048 2956 usbhub - ok
17:30:31.0064 2956 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:30:31.0064 2956 usbohci - ok
17:30:31.0126 2956 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:30:31.0126 2956 usbprint - ok
17:30:31.0157 2956 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:30:31.0173 2956 usbscan - ok
17:30:31.0204 2956 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:30:31.0204 2956 USBSTOR - ok
17:30:31.0235 2956 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
17:30:31.0251 2956 usbuhci - ok
17:30:31.0298 2956 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
17:30:31.0313 2956 usbvideo - ok
17:30:31.0345 2956 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:30:31.0360 2956 UxSms - ok
17:30:31.0376 2956 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:30:31.0391 2956 VaultSvc - ok
17:30:31.0407 2956 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:30:31.0407 2956 vdrvroot - ok
17:30:31.0469 2956 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:30:31.0501 2956 vds - ok
17:30:31.0563 2956 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:30:31.0563 2956 vga - ok
17:30:31.0594 2956 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:30:31.0610 2956 VgaSave - ok
17:30:31.0641 2956 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:30:31.0657 2956 vhdmp - ok
17:30:31.0766 2956 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys
17:30:31.0813 2956 VIAHdAudAddService - ok
17:30:31.0828 2956 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:30:31.0828 2956 viaide - ok
17:30:31.0859 2956 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:30:31.0859 2956 volmgr - ok
17:30:31.0922 2956 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:30:31.0937 2956 volmgrx - ok
17:30:31.0969 2956 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:30:31.0984 2956 volsnap - ok
17:30:32.0031 2956 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:30:32.0031 2956 vsmraid - ok
17:30:32.0125 2956 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:30:32.0203 2956 VSS - ok
17:30:32.0312 2956 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:30:32.0312 2956 vwifibus - ok
17:30:32.0343 2956 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:30:32.0343 2956 vwififlt - ok
17:30:32.0405 2956 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:30:32.0405 2956 vwifimp - ok
17:30:32.0468 2956 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:30:32.0483 2956 W32Time - ok
17:30:32.0515 2956 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:30:32.0515 2956 WacomPen - ok
17:30:32.0577 2956 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:30:32.0577 2956 WANARP - ok
17:30:32.0593 2956 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:30:32.0593 2956 Wanarpv6 - ok
17:30:32.0717 2956 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:30:32.0749 2956 WatAdminSvc - ok
17:30:32.0842 2956 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:30:32.0889 2956 wbengine - ok
17:30:32.0998 2956 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:30:33.0014 2956 WbioSrvc - ok
17:30:33.0061 2956 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:30:33.0076 2956 wcncsvc - ok
17:30:33.0107 2956 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:30:33.0123 2956 WcsPlugInService - ok
17:30:33.0185 2956 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:30:33.0185 2956 Wd - ok
17:30:33.0232 2956 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:30:33.0248 2956 Wdf01000 - ok
17:30:33.0295 2956 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:30:33.0310 2956 WdiServiceHost - ok
17:30:33.0310 2956 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:30:33.0326 2956 WdiSystemHost - ok
17:30:33.0388 2956 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:30:33.0404 2956 WebClient - ok
17:30:33.0435 2956 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:30:33.0451 2956 Wecsvc - ok
17:30:33.0482 2956 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:30:33.0482 2956 wercplsupport - ok
17:30:33.0529 2956 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:30:33.0544 2956 WerSvc - ok
17:30:33.0622 2956 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:30:33.0622 2956 WfpLwf - ok
17:30:33.0669 2956 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
17:30:33.0669 2956 WimFltr - ok
17:30:33.0685 2956 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:30:33.0685 2956 WIMMount - ok
17:30:33.0747 2956 WinDefend - ok
17:30:33.0778 2956 WinHttpAutoProxySvc - ok
17:30:33.0841 2956 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:30:33.0841 2956 Winmgmt - ok
17:30:33.0965 2956 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:30:34.0028 2956 WinRM - ok
17:30:34.0199 2956 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:30:34.0199 2956 WinUsb - ok
17:30:34.0262 2956 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:30:34.0309 2956 Wlansvc - ok
17:30:34.0340 2956 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:30:34.0340 2956 WmiAcpi - ok
17:30:34.0418 2956 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:30:34.0418 2956 wmiApSrv - ok
17:30:34.0496 2956 WMPNetworkSvc - ok
17:30:34.0527 2956 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:30:34.0543 2956 WPCSvc - ok
17:30:34.0589 2956 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:30:34.0589 2956 WPDBusEnum - ok
17:30:34.0621 2956 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:30:34.0636 2956 ws2ifsl - ok
17:30:34.0667 2956 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
17:30:34.0667 2956 wscsvc - ok
17:30:34.0683 2956 WSearch - ok
17:30:34.0808 2956 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:30:34.0870 2956 wuauserv - ok
17:30:34.0995 2956 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:30:34.0995 2956 WudfPf - ok
17:30:35.0042 2956 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:30:35.0042 2956 WUDFRd - ok
17:30:35.0089 2956 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:30:35.0089 2956 wudfsvc - ok
17:30:35.0135 2956 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:30:35.0151 2956 WwanSvc - ok
17:30:35.0229 2956 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:30:35.0463 2956 \Device\Harddisk0\DR0 - ok
17:30:35.0463 2956 MBR (0x1B8) (66d0b28c8b44e531d0c19f436252abaa) \Device\Harddisk1\DR1
17:30:35.0479 2956 \Device\Harddisk1\DR1 - ok
17:30:35.0479 2956 Boot (0x1200) (893e0f99878bb5c2d777fcab27aa6b9d) \Device\Harddisk0\DR0\Partition0
17:30:35.0479 2956 \Device\Harddisk0\DR0\Partition0 - ok
17:30:35.0525 2956 Boot (0x1200) (99d52ed29fe8c59de82587a5987c4f3b) \Device\Harddisk0\DR0\Partition1
17:30:35.0525 2956 \Device\Harddisk0\DR0\Partition1 - ok
17:30:35.0525 2956 Boot (0x1200) (1d4e2c5fe91190b511434c5fb3b2ee84) \Device\Harddisk1\DR1\Partition0
17:30:35.0525 2956 \Device\Harddisk1\DR1\Partition0 - ok
17:30:35.0541 2956 ============================================================
17:30:35.0541 2956 Scan finished
17:30:35.0541 2956 ============================================================
17:30:35.0557 1180 Detected object count: 0
17:30:35.0557 1180 Actual detected object count: 0

#8 Příspěvek od **Rudy** » 10 čer 2012 17:06

Toto je čisté. Pokud změna nenastala, budte muset provést opravu systému z instal. média.

Pitrs56 · #9 Příspěvek od **Pitrs56** » 10 čer 2012 19:27

Takže přeinstalace windowsu pomohla.. Děkuji za spolupráci

#10 Příspěvek od **Rudy** » 10 čer 2012 19:35

Nemáte zač!

VIRY.CZ

Není spuštěna služba DPS

Není spuštěna služba DPS

Re: Není spuštěna služba DPS

Re: Není spuštěna služba DPS

Re: Není spuštěna služba DPS

Re: Není spuštěna služba DPS

Re: Není spuštěna služba DPS

Re: Není spuštěna služba DPS

Re: Není spuštěna služba DPS

Re: Není spuštěna služba DPS

Re: Není spuštěna služba DPS