Dobrý den,
NOD mi hlásí trojský kůň Ponmocup.AA, ale neumí ho odstranit. Dohledal jsem na netu, že se má aplikovat Rkill a Combofix. Z toho mám po použití udělaný log. Mohl by ho někdo projít a poradit mi, co dál?
ComboFix 12-08-29.03 - steepee 30.08.2012 10:20:32.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4096.2657 [GMT 2:00]
Spuštěný z: c:\users\steepee\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\steepee\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
c:\windows\IsUn0405.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\FlashPlayerInstaller.exe
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-28 do 2012-08-30 )))))))))))))))))))))))))))))))
.
.
2012-08-30 05:28 . 2012-08-30 05:28 -------- d-----w- c:\users\steepee\AppData\Local\Threat Expert
2012-08-30 05:17 . 2012-08-30 05:34 -------- d-----w- c:\program files (x86)\PC Tools
2012-08-30 05:07 . 2012-06-22 13:35 251560 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-08-30 05:07 . 2012-08-30 05:34 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-08-30 05:07 . 2012-08-30 05:33 -------- d-----w- c:\programdata\PC Tools
2012-08-30 05:07 . 2012-08-30 05:07 -------- d-----w- c:\users\steepee\AppData\Roaming\TestApp
2012-08-29 20:10 . 2012-08-29 20:10 -------- d-----w- c:\users\steepee\AppData\Roaming\Malwarebytes
2012-08-29 20:10 . 2012-08-29 20:10 -------- d-----w- c:\programdata\Malwarebytes
2012-08-29 18:38 . 2012-08-29 18:38 -------- d-----w- c:\program files\ESET
2012-08-29 08:34 . 2012-08-29 08:34 118784 --sha-r- c:\windows\SysWow64\MP43DECD5.dll
2012-08-28 11:18 . 2012-08-28 11:18 -------- d-----w- c:\users\steepee\AppData\Roaming\pdfforge
2012-08-28 11:18 . 2012-05-05 09:54 662288 ----a-w- c:\windows\SysWow64\MSCOMCT2.OCX
2012-08-28 11:18 . 2012-05-05 09:54 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX
2012-08-28 11:18 . 2012-05-05 09:54 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL
2012-08-28 11:18 . 2012-08-28 11:19 -------- d-----w- c:\program files (x86)\PDFCreator
2012-08-15 19:10 . 2012-06-29 04:55 17809920 ----a-w- c:\windows\system32\mshtml.dll
2012-08-15 19:10 . 2012-06-29 04:09 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-15 17:30 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 17:30 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 17:30 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 17:29 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 17:29 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 17:29 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 17:29 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 17:29 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 17:29 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 17:29 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 17:29 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 17:29 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 19:07 . 2011-10-12 07:09 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-07-11 17:32 . 2012-07-11 17:32 1544704 ----a-w- c:\windows\is-SJP12.exe
2012-07-05 11:02 . 2012-07-09 15:30 95744 ----a-w- c:\windows\system32\pdfcmon.dll
2012-06-26 04:17 . 2012-06-26 04:18 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-06-26 04:17 . 2011-10-10 05:00 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-14 17:00 . 2012-03-31 03:09 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-14 17:00 . 2011-10-09 10:10 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-09 05:43 . 2012-07-11 06:06 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06 . 2012-07-11 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 06:06 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 06:06 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 06:06 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 06:06 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-19 08:01 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 08:01 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-19 08:01 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 08:01 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 08:01 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-19 08:01 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-19 08:01 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-19 08:00 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-19 08:00 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:50 . 2012-07-11 06:06 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 06:06 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-11 06:06 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-11 06:06 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 06:06 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 06:06 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 06:06 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 06:06 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 06:06 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2010-10-25 1216416]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-09-29 20880]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-04-20 247728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-10-25 932288]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-09-29 929680]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-09-29 3508112]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\steepee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SCIA.lnk - c:\program files (x86)\SCIA\SCIA.bat [2011-10-9 59]
TOTALCMD64.lnk - c:\program files\totalcmd\TOTALCMD64.EXE [2011-10-9 7718352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AutoCAD Startup Accelerator.lnk - c:\program files (x86)\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-09 1431888]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe [2008-09-18 93848]
R3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;c:\windows\system32\DRIVERS\SNTUSB64.SYS [2011-05-27 63528]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-10 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-10-09 834544]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S2 Tekla Structures Licensing Service;Tekla Structures Licensing Service;c:\teklastructures\License\Server\lmgrd.exe [2009-08-17 1122568]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-04-20 92592]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-30 c:\windows\Tasks\zeqoflvrq.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="c:\program files\NVIDIA Corporation\Raid\nvraidservice.exe" [2010-04-09 291944]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 10.10.10.1
DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} - file:///C:/Temp/KOLIN_10102011/dll/zkitlib.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-NEXIS32 3.40.12 - c:\windows\IsUn0405.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\rundll32.exe
c:\teklastructures\License\Server\tekla.exe
c:\flexlm\lmgrd.exe
c:\flexlm\SCIA.exe
c:\program files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
.
**************************************************************************
.
Celkový čas: 2012-08-30 10:32:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-30 08:32
.
Před spuštěním: Volných bajtů: 253 603 233 792
Po spuštění: Volných bajtů: 253 224 460 288
.
- - End Of File - - 5D2F93705C395B61A257A837EB74ED6E
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
trojsky kun Ponmocup.AA
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
trojsky kun Ponmocup.AA
Naposledy upravil(a) steepee dne 31 srp 2012 14:19, celkem upraveno 1 x.
-
Pavuk29
- VIP in memoriam
- Příspěvky: 6953
- Registrován: 31 říj 2003 08:26
- Bydliště: Banská Bystrica
- Kontaktovat uživatele:
Re: trojsky kun Ponmocup.AA
Tema bola presunuta zo sekcie www.viry.cz
------------------------------------------------------------------------------------------------------------------------------
PLS NEPISTE MI SZ, NA ICQ A MAILY S OTAZKAMI, PISTE DO FORA 
------------------------------------------------------------------------------------------------------------------------------
V pripadne akutnych problemov s chodom fora,
pripadne s inymi uzivatelmi, 
kontaktujte ma na ICQ alebo mailom 
na pavuk29 zavinac forum.viry.cz. Byvam pri pocitaci casto aj ked nie som online na fore.
http://www.icq.com/people/267560078/
hotline: http://forum.viry.cz/viewtopic.php?f=12&t=116821
pravidla fora: http://forum.viry.cz/viewtopic.php?f=12&t=5601
PLS NEPISTE MI SZ, NA ICQ A MAILY S OTAZKAMI, PISTE DO FORA ------------------------------------------------------------------------------------------------------------------------------
V pripadne akutnych problemov s chodom fora,
pripadne s inymi uzivatelmi, kontaktujte ma na ICQ alebo mailom na pavuk29 zavinac forum.viry.cz. Byvam pri pocitaci casto aj ked nie som online na fore.http://www.icq.com/people/267560078/
hotline: http://forum.viry.cz/viewtopic.php?f=12&t=116821 pravidla fora: http://forum.viry.cz/viewtopic.php?f=12&t=5601
Re: trojsky kun Ponmocup.AA
Zdravím 
Můžete upřesnit, v kterém souboru se má vir nacházet?
Můžete upřesnit, v kterém souboru se má vir nacházet?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: trojsky kun Ponmocup.AA
Dobrý den,
nevím, kde je/byl NOD jen psal, že ho detekuje jako win32/Ponmocup.AA a neumí léčit. Od doby zveřejnění tohoto příspěvku jsem tio projel combofixem 2x během dvou dnů a zatím mi NOD už týden nic nehlásí. Nevím ale, jestli bych neměl v registrech ještě odmazat nějaké případné pozůstatky. Ten log z combofixu tedy vypadá v pořárku, bez problému?
zatím díky
stp
nevím, kde je/byl NOD jen psal, že ho detekuje jako win32/Ponmocup.AA a neumí léčit. Od doby zveřejnění tohoto příspěvku jsem tio projel combofixem 2x během dvou dnů a zatím mi NOD už týden nic nehlásí. Nevím ale, jestli bych neměl v registrech ještě odmazat nějaké případné pozůstatky. Ten log z combofixu tedy vypadá v pořárku, bez problému?
zatím díky
stp
Re: trojsky kun Ponmocup.AA
ANo, log je v pořádku.
Ale pro jistotu
Stáhněte TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- a uložte ho na plochu.
- 2x klikněte na ikonu programu a spusťte
- dejte volbu Spustit kontrolu - pak potvrdte start sken
- pokud program najde infikovaný soubor, ukáže se Vám předvolená akce Cure, v tom případě potvrdte tlačítko Continue
- pokud bude chtít program restartovat počítač, klikněte na tlačítko Reboot Now
- pokud si restart nevyžádá, klikněte na tlačítko Report. Měl vy na Vás vyskočit log, obsah logu zkopírujte do svého topicu.
- pokud se log nezobrazí, je uložený ve Vašem kořenovém adresáři.
Ale pro jistotu
Stáhněte TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe- a uložte ho na plochu.
- 2x klikněte na ikonu programu a spusťte
- dejte volbu Spustit kontrolu - pak potvrdte start sken
- pokud program najde infikovaný soubor, ukáže se Vám předvolená akce Cure, v tom případě potvrdte tlačítko Continue
- pokud bude chtít program restartovat počítač, klikněte na tlačítko Reboot Now
- pokud si restart nevyžádá, klikněte na tlačítko Report. Měl vy na Vás vyskočit log, obsah logu zkopírujte do svého topicu.
- pokud se log nezobrazí, je uložený ve Vašem kořenovém adresáři.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: trojsky kun Ponmocup.AA
Dobrý den,
aplikoval jsem tdsskiller, log níže:
13:42:36.0045 3692 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:42:36.0202 3692 ============================================================
13:42:36.0202 3692 Current date / time: 2012/09/10 13:42:36.0202
13:42:36.0202 3692 SystemInfo:
13:42:36.0202 3692
13:42:36.0202 3692 OS Version: 6.1.7601 ServicePack: 1.0
13:42:36.0202 3692 Product type: Workstation
13:42:36.0202 3692 ComputerName: STP
13:42:36.0202 3692 UserName: steepee
13:42:36.0202 3692 Windows directory: C:\Windows
13:42:36.0202 3692 System windows directory: C:\Windows
13:42:36.0202 3692 Running under WOW64
13:42:36.0202 3692 Processor architecture: Intel x64
13:42:36.0202 3692 Number of processors: 2
13:42:36.0202 3692 Page size: 0x1000
13:42:36.0202 3692 Boot type: Normal boot
13:42:36.0202 3692 ============================================================
13:42:37.0717 3692 Drive \Device\Harddisk0\DR0 - Size: 0x15D50E50000 (1397.26 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:42:37.0733 3692 ============================================================
13:42:37.0733 3692 \Device\Harddisk0\DR0:
13:42:37.0733 3692 MBR partitions:
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x249BD800
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x249F0000, BlocksNum 0x4F588000
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x73F78000, BlocksNum 0x3AB0E800
13:42:37.0733 3692 ============================================================
13:42:37.0764 3692 C: <-> \Device\Harddisk0\DR0\Partition2
13:42:37.0811 3692 D: <-> \Device\Harddisk0\DR0\Partition3
13:42:37.0874 3692 E: <-> \Device\Harddisk0\DR0\Partition4
13:42:37.0874 3692 ============================================================
13:42:37.0874 3692 Initialize success
13:42:37.0874 3692 ============================================================
13:42:40.0874 4676 ============================================================
13:42:40.0874 4676 Scan started
13:42:40.0874 4676 Mode: Manual;
13:42:40.0874 4676 ============================================================
13:42:42.0264 4676 ================ Scan system memory ========================
13:42:42.0264 4676 System memory - ok
13:42:42.0264 4676 ================ Scan services =============================
13:42:42.0452 4676 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:42:42.0545 4676 1394ohci - ok
13:42:42.0561 4676 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:42:42.0608 4676 ACPI - ok
13:42:42.0608 4676 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:42:42.0655 4676 AcpiPmi - ok
13:42:42.0686 4676 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:42:42.0764 4676 adp94xx - ok
13:42:42.0827 4676 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:42:42.0936 4676 adpahci - ok
13:42:42.0952 4676 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:42:42.0983 4676 adpu320 - ok
13:42:42.0999 4676 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:42:42.0999 4676 AeLookupSvc - ok
13:42:43.0061 4676 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:42:43.0124 4676 AFD - ok
13:42:43.0139 4676 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:42:43.0217 4676 agp440 - ok
13:42:43.0233 4676 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:42:43.0264 4676 ALG - ok
13:42:43.0280 4676 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:42:43.0327 4676 aliide - ok
13:42:43.0342 4676 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:42:43.0389 4676 amdide - ok
13:42:43.0420 4676 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:42:43.0452 4676 AmdK8 - ok
13:42:43.0467 4676 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:42:43.0577 4676 AmdPPM - ok
13:42:43.0624 4676 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:42:43.0686 4676 amdsata - ok
13:42:43.0702 4676 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:42:43.0749 4676 amdsbs - ok
13:42:43.0780 4676 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:42:43.0811 4676 amdxata - ok
13:42:43.0827 4676 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:42:43.0874 4676 AppID - ok
13:42:43.0889 4676 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:42:43.0905 4676 AppIDSvc - ok
13:42:43.0920 4676 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:42:43.0936 4676 Appinfo - ok
13:42:43.0952 4676 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:42:43.0999 4676 AppMgmt - ok
13:42:44.0014 4676 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
13:42:44.0061 4676 arc - ok
13:42:44.0077 4676 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:42:44.0124 4676 arcsas - ok
13:42:44.0217 4676 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:42:44.0233 4676 aspnet_state - ok
13:42:44.0280 4676 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:42:44.0327 4676 AsyncMac - ok
13:42:44.0327 4676 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:42:44.0374 4676 atapi - ok
13:42:44.0436 4676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:42:44.0514 4676 AudioEndpointBuilder - ok
13:42:44.0545 4676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:42:44.0561 4676 AudioSrv - ok
13:42:44.0670 4676 [ 1992C2A1867D95AA3A0802539358D162 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
13:42:44.0670 4676 Autodesk Content Service - ok
13:42:44.0764 4676 [ 9F29157695EE58875B06724743CE9C42 ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
13:42:44.0764 4676 Autodesk Licensing Service - ok
13:42:44.0795 4676 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:42:44.0874 4676 AxInstSV - ok
13:42:44.0936 4676 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:42:44.0983 4676 b06bdrv - ok
13:42:45.0014 4676 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:42:45.0077 4676 b57nd60a - ok
13:42:45.0092 4676 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:42:45.0124 4676 BDESVC - ok
13:42:45.0124 4676 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:42:45.0139 4676 Beep - ok
13:42:45.0186 4676 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:42:45.0264 4676 BFE - ok
13:42:45.0374 4676 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
13:42:45.0530 4676 BITS - ok
13:42:45.0530 4676 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:42:45.0561 4676 blbdrive - ok
13:42:45.0608 4676 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:42:45.0702 4676 bowser - ok
13:42:45.0749 4676 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:42:45.0764 4676 BrFiltLo - ok
13:42:45.0780 4676 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:42:45.0811 4676 BrFiltUp - ok
13:42:45.0811 4676 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:42:45.0858 4676 BridgeMP - ok
13:42:45.0874 4676 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:42:45.0952 4676 Browser - ok
13:42:45.0983 4676 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:42:46.0045 4676 Brserid - ok
13:42:46.0061 4676 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:42:46.0124 4676 BrSerWdm - ok
13:42:46.0124 4676 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:42:46.0170 4676 BrUsbMdm - ok
13:42:46.0186 4676 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:42:46.0217 4676 BrUsbSer - ok
13:42:46.0233 4676 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:42:46.0280 4676 BTHMODEM - ok
13:42:46.0295 4676 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:42:46.0327 4676 bthserv - ok
13:42:46.0358 4676 catchme - ok
13:42:46.0374 4676 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:42:46.0405 4676 cdfs - ok
13:42:46.0420 4676 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:42:46.0561 4676 cdrom - ok
13:42:46.0592 4676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:42:46.0624 4676 CertPropSvc - ok
13:42:46.0655 4676 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
13:42:46.0686 4676 circlass - ok
13:42:46.0717 4676 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:42:46.0795 4676 CLFS - ok
13:42:46.0874 4676 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:42:46.0874 4676 clr_optimization_v2.0.50727_32 - ok
13:42:46.0920 4676 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:42:46.0920 4676 clr_optimization_v2.0.50727_64 - ok
13:42:46.0999 4676 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:42:47.0014 4676 clr_optimization_v4.0.30319_32 - ok
13:42:47.0030 4676 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:42:47.0030 4676 clr_optimization_v4.0.30319_64 - ok
13:42:47.0061 4676 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:42:47.0108 4676 CmBatt - ok
13:42:47.0124 4676 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:42:47.0170 4676 cmdide - ok
13:42:47.0202 4676 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:42:47.0280 4676 CNG - ok
13:42:47.0280 4676 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:42:47.0311 4676 Compbatt - ok
13:42:47.0327 4676 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:42:47.0358 4676 CompositeBus - ok
13:42:47.0374 4676 COMSysApp - ok
13:42:47.0389 4676 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:42:47.0405 4676 crcdisk - ok
13:42:47.0436 4676 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:42:47.0530 4676 CryptSvc - ok
13:42:47.0577 4676 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
13:42:47.0670 4676 CSC - ok
13:42:47.0702 4676 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
13:42:47.0764 4676 CscService - ok
13:42:47.0842 4676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:42:47.0858 4676 DcomLaunch - ok
13:42:47.0920 4676 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:42:47.0967 4676 defragsvc - ok
13:42:47.0983 4676 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:42:48.0014 4676 DfsC - ok
13:42:48.0045 4676 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:42:48.0045 4676 Dhcp - ok
13:42:48.0061 4676 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:42:48.0108 4676 discache - ok
13:42:48.0124 4676 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
13:42:48.0170 4676 Disk - ok
13:42:48.0186 4676 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
13:42:48.0264 4676 dmvsc - ok
13:42:48.0295 4676 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:42:48.0358 4676 Dnscache - ok
13:42:48.0374 4676 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:42:48.0420 4676 dot3svc - ok
13:42:48.0436 4676 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:42:48.0467 4676 DPS - ok
13:42:48.0514 4676 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:42:48.0545 4676 drmkaud - ok
13:42:48.0592 4676 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:42:48.0670 4676 DXGKrnl - ok
13:42:48.0749 4676 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
13:42:48.0889 4676 eamonm - ok
13:42:48.0905 4676 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:42:48.0936 4676 EapHost - ok
13:42:49.0014 4676 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:42:49.0280 4676 ebdrv - ok
13:42:49.0311 4676 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:42:49.0342 4676 EFS - ok
13:42:49.0405 4676 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
13:42:49.0452 4676 ehdrv - ok
13:42:49.0530 4676 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:42:49.0530 4676 ehRecvr - ok
13:42:49.0545 4676 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:42:49.0545 4676 ehSched - ok
13:42:49.0702 4676 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
13:42:49.0702 4676 ekrn - ok
13:42:49.0749 4676 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:42:49.0827 4676 elxstor - ok
13:42:49.0842 4676 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
13:42:50.0717 4676 epfwwfpr - ok
13:42:50.0733 4676 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:42:50.0811 4676 ErrDev - ok
13:42:50.0889 4676 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:42:50.0889 4676 EventSystem - ok
13:42:50.0920 4676 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:42:50.0983 4676 exfat - ok
13:42:50.0999 4676 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:42:51.0045 4676 fastfat - ok
13:42:51.0108 4676 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:42:51.0202 4676 Fax - ok
13:42:51.0217 4676 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
13:42:51.0264 4676 fdc - ok
13:42:51.0311 4676 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:42:51.0358 4676 fdPHost - ok
13:42:51.0374 4676 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:42:51.0405 4676 FDResPub - ok
13:42:51.0420 4676 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:42:51.0452 4676 FileInfo - ok
13:42:51.0467 4676 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:42:51.0514 4676 Filetrace - ok
13:42:51.0639 4676 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:42:51.0655 4676 FLEXnet Licensing Service - ok
13:42:51.0717 4676 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
13:42:51.0733 4676 FLEXnet Licensing Service 64 - ok
13:42:51.0749 4676 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:42:51.0780 4676 flpydisk - ok
13:42:51.0811 4676 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:42:51.0889 4676 FltMgr - ok
13:42:51.0936 4676 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:42:52.0014 4676 FontCache - ok
13:42:52.0061 4676 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:42:52.0061 4676 FontCache3.0.0.0 - ok
13:42:52.0077 4676 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:42:52.0124 4676 FsDepends - ok
13:42:52.0139 4676 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:42:52.0170 4676 Fs_Rec - ok
13:42:52.0217 4676 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:42:52.0342 4676 fvevol - ok
13:42:52.0358 4676 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:42:52.0420 4676 gagp30kx - ok
13:42:52.0467 4676 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:42:52.0545 4676 gpsvc - ok
13:42:52.0545 4676 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:42:52.0577 4676 hcw85cir - ok
13:42:52.0639 4676 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:42:52.0733 4676 HdAudAddService - ok
13:42:52.0749 4676 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:42:52.0780 4676 HDAudBus - ok
13:42:52.0811 4676 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:42:52.0858 4676 HidBatt - ok
13:42:52.0889 4676 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:42:52.0936 4676 HidBth - ok
13:42:52.0952 4676 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:42:53.0014 4676 HidIr - ok
13:42:53.0045 4676 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
13:42:53.0077 4676 hidserv - ok
13:42:53.0092 4676 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:42:53.0124 4676 HidUsb - ok
13:42:53.0139 4676 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:42:53.0170 4676 hkmsvc - ok
13:42:53.0186 4676 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:42:53.0233 4676 HomeGroupListener - ok
13:42:53.0264 4676 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:42:53.0358 4676 HomeGroupProvider - ok
13:42:53.0436 4676 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:42:53.0452 4676 hpqcxs08 - ok
13:42:53.0483 4676 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:42:53.0514 4676 HpSAMD - ok
13:42:53.0545 4676 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:42:53.0624 4676 HTTP - ok
13:42:53.0624 4676 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:42:53.0670 4676 hwpolicy - ok
13:42:53.0686 4676 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:42:53.0717 4676 i8042prt - ok
13:42:53.0764 4676 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:42:53.0842 4676 iaStorV - ok
13:42:53.0920 4676 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:42:53.0936 4676 idsvc - ok
13:42:53.0967 4676 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:42:53.0999 4676 iirsp - ok
13:42:54.0061 4676 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:42:54.0155 4676 IKEEXT - ok
13:42:54.0170 4676 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:42:54.0217 4676 intelide - ok
13:42:54.0249 4676 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
13:42:54.0295 4676 intelppm - ok
13:42:54.0311 4676 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:42:54.0342 4676 IPBusEnum - ok
13:42:54.0358 4676 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:42:54.0389 4676 IpFilterDriver - ok
13:42:54.0420 4676 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:42:54.0561 4676 iphlpsvc - ok
13:42:54.0577 4676 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:42:54.0624 4676 IPMIDRV - ok
13:42:54.0639 4676 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:42:54.0686 4676 IPNAT - ok
13:42:54.0686 4676 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:42:54.0717 4676 IRENUM - ok
13:42:54.0733 4676 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:42:54.0780 4676 isapnp - ok
13:42:54.0811 4676 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:42:54.0936 4676 iScsiPrt - ok
13:42:54.0952 4676 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:42:54.0983 4676 kbdclass - ok
13:42:55.0014 4676 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:42:55.0045 4676 kbdhid - ok
13:42:55.0061 4676 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:42:55.0061 4676 KeyIso - ok
13:42:55.0077 4676 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:42:55.0108 4676 KSecDD - ok
13:42:55.0124 4676 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:42:55.0155 4676 KSecPkg - ok
13:42:55.0170 4676 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:42:55.0202 4676 ksthunk - ok
13:42:55.0217 4676 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:42:55.0264 4676 KtmRm - ok
13:42:55.0327 4676 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:42:55.0405 4676 LanmanServer - ok
13:42:55.0467 4676 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:42:55.0514 4676 LanmanWorkstation - ok
13:42:55.0561 4676 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:42:55.0592 4676 lltdio - ok
13:42:55.0639 4676 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:42:55.0686 4676 lltdsvc - ok
13:42:55.0702 4676 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:42:55.0717 4676 lmhosts - ok
13:42:55.0749 4676 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:42:55.0795 4676 LSI_FC - ok
13:42:55.0811 4676 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:42:55.0858 4676 LSI_SAS - ok
13:42:55.0874 4676 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:42:55.0920 4676 LSI_SAS2 - ok
13:42:55.0936 4676 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:42:55.0983 4676 LSI_SCSI - ok
13:42:55.0999 4676 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:42:56.0030 4676 luafv - ok
13:42:56.0045 4676 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:42:56.0061 4676 Mcx2Svc - ok
13:42:56.0077 4676 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
13:42:56.0124 4676 megasas - ok
13:42:56.0155 4676 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:42:56.0217 4676 MegaSR - ok
13:42:56.0233 4676 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:42:56.0249 4676 MMCSS - ok
13:42:56.0280 4676 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:42:56.0311 4676 Modem - ok
13:42:56.0374 4676 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:42:56.0452 4676 monitor - ok
13:42:56.0483 4676 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:42:56.0499 4676 mouclass - ok
13:42:56.0514 4676 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:42:56.0545 4676 mouhid - ok
13:42:56.0561 4676 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:42:56.0592 4676 mountmgr - ok
13:42:56.0608 4676 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:42:56.0655 4676 mpio - ok
13:42:56.0670 4676 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:42:56.0702 4676 mpsdrv - ok
13:42:56.0749 4676 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:42:56.0827 4676 MpsSvc - ok
13:42:56.0842 4676 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:42:56.0874 4676 MRxDAV - ok
13:42:56.0905 4676 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:42:56.0936 4676 mrxsmb - ok
13:42:56.0967 4676 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:42:57.0030 4676 mrxsmb10 - ok
13:42:57.0045 4676 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:42:57.0108 4676 mrxsmb20 - ok
13:42:57.0139 4676 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:42:57.0217 4676 msahci - ok
13:42:57.0249 4676 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:42:57.0295 4676 msdsm - ok
13:42:57.0311 4676 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:42:57.0342 4676 MSDTC - ok
13:42:57.0374 4676 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:42:57.0405 4676 Msfs - ok
13:42:57.0420 4676 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:42:57.0452 4676 mshidkmdf - ok
13:42:57.0452 4676 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:42:57.0499 4676 msisadrv - ok
13:42:57.0499 4676 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:42:57.0530 4676 MSiSCSI - ok
13:42:57.0545 4676 msiserver - ok
13:42:57.0577 4676 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:42:57.0608 4676 MSKSSRV - ok
13:42:57.0624 4676 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:42:57.0655 4676 MSPCLOCK - ok
13:42:57.0670 4676 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:42:57.0717 4676 MSPQM - ok
13:42:57.0733 4676 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:42:57.0795 4676 MsRPC - ok
13:42:57.0811 4676 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:42:57.0874 4676 mssmbios - ok
13:42:57.0889 4676 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:42:57.0936 4676 MSTEE - ok
13:42:57.0952 4676 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:42:57.0983 4676 MTConfig - ok
13:42:57.0999 4676 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:42:58.0030 4676 Mup - ok
13:42:58.0092 4676 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:42:58.0155 4676 napagent - ok
13:42:58.0233 4676 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:42:58.0311 4676 NativeWifiP - ok
13:42:58.0342 4676 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:42:58.0420 4676 NDIS - ok
13:42:58.0452 4676 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:42:58.0483 4676 NdisCap - ok
13:42:58.0514 4676 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:42:58.0561 4676 NdisTapi - ok
13:42:58.0592 4676 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:42:58.0655 4676 Ndisuio - ok
13:42:58.0670 4676 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:42:58.0717 4676 NdisWan - ok
13:42:58.0733 4676 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:42:58.0780 4676 NDProxy - ok
13:42:58.0795 4676 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:42:58.0827 4676 NetBIOS - ok
13:42:58.0842 4676 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:42:58.0905 4676 NetBT - ok
13:42:58.0952 4676 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:42:58.0952 4676 Netlogon - ok
13:42:59.0030 4676 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:42:59.0124 4676 Netman - ok
13:42:59.0170 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0170 4676 NetMsmqActivator - ok
13:42:59.0170 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0186 4676 NetPipeActivator - ok
13:42:59.0233 4676 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:42:59.0280 4676 netprofm - ok
13:42:59.0280 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0280 4676 NetTcpActivator - ok
13:42:59.0311 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0311 4676 NetTcpPortSharing - ok
13:42:59.0327 4676 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:42:59.0374 4676 nfrd960 - ok
13:42:59.0420 4676 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:42:59.0499 4676 NlaSvc - ok
13:42:59.0530 4676 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:42:59.0577 4676 Npfs - ok
13:42:59.0592 4676 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:42:59.0624 4676 nsi - ok
13:42:59.0624 4676 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:42:59.0655 4676 nsiproxy - ok
13:42:59.0733 4676 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:42:59.0858 4676 Ntfs - ok
13:42:59.0889 4676 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:42:59.0920 4676 Null - ok
13:42:59.0967 4676 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
13:43:00.0077 4676 NVENETFD - ok
13:43:00.0342 4676 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:43:01.0217 4676 nvlddmkm - ok
13:43:01.0249 4676 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:43:01.0327 4676 nvraid - ok
13:43:01.0358 4676 [ 6F2D9D7F339F0C9EF358793F92BA3393 ] nvrd64 C:\Windows\system32\DRIVERS\nvrd64.sys
13:43:01.0358 4676 nvrd64 - ok
13:43:01.0389 4676 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:43:01.0452 4676 nvstor - ok
13:43:01.0483 4676 [ A1578751D32B2CED76DCA2B20C2B22A5 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
13:43:01.0514 4676 nvstor64 - ok
13:43:01.0577 4676 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:43:01.0577 4676 nvsvc - ok
13:43:01.0670 4676 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:43:01.0858 4676 nvUpdatusService - ok
13:43:01.0920 4676 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:43:02.0014 4676 nv_agp - ok
13:43:02.0092 4676 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:43:02.0092 4676 odserv - ok
13:43:02.0108 4676 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:43:02.0139 4676 ohci1394 - ok
13:43:02.0170 4676 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:43:02.0170 4676 ose - ok
13:43:02.0217 4676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:43:02.0264 4676 p2pimsvc - ok
13:43:02.0295 4676 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:43:02.0405 4676 p2psvc - ok
13:43:02.0420 4676 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:43:02.0467 4676 Parport - ok
13:43:02.0499 4676 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:43:02.0545 4676 partmgr - ok
13:43:02.0577 4676 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:43:02.0655 4676 PcaSvc - ok
13:43:02.0670 4676 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:43:02.0749 4676 pci - ok
13:43:02.0764 4676 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:43:02.0780 4676 pciide - ok
13:43:02.0811 4676 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:43:02.0952 4676 pcmcia - ok
13:43:02.0967 4676 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:43:03.0014 4676 pcw - ok
13:43:03.0045 4676 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:43:03.0108 4676 PEAUTH - ok
13:43:03.0155 4676 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:43:03.0264 4676 PeerDistSvc - ok
13:43:03.0342 4676 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:43:03.0342 4676 PerfHost - ok
13:43:03.0389 4676 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:43:03.0514 4676 pla - ok
13:43:03.0561 4676 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:43:03.0608 4676 PlugPlay - ok
13:43:03.0639 4676 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:43:03.0655 4676 PNRPAutoReg - ok
13:43:03.0655 4676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:43:03.0670 4676 PNRPsvc - ok
13:43:03.0670 4676 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
13:43:03.0702 4676 Point64 - ok
13:43:03.0764 4676 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:43:03.0874 4676 PolicyAgent - ok
13:43:03.0905 4676 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:43:03.0967 4676 Power - ok
13:43:03.0983 4676 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:43:04.0045 4676 PptpMiniport - ok
13:43:04.0061 4676 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
13:43:04.0092 4676 Processor - ok
13:43:04.0139 4676 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:43:04.0186 4676 ProfSvc - ok
13:43:04.0202 4676 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:43:04.0202 4676 ProtectedStorage - ok
13:43:04.0217 4676 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:43:04.0264 4676 Psched - ok
13:43:04.0295 4676 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:43:04.0420 4676 ql2300 - ok
13:43:04.0452 4676 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:43:04.0499 4676 ql40xx - ok
13:43:04.0530 4676 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:43:04.0592 4676 QWAVE - ok
13:43:04.0624 4676 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:43:04.0655 4676 QWAVEdrv - ok
13:43:04.0670 4676 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:43:04.0702 4676 RasAcd - ok
13:43:04.0733 4676 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:43:04.0764 4676 RasAgileVpn - ok
13:43:04.0795 4676 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:43:04.0827 4676 RasAuto - ok
13:43:04.0858 4676 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:43:04.0905 4676 Rasl2tp - ok
13:43:04.0936 4676 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:43:04.0983 4676 RasMan - ok
13:43:04.0999 4676 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:43:05.0670 4676 RasPppoe - ok
13:43:05.0717 4676 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:43:05.0827 4676 RasSstp - ok
13:43:05.0858 4676 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:43:05.0905 4676 rdbss - ok
13:43:05.0920 4676 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:43:05.0967 4676 rdpbus - ok
13:43:05.0983 4676 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:43:06.0014 4676 RDPCDD - ok
13:43:06.0030 4676 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:43:06.0092 4676 RDPDR - ok
13:43:06.0124 4676 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:43:06.0186 4676 RDPENCDD - ok
13:43:06.0202 4676 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:43:06.0233 4676 RDPREFMP - ok
13:43:06.0264 4676 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:43:06.0311 4676 RDPWD - ok
13:43:06.0342 4676 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:43:06.0389 4676 rdyboost - ok
13:43:06.0420 4676 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:43:06.0452 4676 RemoteAccess - ok
13:43:06.0483 4676 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:43:06.0514 4676 RemoteRegistry - ok
13:43:06.0530 4676 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:43:06.0545 4676 RpcEptMapper - ok
13:43:06.0577 4676 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:43:06.0592 4676 RpcLocator - ok
13:43:06.0624 4676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:43:06.0639 4676 RpcSs - ok
13:43:06.0655 4676 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:43:06.0686 4676 rspndr - ok
13:43:06.0717 4676 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:43:06.0749 4676 s3cap - ok
13:43:06.0764 4676 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:43:06.0764 4676 SamSs - ok
13:43:06.0936 4676 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys
13:43:06.0936 4676 SANDRA - ok
13:43:06.0967 4676 [ 0FBDF70E3A8623732EFCDB9E56E79550 ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe
13:43:06.0967 4676 SandraAgentSrv - ok
13:43:06.0999 4676 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:43:07.0061 4676 sbp2port - ok
13:43:07.0077 4676 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:43:07.0124 4676 SCardSvr - ok
13:43:07.0139 4676 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:43:07.0186 4676 scfilter - ok
13:43:07.0217 4676 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:43:07.0311 4676 Schedule - ok
13:43:07.0342 4676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:43:07.0342 4676 SCPolicySvc - ok
13:43:07.0342 4676 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:43:07.0374 4676 SDRSVC - ok
13:43:07.0389 4676 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:43:07.0436 4676 secdrv - ok
13:43:07.0452 4676 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:43:07.0467 4676 seclogon - ok
13:43:07.0499 4676 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
13:43:07.0577 4676 SENS - ok
13:43:07.0592 4676 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:43:07.0624 4676 SensrSvc - ok
13:43:07.0686 4676 [ 255476B54C82A89416EFDF09FD62F107 ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys
13:43:07.0780 4676 Sentinel64 - ok
13:43:07.0795 4676 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
13:43:07.0842 4676 Serenum - ok
13:43:07.0858 4676 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
13:43:07.0920 4676 Serial - ok
13:43:07.0967 4676 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:43:08.0045 4676 sermouse - ok
13:43:08.0092 4676 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:43:08.0124 4676 SessionEnv - ok
13:43:08.0139 4676 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:43:08.0170 4676 sffdisk - ok
13:43:08.0202 4676 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:43:08.0249 4676 sffp_mmc - ok
13:43:08.0249 4676 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:43:08.0264 4676 sffp_sd - ok
13:43:08.0295 4676 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:43:08.0342 4676 sfloppy - ok
13:43:08.0358 4676 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:43:08.0420 4676 SharedAccess - ok
13:43:08.0436 4676 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:43:08.0483 4676 ShellHWDetection - ok
13:43:08.0499 4676 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:43:08.0545 4676 SiSRaid2 - ok
13:43:08.0577 4676 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:43:08.0624 4676 SiSRaid4 - ok
13:43:08.0905 4676 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:43:08.0920 4676 Skype C2C Service - ok
13:43:09.0014 4676 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:43:09.0014 4676 SkypeUpdate - ok
13:43:09.0030 4676 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:43:09.0077 4676 Smb - ok
13:43:09.0108 4676 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:43:09.0139 4676 SNMPTRAP - ok
13:43:09.0170 4676 [ BAECAF8945218EC7390BFE2277406354 ] SNTUSB64 C:\Windows\system32\DRIVERS\SNTUSB64.SYS
13:43:09.0202 4676 SNTUSB64 - ok
13:43:09.0233 4676 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
13:43:09.0264 4676 speedfan - ok
13:43:09.0280 4676 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:43:09.0327 4676 spldr - ok
13:43:09.0389 4676 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:43:09.0499 4676 Spooler - ok
13:43:09.0561 4676 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:43:09.0780 4676 sppsvc - ok
13:43:09.0795 4676 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:43:09.0827 4676 sppuinotify - ok
13:43:09.0874 4676 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
13:43:09.0874 4676 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
13:43:09.0874 4676 sptd ( LockedFile.Multi.Generic ) - warning
13:43:09.0874 4676 sptd - detected LockedFile.Multi.Generic (1)
13:43:09.0905 4676 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:43:09.0999 4676 srv - ok
13:43:10.0014 4676 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:43:10.0077 4676 srv2 - ok
13:43:10.0108 4676 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:43:10.0139 4676 srvnet - ok
13:43:10.0170 4676 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:43:10.0217 4676 SSDPSRV - ok
13:43:10.0233 4676 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:43:10.0264 4676 SstpSvc - ok
13:43:10.0295 4676 [ D21FF3592DAEE244EE8376830A672B52 ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys
13:43:10.0327 4676 ss_bus - ok
13:43:10.0358 4676 [ 451DB3D10E6112E06B4506D4A7BECEC1 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys
13:43:10.0374 4676 ss_mdfl - ok
13:43:10.0389 4676 [ EF40C8A268A5263A0EF48FED8E57CBED ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys
13:43:10.0420 4676 ss_mdm - ok
13:43:10.0545 4676 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:43:10.0561 4676 Stereo Service - ok
13:43:10.0592 4676 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:43:10.0655 4676 stexstor - ok
13:43:10.0686 4676 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:43:10.0795 4676 stisvc - ok
13:43:10.0842 4676 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:43:10.0874 4676 storflt - ok
13:43:10.0905 4676 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
13:43:10.0936 4676 StorSvc - ok
13:43:10.0952 4676 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:43:10.0983 4676 storvsc - ok
13:43:10.0999 4676 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:43:11.0030 4676 swenum - ok
13:43:11.0155 4676 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:43:11.0155 4676 SwitchBoard - ok
13:43:11.0202 4676 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:43:11.0280 4676 swprv - ok
13:43:11.0327 4676 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:43:11.0452 4676 SysMain - ok
13:43:11.0483 4676 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:43:11.0530 4676 TabletInputService - ok
13:43:11.0577 4676 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:43:11.0670 4676 TapiSrv - ok
13:43:11.0717 4676 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:43:11.0780 4676 TBS - ok
13:43:11.0936 4676 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:43:12.0202 4676 Tcpip - ok
13:43:12.0233 4676 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:43:12.0249 4676 TCPIP6 - ok
13:43:12.0280 4676 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:43:12.0311 4676 tcpipreg - ok
13:43:12.0342 4676 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:43:12.0374 4676 TDPIPE - ok
13:43:12.0405 4676 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:43:12.0436 4676 TDTCP - ok
13:43:12.0452 4676 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:43:12.0499 4676 tdx - ok
13:43:12.0592 4676 [ E449211A88BBF6B734DE39140BAF3389 ] Tekla Structures Licensing Service C:\TeklaStructures\License\Server\lmgrd.exe
13:43:12.0624 4676 Tekla Structures Licensing Service - ok
13:43:12.0639 4676 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:43:12.0686 4676 TermDD - ok
13:43:12.0717 4676 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:43:12.0811 4676 TermService - ok
13:43:12.0827 4676 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:43:12.0874 4676 Themes - ok
13:43:12.0889 4676 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:43:12.0905 4676 THREADORDER - ok
13:43:12.0936 4676 [ 83682F469A3D65E8B6F06C28212318BD ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
13:43:12.0952 4676 TomTomHOMEService - ok
13:43:12.0952 4676 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:43:12.0983 4676 TrkWks - ok
13:43:13.0014 4676 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:43:13.0030 4676 TrustedInstaller - ok
13:43:13.0045 4676 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:43:13.0061 4676 tssecsrv - ok
13:43:13.0092 4676 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:43:13.0202 4676 TsUsbFlt - ok
13:43:13.0217 4676 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:43:13.0249 4676 TsUsbGD - ok
13:43:13.0280 4676 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:43:13.0327 4676 tunnel - ok
13:43:13.0358 4676 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:43:13.0389 4676 uagp35 - ok
13:43:13.0420 4676 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:43:13.0467 4676 udfs - ok
13:43:13.0483 4676 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:43:13.0514 4676 UI0Detect - ok
13:43:13.0545 4676 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:43:13.0592 4676 uliagpkx - ok
13:43:13.0624 4676 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:43:13.0733 4676 umbus - ok
13:43:13.0749 4676 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
13:43:13.0858 4676 UmPass - ok
13:43:13.0920 4676 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
13:43:13.0999 4676 UmRdpService - ok
13:43:14.0030 4676 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:43:14.0092 4676 upnphost - ok
13:43:14.0124 4676 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:43:14.0170 4676 USBAAPL64 - ok
13:43:14.0186 4676 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
13:43:14.0233 4676 usbccgp - ok
13:43:14.0264 4676 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:43:14.0327 4676 usbcir - ok
13:43:14.0358 4676 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:43:14.0436 4676 usbehci - ok
13:43:14.0467 4676 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:43:14.0530 4676 usbhub - ok
13:43:14.0545 4676 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:43:14.0577 4676 usbohci - ok
13:43:14.0592 4676 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:43:14.0624 4676 usbprint - ok
13:43:14.0670 4676 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:43:14.0702 4676 usbscan - ok
13:43:14.0717 4676 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:43:14.0764 4676 USBSTOR - ok
13:43:14.0795 4676 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:43:14.0858 4676 usbuhci - ok
13:43:14.0889 4676 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:43:14.0952 4676 UxSms - ok
13:43:14.0983 4676 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:43:14.0983 4676 VaultSvc - ok
13:43:14.0999 4676 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:43:15.0077 4676 vdrvroot - ok
13:43:15.0108 4676 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:43:15.0186 4676 vds - ok
13:43:15.0217 4676 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:43:15.0249 4676 vga - ok
13:43:15.0249 4676 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:43:15.0295 4676 VgaSave - ok
13:43:15.0311 4676 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:43:15.0358 4676 vhdmp - ok
13:43:15.0374 4676 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:43:15.0405 4676 viaide - ok
13:43:15.0420 4676 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:43:15.0499 4676 vmbus - ok
13:43:15.0514 4676 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:43:15.0545 4676 VMBusHID - ok
13:43:15.0561 4676 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:43:15.0608 4676 volmgr - ok
13:43:15.0655 4676 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:43:15.0702 4676 volmgrx - ok
13:43:15.0702 4676 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:43:15.0764 4676 volsnap - ok
13:43:15.0780 4676 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:43:15.0889 4676 vsmraid - ok
13:43:15.0967 4676 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:43:16.0124 4676 VSS - ok
13:43:16.0139 4676 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:43:16.0186 4676 vwifibus - ok
13:43:16.0217 4676 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:43:16.0264 4676 W32Time - ok
13:43:16.0280 4676 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:43:16.0311 4676 WacomPen - ok
13:43:16.0358 4676 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:43:16.0436 4676 WANARP - ok
13:43:16.0452 4676 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:43:16.0452 4676 Wanarpv6 - ok
13:43:16.0514 4676 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:43:16.0639 4676 WatAdminSvc - ok
13:43:16.0686 4676 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:43:16.0827 4676 wbengine - ok
13:43:16.0842 4676 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:43:16.0889 4676 WbioSrvc - ok
13:43:16.0920 4676 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:43:16.0983 4676 wcncsvc - ok
13:43:16.0999 4676 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:43:17.0030 4676 WcsPlugInService - ok
13:43:17.0030 4676 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
13:43:17.0061 4676 Wd - ok
13:43:17.0092 4676 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:43:17.0139 4676 Wdf01000 - ok
13:43:17.0155 4676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:43:17.0186 4676 WdiServiceHost - ok
13:43:17.0186 4676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:43:17.0186 4676 WdiSystemHost - ok
13:43:17.0202 4676 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:43:17.0249 4676 WebClient - ok
13:43:17.0264 4676 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:43:17.0389 4676 Wecsvc - ok
13:43:17.0405 4676 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:43:17.0436 4676 wercplsupport - ok
13:43:17.0452 4676 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:43:17.0452 4676 WerSvc - ok
13:43:17.0467 4676 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:43:17.0499 4676 WfpLwf - ok
13:43:17.0514 4676 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:43:17.0577 4676 WIMMount - ok
13:43:17.0608 4676 WinDefend - ok
13:43:17.0624 4676 WinHttpAutoProxySvc - ok
13:43:17.0670 4676 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:43:17.0702 4676 Winmgmt - ok
13:43:17.0780 4676 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:43:17.0999 4676 WinRM - ok
13:43:18.0030 4676 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:43:18.0061 4676 WinUsb - ok
13:43:18.0108 4676 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:43:18.0202 4676 Wlansvc - ok
13:43:18.0264 4676 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:43:18.0264 4676 wlcrasvc - ok
13:43:18.0436 4676 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:43:18.0452 4676 wlidsvc - ok
13:43:18.0499 4676 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:43:18.0530 4676 WmiAcpi - ok
13:43:18.0561 4676 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:43:18.0592 4676 wmiApSrv - ok
13:43:18.0608 4676 WMPNetworkSvc - ok
13:43:18.0624 4676 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:43:18.0655 4676 WPCSvc - ok
13:43:18.0670 4676 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:43:18.0702 4676 WPDBusEnum - ok
13:43:18.0702 4676 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:43:18.0733 4676 ws2ifsl - ok
13:43:18.0749 4676 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
13:43:18.0780 4676 wscsvc - ok
13:43:18.0780 4676 WSearch - ok
13:43:18.0874 4676 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:43:19.0124 4676 wuauserv - ok
13:43:19.0155 4676 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:43:19.0202 4676 WudfPf - ok
13:43:19.0217 4676 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:43:19.0280 4676 WUDFRd - ok
13:43:19.0295 4676 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:43:19.0374 4676 wudfsvc - ok
13:43:19.0405 4676 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:43:19.0467 4676 WwanSvc - ok
13:43:19.0467 4676 ================ Scan global ===============================
13:43:19.0499 4676 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:43:19.0561 4676 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:43:19.0624 4676 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:43:19.0639 4676 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:43:19.0702 4676 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:43:19.0702 4676 [Global] - ok
13:43:19.0702 4676 ================ Scan MBR ==================================
13:43:19.0733 4676 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:43:19.0983 4676 \Device\Harddisk0\DR0 - ok
13:43:19.0983 4676 ================ Scan VBR ==================================
13:43:20.0030 4676 [ 6B2F7788391DF0A3C0195D477E73D08D ] \Device\Harddisk0\DR0\Partition1
13:43:20.0030 4676 \Device\Harddisk0\DR0\Partition1 - ok
13:43:20.0061 4676 [ CCD2DAB5652F45B6A844CC57ED66382B ] \Device\Harddisk0\DR0\Partition2
13:43:20.0077 4676 \Device\Harddisk0\DR0\Partition2 - ok
13:43:20.0092 4676 [ E7287CA5A931B3A528B8D84C452DB15A ] \Device\Harddisk0\DR0\Partition3
13:43:20.0124 4676 \Device\Harddisk0\DR0\Partition3 - ok
13:43:20.0155 4676 [ 914F1BD2D5C0D31D3C839D3B1B92B285 ] \Device\Harddisk0\DR0\Partition4
13:43:20.0170 4676 \Device\Harddisk0\DR0\Partition4 - ok
13:43:20.0170 4676 ============================================================
13:43:20.0170 4676 Scan finished
13:43:20.0170 4676 ============================================================
13:43:20.0186 3652 Detected object count: 1
13:43:20.0186 3652 Actual detected object count: 1
13:44:53.0106 3652 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
13:44:53.0168 3652 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
zatím děkuji
stp
aplikoval jsem tdsskiller, log níže:
13:42:36.0045 3692 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:42:36.0202 3692 ============================================================
13:42:36.0202 3692 Current date / time: 2012/09/10 13:42:36.0202
13:42:36.0202 3692 SystemInfo:
13:42:36.0202 3692
13:42:36.0202 3692 OS Version: 6.1.7601 ServicePack: 1.0
13:42:36.0202 3692 Product type: Workstation
13:42:36.0202 3692 ComputerName: STP
13:42:36.0202 3692 UserName: steepee
13:42:36.0202 3692 Windows directory: C:\Windows
13:42:36.0202 3692 System windows directory: C:\Windows
13:42:36.0202 3692 Running under WOW64
13:42:36.0202 3692 Processor architecture: Intel x64
13:42:36.0202 3692 Number of processors: 2
13:42:36.0202 3692 Page size: 0x1000
13:42:36.0202 3692 Boot type: Normal boot
13:42:36.0202 3692 ============================================================
13:42:37.0717 3692 Drive \Device\Harddisk0\DR0 - Size: 0x15D50E50000 (1397.26 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:42:37.0733 3692 ============================================================
13:42:37.0733 3692 \Device\Harddisk0\DR0:
13:42:37.0733 3692 MBR partitions:
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x249BD800
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x249F0000, BlocksNum 0x4F588000
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x73F78000, BlocksNum 0x3AB0E800
13:42:37.0733 3692 ============================================================
13:42:37.0764 3692 C: <-> \Device\Harddisk0\DR0\Partition2
13:42:37.0811 3692 D: <-> \Device\Harddisk0\DR0\Partition3
13:42:37.0874 3692 E: <-> \Device\Harddisk0\DR0\Partition4
13:42:37.0874 3692 ============================================================
13:42:37.0874 3692 Initialize success
13:42:37.0874 3692 ============================================================
13:42:40.0874 4676 ============================================================
13:42:40.0874 4676 Scan started
13:42:40.0874 4676 Mode: Manual;
13:42:40.0874 4676 ============================================================
13:42:42.0264 4676 ================ Scan system memory ========================
13:42:42.0264 4676 System memory - ok
13:42:42.0264 4676 ================ Scan services =============================
13:42:42.0452 4676 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:42:42.0545 4676 1394ohci - ok
13:42:42.0561 4676 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:42:42.0608 4676 ACPI - ok
13:42:42.0608 4676 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:42:42.0655 4676 AcpiPmi - ok
13:42:42.0686 4676 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:42:42.0764 4676 adp94xx - ok
13:42:42.0827 4676 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:42:42.0936 4676 adpahci - ok
13:42:42.0952 4676 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:42:42.0983 4676 adpu320 - ok
13:42:42.0999 4676 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:42:42.0999 4676 AeLookupSvc - ok
13:42:43.0061 4676 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:42:43.0124 4676 AFD - ok
13:42:43.0139 4676 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:42:43.0217 4676 agp440 - ok
13:42:43.0233 4676 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:42:43.0264 4676 ALG - ok
13:42:43.0280 4676 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:42:43.0327 4676 aliide - ok
13:42:43.0342 4676 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:42:43.0389 4676 amdide - ok
13:42:43.0420 4676 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:42:43.0452 4676 AmdK8 - ok
13:42:43.0467 4676 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:42:43.0577 4676 AmdPPM - ok
13:42:43.0624 4676 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:42:43.0686 4676 amdsata - ok
13:42:43.0702 4676 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:42:43.0749 4676 amdsbs - ok
13:42:43.0780 4676 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:42:43.0811 4676 amdxata - ok
13:42:43.0827 4676 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:42:43.0874 4676 AppID - ok
13:42:43.0889 4676 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:42:43.0905 4676 AppIDSvc - ok
13:42:43.0920 4676 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:42:43.0936 4676 Appinfo - ok
13:42:43.0952 4676 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:42:43.0999 4676 AppMgmt - ok
13:42:44.0014 4676 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
13:42:44.0061 4676 arc - ok
13:42:44.0077 4676 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:42:44.0124 4676 arcsas - ok
13:42:44.0217 4676 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:42:44.0233 4676 aspnet_state - ok
13:42:44.0280 4676 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:42:44.0327 4676 AsyncMac - ok
13:42:44.0327 4676 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:42:44.0374 4676 atapi - ok
13:42:44.0436 4676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:42:44.0514 4676 AudioEndpointBuilder - ok
13:42:44.0545 4676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:42:44.0561 4676 AudioSrv - ok
13:42:44.0670 4676 [ 1992C2A1867D95AA3A0802539358D162 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
13:42:44.0670 4676 Autodesk Content Service - ok
13:42:44.0764 4676 [ 9F29157695EE58875B06724743CE9C42 ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
13:42:44.0764 4676 Autodesk Licensing Service - ok
13:42:44.0795 4676 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:42:44.0874 4676 AxInstSV - ok
13:42:44.0936 4676 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:42:44.0983 4676 b06bdrv - ok
13:42:45.0014 4676 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:42:45.0077 4676 b57nd60a - ok
13:42:45.0092 4676 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:42:45.0124 4676 BDESVC - ok
13:42:45.0124 4676 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:42:45.0139 4676 Beep - ok
13:42:45.0186 4676 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:42:45.0264 4676 BFE - ok
13:42:45.0374 4676 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
13:42:45.0530 4676 BITS - ok
13:42:45.0530 4676 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:42:45.0561 4676 blbdrive - ok
13:42:45.0608 4676 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:42:45.0702 4676 bowser - ok
13:42:45.0749 4676 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:42:45.0764 4676 BrFiltLo - ok
13:42:45.0780 4676 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:42:45.0811 4676 BrFiltUp - ok
13:42:45.0811 4676 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:42:45.0858 4676 BridgeMP - ok
13:42:45.0874 4676 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:42:45.0952 4676 Browser - ok
13:42:45.0983 4676 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:42:46.0045 4676 Brserid - ok
13:42:46.0061 4676 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:42:46.0124 4676 BrSerWdm - ok
13:42:46.0124 4676 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:42:46.0170 4676 BrUsbMdm - ok
13:42:46.0186 4676 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:42:46.0217 4676 BrUsbSer - ok
13:42:46.0233 4676 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:42:46.0280 4676 BTHMODEM - ok
13:42:46.0295 4676 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:42:46.0327 4676 bthserv - ok
13:42:46.0358 4676 catchme - ok
13:42:46.0374 4676 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:42:46.0405 4676 cdfs - ok
13:42:46.0420 4676 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:42:46.0561 4676 cdrom - ok
13:42:46.0592 4676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:42:46.0624 4676 CertPropSvc - ok
13:42:46.0655 4676 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
13:42:46.0686 4676 circlass - ok
13:42:46.0717 4676 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:42:46.0795 4676 CLFS - ok
13:42:46.0874 4676 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:42:46.0874 4676 clr_optimization_v2.0.50727_32 - ok
13:42:46.0920 4676 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:42:46.0920 4676 clr_optimization_v2.0.50727_64 - ok
13:42:46.0999 4676 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:42:47.0014 4676 clr_optimization_v4.0.30319_32 - ok
13:42:47.0030 4676 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:42:47.0030 4676 clr_optimization_v4.0.30319_64 - ok
13:42:47.0061 4676 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:42:47.0108 4676 CmBatt - ok
13:42:47.0124 4676 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:42:47.0170 4676 cmdide - ok
13:42:47.0202 4676 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:42:47.0280 4676 CNG - ok
13:42:47.0280 4676 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:42:47.0311 4676 Compbatt - ok
13:42:47.0327 4676 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:42:47.0358 4676 CompositeBus - ok
13:42:47.0374 4676 COMSysApp - ok
13:42:47.0389 4676 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:42:47.0405 4676 crcdisk - ok
13:42:47.0436 4676 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:42:47.0530 4676 CryptSvc - ok
13:42:47.0577 4676 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
13:42:47.0670 4676 CSC - ok
13:42:47.0702 4676 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
13:42:47.0764 4676 CscService - ok
13:42:47.0842 4676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:42:47.0858 4676 DcomLaunch - ok
13:42:47.0920 4676 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:42:47.0967 4676 defragsvc - ok
13:42:47.0983 4676 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:42:48.0014 4676 DfsC - ok
13:42:48.0045 4676 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:42:48.0045 4676 Dhcp - ok
13:42:48.0061 4676 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:42:48.0108 4676 discache - ok
13:42:48.0124 4676 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
13:42:48.0170 4676 Disk - ok
13:42:48.0186 4676 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
13:42:48.0264 4676 dmvsc - ok
13:42:48.0295 4676 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:42:48.0358 4676 Dnscache - ok
13:42:48.0374 4676 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:42:48.0420 4676 dot3svc - ok
13:42:48.0436 4676 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:42:48.0467 4676 DPS - ok
13:42:48.0514 4676 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:42:48.0545 4676 drmkaud - ok
13:42:48.0592 4676 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:42:48.0670 4676 DXGKrnl - ok
13:42:48.0749 4676 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
13:42:48.0889 4676 eamonm - ok
13:42:48.0905 4676 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:42:48.0936 4676 EapHost - ok
13:42:49.0014 4676 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:42:49.0280 4676 ebdrv - ok
13:42:49.0311 4676 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:42:49.0342 4676 EFS - ok
13:42:49.0405 4676 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
13:42:49.0452 4676 ehdrv - ok
13:42:49.0530 4676 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:42:49.0530 4676 ehRecvr - ok
13:42:49.0545 4676 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:42:49.0545 4676 ehSched - ok
13:42:49.0702 4676 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
13:42:49.0702 4676 ekrn - ok
13:42:49.0749 4676 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:42:49.0827 4676 elxstor - ok
13:42:49.0842 4676 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
13:42:50.0717 4676 epfwwfpr - ok
13:42:50.0733 4676 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:42:50.0811 4676 ErrDev - ok
13:42:50.0889 4676 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:42:50.0889 4676 EventSystem - ok
13:42:50.0920 4676 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:42:50.0983 4676 exfat - ok
13:42:50.0999 4676 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:42:51.0045 4676 fastfat - ok
13:42:51.0108 4676 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:42:51.0202 4676 Fax - ok
13:42:51.0217 4676 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
13:42:51.0264 4676 fdc - ok
13:42:51.0311 4676 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:42:51.0358 4676 fdPHost - ok
13:42:51.0374 4676 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:42:51.0405 4676 FDResPub - ok
13:42:51.0420 4676 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:42:51.0452 4676 FileInfo - ok
13:42:51.0467 4676 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:42:51.0514 4676 Filetrace - ok
13:42:51.0639 4676 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:42:51.0655 4676 FLEXnet Licensing Service - ok
13:42:51.0717 4676 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
13:42:51.0733 4676 FLEXnet Licensing Service 64 - ok
13:42:51.0749 4676 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:42:51.0780 4676 flpydisk - ok
13:42:51.0811 4676 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:42:51.0889 4676 FltMgr - ok
13:42:51.0936 4676 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:42:52.0014 4676 FontCache - ok
13:42:52.0061 4676 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:42:52.0061 4676 FontCache3.0.0.0 - ok
13:42:52.0077 4676 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:42:52.0124 4676 FsDepends - ok
13:42:52.0139 4676 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:42:52.0170 4676 Fs_Rec - ok
13:42:52.0217 4676 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:42:52.0342 4676 fvevol - ok
13:42:52.0358 4676 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:42:52.0420 4676 gagp30kx - ok
13:42:52.0467 4676 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:42:52.0545 4676 gpsvc - ok
13:42:52.0545 4676 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:42:52.0577 4676 hcw85cir - ok
13:42:52.0639 4676 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:42:52.0733 4676 HdAudAddService - ok
13:42:52.0749 4676 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:42:52.0780 4676 HDAudBus - ok
13:42:52.0811 4676 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:42:52.0858 4676 HidBatt - ok
13:42:52.0889 4676 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:42:52.0936 4676 HidBth - ok
13:42:52.0952 4676 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:42:53.0014 4676 HidIr - ok
13:42:53.0045 4676 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
13:42:53.0077 4676 hidserv - ok
13:42:53.0092 4676 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:42:53.0124 4676 HidUsb - ok
13:42:53.0139 4676 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:42:53.0170 4676 hkmsvc - ok
13:42:53.0186 4676 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:42:53.0233 4676 HomeGroupListener - ok
13:42:53.0264 4676 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:42:53.0358 4676 HomeGroupProvider - ok
13:42:53.0436 4676 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:42:53.0452 4676 hpqcxs08 - ok
13:42:53.0483 4676 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:42:53.0514 4676 HpSAMD - ok
13:42:53.0545 4676 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:42:53.0624 4676 HTTP - ok
13:42:53.0624 4676 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:42:53.0670 4676 hwpolicy - ok
13:42:53.0686 4676 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:42:53.0717 4676 i8042prt - ok
13:42:53.0764 4676 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:42:53.0842 4676 iaStorV - ok
13:42:53.0920 4676 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:42:53.0936 4676 idsvc - ok
13:42:53.0967 4676 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:42:53.0999 4676 iirsp - ok
13:42:54.0061 4676 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:42:54.0155 4676 IKEEXT - ok
13:42:54.0170 4676 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:42:54.0217 4676 intelide - ok
13:42:54.0249 4676 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
13:42:54.0295 4676 intelppm - ok
13:42:54.0311 4676 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:42:54.0342 4676 IPBusEnum - ok
13:42:54.0358 4676 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:42:54.0389 4676 IpFilterDriver - ok
13:42:54.0420 4676 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:42:54.0561 4676 iphlpsvc - ok
13:42:54.0577 4676 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:42:54.0624 4676 IPMIDRV - ok
13:42:54.0639 4676 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:42:54.0686 4676 IPNAT - ok
13:42:54.0686 4676 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:42:54.0717 4676 IRENUM - ok
13:42:54.0733 4676 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:42:54.0780 4676 isapnp - ok
13:42:54.0811 4676 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:42:54.0936 4676 iScsiPrt - ok
13:42:54.0952 4676 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:42:54.0983 4676 kbdclass - ok
13:42:55.0014 4676 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:42:55.0045 4676 kbdhid - ok
13:42:55.0061 4676 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:42:55.0061 4676 KeyIso - ok
13:42:55.0077 4676 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:42:55.0108 4676 KSecDD - ok
13:42:55.0124 4676 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:42:55.0155 4676 KSecPkg - ok
13:42:55.0170 4676 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:42:55.0202 4676 ksthunk - ok
13:42:55.0217 4676 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:42:55.0264 4676 KtmRm - ok
13:42:55.0327 4676 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:42:55.0405 4676 LanmanServer - ok
13:42:55.0467 4676 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:42:55.0514 4676 LanmanWorkstation - ok
13:42:55.0561 4676 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:42:55.0592 4676 lltdio - ok
13:42:55.0639 4676 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:42:55.0686 4676 lltdsvc - ok
13:42:55.0702 4676 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:42:55.0717 4676 lmhosts - ok
13:42:55.0749 4676 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:42:55.0795 4676 LSI_FC - ok
13:42:55.0811 4676 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:42:55.0858 4676 LSI_SAS - ok
13:42:55.0874 4676 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:42:55.0920 4676 LSI_SAS2 - ok
13:42:55.0936 4676 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:42:55.0983 4676 LSI_SCSI - ok
13:42:55.0999 4676 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:42:56.0030 4676 luafv - ok
13:42:56.0045 4676 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:42:56.0061 4676 Mcx2Svc - ok
13:42:56.0077 4676 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
13:42:56.0124 4676 megasas - ok
13:42:56.0155 4676 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:42:56.0217 4676 MegaSR - ok
13:42:56.0233 4676 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:42:56.0249 4676 MMCSS - ok
13:42:56.0280 4676 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:42:56.0311 4676 Modem - ok
13:42:56.0374 4676 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:42:56.0452 4676 monitor - ok
13:42:56.0483 4676 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:42:56.0499 4676 mouclass - ok
13:42:56.0514 4676 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:42:56.0545 4676 mouhid - ok
13:42:56.0561 4676 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:42:56.0592 4676 mountmgr - ok
13:42:56.0608 4676 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:42:56.0655 4676 mpio - ok
13:42:56.0670 4676 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:42:56.0702 4676 mpsdrv - ok
13:42:56.0749 4676 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:42:56.0827 4676 MpsSvc - ok
13:42:56.0842 4676 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:42:56.0874 4676 MRxDAV - ok
13:42:56.0905 4676 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:42:56.0936 4676 mrxsmb - ok
13:42:56.0967 4676 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:42:57.0030 4676 mrxsmb10 - ok
13:42:57.0045 4676 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:42:57.0108 4676 mrxsmb20 - ok
13:42:57.0139 4676 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:42:57.0217 4676 msahci - ok
13:42:57.0249 4676 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:42:57.0295 4676 msdsm - ok
13:42:57.0311 4676 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:42:57.0342 4676 MSDTC - ok
13:42:57.0374 4676 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:42:57.0405 4676 Msfs - ok
13:42:57.0420 4676 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:42:57.0452 4676 mshidkmdf - ok
13:42:57.0452 4676 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:42:57.0499 4676 msisadrv - ok
13:42:57.0499 4676 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:42:57.0530 4676 MSiSCSI - ok
13:42:57.0545 4676 msiserver - ok
13:42:57.0577 4676 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:42:57.0608 4676 MSKSSRV - ok
13:42:57.0624 4676 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:42:57.0655 4676 MSPCLOCK - ok
13:42:57.0670 4676 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:42:57.0717 4676 MSPQM - ok
13:42:57.0733 4676 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:42:57.0795 4676 MsRPC - ok
13:42:57.0811 4676 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:42:57.0874 4676 mssmbios - ok
13:42:57.0889 4676 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:42:57.0936 4676 MSTEE - ok
13:42:57.0952 4676 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:42:57.0983 4676 MTConfig - ok
13:42:57.0999 4676 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:42:58.0030 4676 Mup - ok
13:42:58.0092 4676 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:42:58.0155 4676 napagent - ok
13:42:58.0233 4676 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:42:58.0311 4676 NativeWifiP - ok
13:42:58.0342 4676 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:42:58.0420 4676 NDIS - ok
13:42:58.0452 4676 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:42:58.0483 4676 NdisCap - ok
13:42:58.0514 4676 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:42:58.0561 4676 NdisTapi - ok
13:42:58.0592 4676 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:42:58.0655 4676 Ndisuio - ok
13:42:58.0670 4676 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:42:58.0717 4676 NdisWan - ok
13:42:58.0733 4676 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:42:58.0780 4676 NDProxy - ok
13:42:58.0795 4676 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:42:58.0827 4676 NetBIOS - ok
13:42:58.0842 4676 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:42:58.0905 4676 NetBT - ok
13:42:58.0952 4676 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:42:58.0952 4676 Netlogon - ok
13:42:59.0030 4676 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:42:59.0124 4676 Netman - ok
13:42:59.0170 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0170 4676 NetMsmqActivator - ok
13:42:59.0170 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0186 4676 NetPipeActivator - ok
13:42:59.0233 4676 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:42:59.0280 4676 netprofm - ok
13:42:59.0280 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0280 4676 NetTcpActivator - ok
13:42:59.0311 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0311 4676 NetTcpPortSharing - ok
13:42:59.0327 4676 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:42:59.0374 4676 nfrd960 - ok
13:42:59.0420 4676 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:42:59.0499 4676 NlaSvc - ok
13:42:59.0530 4676 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:42:59.0577 4676 Npfs - ok
13:42:59.0592 4676 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:42:59.0624 4676 nsi - ok
13:42:59.0624 4676 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:42:59.0655 4676 nsiproxy - ok
13:42:59.0733 4676 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:42:59.0858 4676 Ntfs - ok
13:42:59.0889 4676 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:42:59.0920 4676 Null - ok
13:42:59.0967 4676 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
13:43:00.0077 4676 NVENETFD - ok
13:43:00.0342 4676 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:43:01.0217 4676 nvlddmkm - ok
13:43:01.0249 4676 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:43:01.0327 4676 nvraid - ok
13:43:01.0358 4676 [ 6F2D9D7F339F0C9EF358793F92BA3393 ] nvrd64 C:\Windows\system32\DRIVERS\nvrd64.sys
13:43:01.0358 4676 nvrd64 - ok
13:43:01.0389 4676 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:43:01.0452 4676 nvstor - ok
13:43:01.0483 4676 [ A1578751D32B2CED76DCA2B20C2B22A5 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
13:43:01.0514 4676 nvstor64 - ok
13:43:01.0577 4676 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:43:01.0577 4676 nvsvc - ok
13:43:01.0670 4676 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:43:01.0858 4676 nvUpdatusService - ok
13:43:01.0920 4676 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:43:02.0014 4676 nv_agp - ok
13:43:02.0092 4676 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:43:02.0092 4676 odserv - ok
13:43:02.0108 4676 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:43:02.0139 4676 ohci1394 - ok
13:43:02.0170 4676 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:43:02.0170 4676 ose - ok
13:43:02.0217 4676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:43:02.0264 4676 p2pimsvc - ok
13:43:02.0295 4676 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:43:02.0405 4676 p2psvc - ok
13:43:02.0420 4676 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:43:02.0467 4676 Parport - ok
13:43:02.0499 4676 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:43:02.0545 4676 partmgr - ok
13:43:02.0577 4676 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:43:02.0655 4676 PcaSvc - ok
13:43:02.0670 4676 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:43:02.0749 4676 pci - ok
13:43:02.0764 4676 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:43:02.0780 4676 pciide - ok
13:43:02.0811 4676 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:43:02.0952 4676 pcmcia - ok
13:43:02.0967 4676 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:43:03.0014 4676 pcw - ok
13:43:03.0045 4676 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:43:03.0108 4676 PEAUTH - ok
13:43:03.0155 4676 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:43:03.0264 4676 PeerDistSvc - ok
13:43:03.0342 4676 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:43:03.0342 4676 PerfHost - ok
13:43:03.0389 4676 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:43:03.0514 4676 pla - ok
13:43:03.0561 4676 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:43:03.0608 4676 PlugPlay - ok
13:43:03.0639 4676 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:43:03.0655 4676 PNRPAutoReg - ok
13:43:03.0655 4676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:43:03.0670 4676 PNRPsvc - ok
13:43:03.0670 4676 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
13:43:03.0702 4676 Point64 - ok
13:43:03.0764 4676 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:43:03.0874 4676 PolicyAgent - ok
13:43:03.0905 4676 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:43:03.0967 4676 Power - ok
13:43:03.0983 4676 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:43:04.0045 4676 PptpMiniport - ok
13:43:04.0061 4676 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
13:43:04.0092 4676 Processor - ok
13:43:04.0139 4676 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:43:04.0186 4676 ProfSvc - ok
13:43:04.0202 4676 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:43:04.0202 4676 ProtectedStorage - ok
13:43:04.0217 4676 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:43:04.0264 4676 Psched - ok
13:43:04.0295 4676 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:43:04.0420 4676 ql2300 - ok
13:43:04.0452 4676 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:43:04.0499 4676 ql40xx - ok
13:43:04.0530 4676 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:43:04.0592 4676 QWAVE - ok
13:43:04.0624 4676 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:43:04.0655 4676 QWAVEdrv - ok
13:43:04.0670 4676 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:43:04.0702 4676 RasAcd - ok
13:43:04.0733 4676 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:43:04.0764 4676 RasAgileVpn - ok
13:43:04.0795 4676 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:43:04.0827 4676 RasAuto - ok
13:43:04.0858 4676 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:43:04.0905 4676 Rasl2tp - ok
13:43:04.0936 4676 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:43:04.0983 4676 RasMan - ok
13:43:04.0999 4676 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:43:05.0670 4676 RasPppoe - ok
13:43:05.0717 4676 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:43:05.0827 4676 RasSstp - ok
13:43:05.0858 4676 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:43:05.0905 4676 rdbss - ok
13:43:05.0920 4676 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:43:05.0967 4676 rdpbus - ok
13:43:05.0983 4676 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:43:06.0014 4676 RDPCDD - ok
13:43:06.0030 4676 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:43:06.0092 4676 RDPDR - ok
13:43:06.0124 4676 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:43:06.0186 4676 RDPENCDD - ok
13:43:06.0202 4676 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:43:06.0233 4676 RDPREFMP - ok
13:43:06.0264 4676 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:43:06.0311 4676 RDPWD - ok
13:43:06.0342 4676 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:43:06.0389 4676 rdyboost - ok
13:43:06.0420 4676 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:43:06.0452 4676 RemoteAccess - ok
13:43:06.0483 4676 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:43:06.0514 4676 RemoteRegistry - ok
13:43:06.0530 4676 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:43:06.0545 4676 RpcEptMapper - ok
13:43:06.0577 4676 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:43:06.0592 4676 RpcLocator - ok
13:43:06.0624 4676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:43:06.0639 4676 RpcSs - ok
13:43:06.0655 4676 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:43:06.0686 4676 rspndr - ok
13:43:06.0717 4676 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:43:06.0749 4676 s3cap - ok
13:43:06.0764 4676 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:43:06.0764 4676 SamSs - ok
13:43:06.0936 4676 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys
13:43:06.0936 4676 SANDRA - ok
13:43:06.0967 4676 [ 0FBDF70E3A8623732EFCDB9E56E79550 ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe
13:43:06.0967 4676 SandraAgentSrv - ok
13:43:06.0999 4676 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:43:07.0061 4676 sbp2port - ok
13:43:07.0077 4676 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:43:07.0124 4676 SCardSvr - ok
13:43:07.0139 4676 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:43:07.0186 4676 scfilter - ok
13:43:07.0217 4676 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:43:07.0311 4676 Schedule - ok
13:43:07.0342 4676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:43:07.0342 4676 SCPolicySvc - ok
13:43:07.0342 4676 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:43:07.0374 4676 SDRSVC - ok
13:43:07.0389 4676 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:43:07.0436 4676 secdrv - ok
13:43:07.0452 4676 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:43:07.0467 4676 seclogon - ok
13:43:07.0499 4676 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
13:43:07.0577 4676 SENS - ok
13:43:07.0592 4676 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:43:07.0624 4676 SensrSvc - ok
13:43:07.0686 4676 [ 255476B54C82A89416EFDF09FD62F107 ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys
13:43:07.0780 4676 Sentinel64 - ok
13:43:07.0795 4676 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
13:43:07.0842 4676 Serenum - ok
13:43:07.0858 4676 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
13:43:07.0920 4676 Serial - ok
13:43:07.0967 4676 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:43:08.0045 4676 sermouse - ok
13:43:08.0092 4676 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:43:08.0124 4676 SessionEnv - ok
13:43:08.0139 4676 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:43:08.0170 4676 sffdisk - ok
13:43:08.0202 4676 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:43:08.0249 4676 sffp_mmc - ok
13:43:08.0249 4676 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:43:08.0264 4676 sffp_sd - ok
13:43:08.0295 4676 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:43:08.0342 4676 sfloppy - ok
13:43:08.0358 4676 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:43:08.0420 4676 SharedAccess - ok
13:43:08.0436 4676 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:43:08.0483 4676 ShellHWDetection - ok
13:43:08.0499 4676 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:43:08.0545 4676 SiSRaid2 - ok
13:43:08.0577 4676 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:43:08.0624 4676 SiSRaid4 - ok
13:43:08.0905 4676 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:43:08.0920 4676 Skype C2C Service - ok
13:43:09.0014 4676 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:43:09.0014 4676 SkypeUpdate - ok
13:43:09.0030 4676 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:43:09.0077 4676 Smb - ok
13:43:09.0108 4676 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:43:09.0139 4676 SNMPTRAP - ok
13:43:09.0170 4676 [ BAECAF8945218EC7390BFE2277406354 ] SNTUSB64 C:\Windows\system32\DRIVERS\SNTUSB64.SYS
13:43:09.0202 4676 SNTUSB64 - ok
13:43:09.0233 4676 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
13:43:09.0264 4676 speedfan - ok
13:43:09.0280 4676 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:43:09.0327 4676 spldr - ok
13:43:09.0389 4676 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:43:09.0499 4676 Spooler - ok
13:43:09.0561 4676 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:43:09.0780 4676 sppsvc - ok
13:43:09.0795 4676 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:43:09.0827 4676 sppuinotify - ok
13:43:09.0874 4676 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
13:43:09.0874 4676 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
13:43:09.0874 4676 sptd ( LockedFile.Multi.Generic ) - warning
13:43:09.0874 4676 sptd - detected LockedFile.Multi.Generic (1)
13:43:09.0905 4676 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:43:09.0999 4676 srv - ok
13:43:10.0014 4676 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:43:10.0077 4676 srv2 - ok
13:43:10.0108 4676 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:43:10.0139 4676 srvnet - ok
13:43:10.0170 4676 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:43:10.0217 4676 SSDPSRV - ok
13:43:10.0233 4676 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:43:10.0264 4676 SstpSvc - ok
13:43:10.0295 4676 [ D21FF3592DAEE244EE8376830A672B52 ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys
13:43:10.0327 4676 ss_bus - ok
13:43:10.0358 4676 [ 451DB3D10E6112E06B4506D4A7BECEC1 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys
13:43:10.0374 4676 ss_mdfl - ok
13:43:10.0389 4676 [ EF40C8A268A5263A0EF48FED8E57CBED ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys
13:43:10.0420 4676 ss_mdm - ok
13:43:10.0545 4676 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:43:10.0561 4676 Stereo Service - ok
13:43:10.0592 4676 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:43:10.0655 4676 stexstor - ok
13:43:10.0686 4676 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:43:10.0795 4676 stisvc - ok
13:43:10.0842 4676 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:43:10.0874 4676 storflt - ok
13:43:10.0905 4676 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
13:43:10.0936 4676 StorSvc - ok
13:43:10.0952 4676 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:43:10.0983 4676 storvsc - ok
13:43:10.0999 4676 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:43:11.0030 4676 swenum - ok
13:43:11.0155 4676 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:43:11.0155 4676 SwitchBoard - ok
13:43:11.0202 4676 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:43:11.0280 4676 swprv - ok
13:43:11.0327 4676 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:43:11.0452 4676 SysMain - ok
13:43:11.0483 4676 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:43:11.0530 4676 TabletInputService - ok
13:43:11.0577 4676 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:43:11.0670 4676 TapiSrv - ok
13:43:11.0717 4676 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:43:11.0780 4676 TBS - ok
13:43:11.0936 4676 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:43:12.0202 4676 Tcpip - ok
13:43:12.0233 4676 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:43:12.0249 4676 TCPIP6 - ok
13:43:12.0280 4676 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:43:12.0311 4676 tcpipreg - ok
13:43:12.0342 4676 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:43:12.0374 4676 TDPIPE - ok
13:43:12.0405 4676 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:43:12.0436 4676 TDTCP - ok
13:43:12.0452 4676 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:43:12.0499 4676 tdx - ok
13:43:12.0592 4676 [ E449211A88BBF6B734DE39140BAF3389 ] Tekla Structures Licensing Service C:\TeklaStructures\License\Server\lmgrd.exe
13:43:12.0624 4676 Tekla Structures Licensing Service - ok
13:43:12.0639 4676 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:43:12.0686 4676 TermDD - ok
13:43:12.0717 4676 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:43:12.0811 4676 TermService - ok
13:43:12.0827 4676 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:43:12.0874 4676 Themes - ok
13:43:12.0889 4676 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:43:12.0905 4676 THREADORDER - ok
13:43:12.0936 4676 [ 83682F469A3D65E8B6F06C28212318BD ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
13:43:12.0952 4676 TomTomHOMEService - ok
13:43:12.0952 4676 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:43:12.0983 4676 TrkWks - ok
13:43:13.0014 4676 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:43:13.0030 4676 TrustedInstaller - ok
13:43:13.0045 4676 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:43:13.0061 4676 tssecsrv - ok
13:43:13.0092 4676 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:43:13.0202 4676 TsUsbFlt - ok
13:43:13.0217 4676 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:43:13.0249 4676 TsUsbGD - ok
13:43:13.0280 4676 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:43:13.0327 4676 tunnel - ok
13:43:13.0358 4676 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:43:13.0389 4676 uagp35 - ok
13:43:13.0420 4676 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:43:13.0467 4676 udfs - ok
13:43:13.0483 4676 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:43:13.0514 4676 UI0Detect - ok
13:43:13.0545 4676 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:43:13.0592 4676 uliagpkx - ok
13:43:13.0624 4676 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:43:13.0733 4676 umbus - ok
13:43:13.0749 4676 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
13:43:13.0858 4676 UmPass - ok
13:43:13.0920 4676 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
13:43:13.0999 4676 UmRdpService - ok
13:43:14.0030 4676 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:43:14.0092 4676 upnphost - ok
13:43:14.0124 4676 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:43:14.0170 4676 USBAAPL64 - ok
13:43:14.0186 4676 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
13:43:14.0233 4676 usbccgp - ok
13:43:14.0264 4676 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:43:14.0327 4676 usbcir - ok
13:43:14.0358 4676 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:43:14.0436 4676 usbehci - ok
13:43:14.0467 4676 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:43:14.0530 4676 usbhub - ok
13:43:14.0545 4676 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:43:14.0577 4676 usbohci - ok
13:43:14.0592 4676 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:43:14.0624 4676 usbprint - ok
13:43:14.0670 4676 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:43:14.0702 4676 usbscan - ok
13:43:14.0717 4676 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:43:14.0764 4676 USBSTOR - ok
13:43:14.0795 4676 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:43:14.0858 4676 usbuhci - ok
13:43:14.0889 4676 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:43:14.0952 4676 UxSms - ok
13:43:14.0983 4676 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:43:14.0983 4676 VaultSvc - ok
13:43:14.0999 4676 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:43:15.0077 4676 vdrvroot - ok
13:43:15.0108 4676 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:43:15.0186 4676 vds - ok
13:43:15.0217 4676 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:43:15.0249 4676 vga - ok
13:43:15.0249 4676 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:43:15.0295 4676 VgaSave - ok
13:43:15.0311 4676 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:43:15.0358 4676 vhdmp - ok
13:43:15.0374 4676 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:43:15.0405 4676 viaide - ok
13:43:15.0420 4676 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:43:15.0499 4676 vmbus - ok
13:43:15.0514 4676 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:43:15.0545 4676 VMBusHID - ok
13:43:15.0561 4676 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:43:15.0608 4676 volmgr - ok
13:43:15.0655 4676 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:43:15.0702 4676 volmgrx - ok
13:43:15.0702 4676 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:43:15.0764 4676 volsnap - ok
13:43:15.0780 4676 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:43:15.0889 4676 vsmraid - ok
13:43:15.0967 4676 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:43:16.0124 4676 VSS - ok
13:43:16.0139 4676 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:43:16.0186 4676 vwifibus - ok
13:43:16.0217 4676 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:43:16.0264 4676 W32Time - ok
13:43:16.0280 4676 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:43:16.0311 4676 WacomPen - ok
13:43:16.0358 4676 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:43:16.0436 4676 WANARP - ok
13:43:16.0452 4676 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:43:16.0452 4676 Wanarpv6 - ok
13:43:16.0514 4676 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:43:16.0639 4676 WatAdminSvc - ok
13:43:16.0686 4676 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:43:16.0827 4676 wbengine - ok
13:43:16.0842 4676 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:43:16.0889 4676 WbioSrvc - ok
13:43:16.0920 4676 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:43:16.0983 4676 wcncsvc - ok
13:43:16.0999 4676 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:43:17.0030 4676 WcsPlugInService - ok
13:43:17.0030 4676 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
13:43:17.0061 4676 Wd - ok
13:43:17.0092 4676 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:43:17.0139 4676 Wdf01000 - ok
13:43:17.0155 4676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:43:17.0186 4676 WdiServiceHost - ok
13:43:17.0186 4676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:43:17.0186 4676 WdiSystemHost - ok
13:43:17.0202 4676 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:43:17.0249 4676 WebClient - ok
13:43:17.0264 4676 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:43:17.0389 4676 Wecsvc - ok
13:43:17.0405 4676 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:43:17.0436 4676 wercplsupport - ok
13:43:17.0452 4676 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:43:17.0452 4676 WerSvc - ok
13:43:17.0467 4676 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:43:17.0499 4676 WfpLwf - ok
13:43:17.0514 4676 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:43:17.0577 4676 WIMMount - ok
13:43:17.0608 4676 WinDefend - ok
13:43:17.0624 4676 WinHttpAutoProxySvc - ok
13:43:17.0670 4676 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:43:17.0702 4676 Winmgmt - ok
13:43:17.0780 4676 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:43:17.0999 4676 WinRM - ok
13:43:18.0030 4676 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:43:18.0061 4676 WinUsb - ok
13:43:18.0108 4676 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:43:18.0202 4676 Wlansvc - ok
13:43:18.0264 4676 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:43:18.0264 4676 wlcrasvc - ok
13:43:18.0436 4676 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:43:18.0452 4676 wlidsvc - ok
13:43:18.0499 4676 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:43:18.0530 4676 WmiAcpi - ok
13:43:18.0561 4676 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:43:18.0592 4676 wmiApSrv - ok
13:43:18.0608 4676 WMPNetworkSvc - ok
13:43:18.0624 4676 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:43:18.0655 4676 WPCSvc - ok
13:43:18.0670 4676 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:43:18.0702 4676 WPDBusEnum - ok
13:43:18.0702 4676 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:43:18.0733 4676 ws2ifsl - ok
13:43:18.0749 4676 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
13:43:18.0780 4676 wscsvc - ok
13:43:18.0780 4676 WSearch - ok
13:43:18.0874 4676 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:43:19.0124 4676 wuauserv - ok
13:43:19.0155 4676 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:43:19.0202 4676 WudfPf - ok
13:43:19.0217 4676 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:43:19.0280 4676 WUDFRd - ok
13:43:19.0295 4676 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:43:19.0374 4676 wudfsvc - ok
13:43:19.0405 4676 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:43:19.0467 4676 WwanSvc - ok
13:43:19.0467 4676 ================ Scan global ===============================
13:43:19.0499 4676 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:43:19.0561 4676 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:43:19.0624 4676 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:43:19.0639 4676 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:43:19.0702 4676 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:43:19.0702 4676 [Global] - ok
13:43:19.0702 4676 ================ Scan MBR ==================================
13:43:19.0733 4676 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:43:19.0983 4676 \Device\Harddisk0\DR0 - ok
13:43:19.0983 4676 ================ Scan VBR ==================================
13:43:20.0030 4676 [ 6B2F7788391DF0A3C0195D477E73D08D ] \Device\Harddisk0\DR0\Partition1
13:43:20.0030 4676 \Device\Harddisk0\DR0\Partition1 - ok
13:43:20.0061 4676 [ CCD2DAB5652F45B6A844CC57ED66382B ] \Device\Harddisk0\DR0\Partition2
13:43:20.0077 4676 \Device\Harddisk0\DR0\Partition2 - ok
13:43:20.0092 4676 [ E7287CA5A931B3A528B8D84C452DB15A ] \Device\Harddisk0\DR0\Partition3
13:43:20.0124 4676 \Device\Harddisk0\DR0\Partition3 - ok
13:43:20.0155 4676 [ 914F1BD2D5C0D31D3C839D3B1B92B285 ] \Device\Harddisk0\DR0\Partition4
13:43:20.0170 4676 \Device\Harddisk0\DR0\Partition4 - ok
13:43:20.0170 4676 ============================================================
13:43:20.0170 4676 Scan finished
13:43:20.0170 4676 ============================================================
13:43:20.0186 3652 Detected object count: 1
13:43:20.0186 3652 Actual detected object count: 1
13:44:53.0106 3652 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
13:44:53.0168 3652 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
zatím děkuji
stp
Re: trojsky kun Ponmocup.AA
Dobrý den,
aplikoval jsem tdsskiller, log níže:
13:42:36.0045 3692 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:42:36.0202 3692 ============================================================
13:42:36.0202 3692 Current date / time: 2012/09/10 13:42:36.0202
13:42:36.0202 3692 SystemInfo:
13:42:36.0202 3692
13:42:36.0202 3692 OS Version: 6.1.7601 ServicePack: 1.0
13:42:36.0202 3692 Product type: Workstation
13:42:36.0202 3692 ComputerName: STP
13:42:36.0202 3692 UserName: steepee
13:42:36.0202 3692 Windows directory: C:\Windows
13:42:36.0202 3692 System windows directory: C:\Windows
13:42:36.0202 3692 Running under WOW64
13:42:36.0202 3692 Processor architecture: Intel x64
13:42:36.0202 3692 Number of processors: 2
13:42:36.0202 3692 Page size: 0x1000
13:42:36.0202 3692 Boot type: Normal boot
13:42:36.0202 3692 ============================================================
13:42:37.0717 3692 Drive \Device\Harddisk0\DR0 - Size: 0x15D50E50000 (1397.26 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:42:37.0733 3692 ============================================================
13:42:37.0733 3692 \Device\Harddisk0\DR0:
13:42:37.0733 3692 MBR partitions:
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x249BD800
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x249F0000, BlocksNum 0x4F588000
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x73F78000, BlocksNum 0x3AB0E800
13:42:37.0733 3692 ============================================================
13:42:37.0764 3692 C: <-> \Device\Harddisk0\DR0\Partition2
13:42:37.0811 3692 D: <-> \Device\Harddisk0\DR0\Partition3
13:42:37.0874 3692 E: <-> \Device\Harddisk0\DR0\Partition4
13:42:37.0874 3692 ============================================================
13:42:37.0874 3692 Initialize success
13:42:37.0874 3692 ============================================================
13:42:40.0874 4676 ============================================================
13:42:40.0874 4676 Scan started
13:42:40.0874 4676 Mode: Manual;
13:42:40.0874 4676 ============================================================
13:42:42.0264 4676 ================ Scan system memory ========================
13:42:42.0264 4676 System memory - ok
13:42:42.0264 4676 ================ Scan services =============================
13:42:42.0452 4676 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:42:42.0545 4676 1394ohci - ok
13:42:42.0561 4676 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:42:42.0608 4676 ACPI - ok
13:42:42.0608 4676 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:42:42.0655 4676 AcpiPmi - ok
13:42:42.0686 4676 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:42:42.0764 4676 adp94xx - ok
13:42:42.0827 4676 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:42:42.0936 4676 adpahci - ok
13:42:42.0952 4676 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:42:42.0983 4676 adpu320 - ok
13:42:42.0999 4676 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:42:42.0999 4676 AeLookupSvc - ok
13:42:43.0061 4676 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:42:43.0124 4676 AFD - ok
13:42:43.0139 4676 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:42:43.0217 4676 agp440 - ok
13:42:43.0233 4676 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:42:43.0264 4676 ALG - ok
13:42:43.0280 4676 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:42:43.0327 4676 aliide - ok
13:42:43.0342 4676 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:42:43.0389 4676 amdide - ok
13:42:43.0420 4676 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:42:43.0452 4676 AmdK8 - ok
13:42:43.0467 4676 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:42:43.0577 4676 AmdPPM - ok
13:42:43.0624 4676 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:42:43.0686 4676 amdsata - ok
13:42:43.0702 4676 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:42:43.0749 4676 amdsbs - ok
13:42:43.0780 4676 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:42:43.0811 4676 amdxata - ok
13:42:43.0827 4676 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:42:43.0874 4676 AppID - ok
13:42:43.0889 4676 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:42:43.0905 4676 AppIDSvc - ok
13:42:43.0920 4676 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:42:43.0936 4676 Appinfo - ok
13:42:43.0952 4676 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:42:43.0999 4676 AppMgmt - ok
13:42:44.0014 4676 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
13:42:44.0061 4676 arc - ok
13:42:44.0077 4676 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:42:44.0124 4676 arcsas - ok
13:42:44.0217 4676 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:42:44.0233 4676 aspnet_state - ok
13:42:44.0280 4676 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:42:44.0327 4676 AsyncMac - ok
13:42:44.0327 4676 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:42:44.0374 4676 atapi - ok
13:42:44.0436 4676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:42:44.0514 4676 AudioEndpointBuilder - ok
13:42:44.0545 4676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:42:44.0561 4676 AudioSrv - ok
13:42:44.0670 4676 [ 1992C2A1867D95AA3A0802539358D162 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
13:42:44.0670 4676 Autodesk Content Service - ok
13:42:44.0764 4676 [ 9F29157695EE58875B06724743CE9C42 ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
13:42:44.0764 4676 Autodesk Licensing Service - ok
13:42:44.0795 4676 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:42:44.0874 4676 AxInstSV - ok
13:42:44.0936 4676 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:42:44.0983 4676 b06bdrv - ok
13:42:45.0014 4676 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:42:45.0077 4676 b57nd60a - ok
13:42:45.0092 4676 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:42:45.0124 4676 BDESVC - ok
13:42:45.0124 4676 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:42:45.0139 4676 Beep - ok
13:42:45.0186 4676 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:42:45.0264 4676 BFE - ok
13:42:45.0374 4676 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
13:42:45.0530 4676 BITS - ok
13:42:45.0530 4676 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:42:45.0561 4676 blbdrive - ok
13:42:45.0608 4676 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:42:45.0702 4676 bowser - ok
13:42:45.0749 4676 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:42:45.0764 4676 BrFiltLo - ok
13:42:45.0780 4676 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:42:45.0811 4676 BrFiltUp - ok
13:42:45.0811 4676 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:42:45.0858 4676 BridgeMP - ok
13:42:45.0874 4676 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:42:45.0952 4676 Browser - ok
13:42:45.0983 4676 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:42:46.0045 4676 Brserid - ok
13:42:46.0061 4676 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:42:46.0124 4676 BrSerWdm - ok
13:42:46.0124 4676 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:42:46.0170 4676 BrUsbMdm - ok
13:42:46.0186 4676 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:42:46.0217 4676 BrUsbSer - ok
13:42:46.0233 4676 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:42:46.0280 4676 BTHMODEM - ok
13:42:46.0295 4676 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:42:46.0327 4676 bthserv - ok
13:42:46.0358 4676 catchme - ok
13:42:46.0374 4676 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:42:46.0405 4676 cdfs - ok
13:42:46.0420 4676 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:42:46.0561 4676 cdrom - ok
13:42:46.0592 4676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:42:46.0624 4676 CertPropSvc - ok
13:42:46.0655 4676 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
13:42:46.0686 4676 circlass - ok
13:42:46.0717 4676 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:42:46.0795 4676 CLFS - ok
13:42:46.0874 4676 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:42:46.0874 4676 clr_optimization_v2.0.50727_32 - ok
13:42:46.0920 4676 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:42:46.0920 4676 clr_optimization_v2.0.50727_64 - ok
13:42:46.0999 4676 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:42:47.0014 4676 clr_optimization_v4.0.30319_32 - ok
13:42:47.0030 4676 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:42:47.0030 4676 clr_optimization_v4.0.30319_64 - ok
13:42:47.0061 4676 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:42:47.0108 4676 CmBatt - ok
13:42:47.0124 4676 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:42:47.0170 4676 cmdide - ok
13:42:47.0202 4676 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:42:47.0280 4676 CNG - ok
13:42:47.0280 4676 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:42:47.0311 4676 Compbatt - ok
13:42:47.0327 4676 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:42:47.0358 4676 CompositeBus - ok
13:42:47.0374 4676 COMSysApp - ok
13:42:47.0389 4676 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:42:47.0405 4676 crcdisk - ok
13:42:47.0436 4676 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:42:47.0530 4676 CryptSvc - ok
13:42:47.0577 4676 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
13:42:47.0670 4676 CSC - ok
13:42:47.0702 4676 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
13:42:47.0764 4676 CscService - ok
13:42:47.0842 4676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:42:47.0858 4676 DcomLaunch - ok
13:42:47.0920 4676 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:42:47.0967 4676 defragsvc - ok
13:42:47.0983 4676 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:42:48.0014 4676 DfsC - ok
13:42:48.0045 4676 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:42:48.0045 4676 Dhcp - ok
13:42:48.0061 4676 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:42:48.0108 4676 discache - ok
13:42:48.0124 4676 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
13:42:48.0170 4676 Disk - ok
13:42:48.0186 4676 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
13:42:48.0264 4676 dmvsc - ok
13:42:48.0295 4676 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:42:48.0358 4676 Dnscache - ok
13:42:48.0374 4676 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:42:48.0420 4676 dot3svc - ok
13:42:48.0436 4676 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:42:48.0467 4676 DPS - ok
13:42:48.0514 4676 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:42:48.0545 4676 drmkaud - ok
13:42:48.0592 4676 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:42:48.0670 4676 DXGKrnl - ok
13:42:48.0749 4676 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
13:42:48.0889 4676 eamonm - ok
13:42:48.0905 4676 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:42:48.0936 4676 EapHost - ok
13:42:49.0014 4676 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:42:49.0280 4676 ebdrv - ok
13:42:49.0311 4676 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:42:49.0342 4676 EFS - ok
13:42:49.0405 4676 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
13:42:49.0452 4676 ehdrv - ok
13:42:49.0530 4676 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:42:49.0530 4676 ehRecvr - ok
13:42:49.0545 4676 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:42:49.0545 4676 ehSched - ok
13:42:49.0702 4676 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
13:42:49.0702 4676 ekrn - ok
13:42:49.0749 4676 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:42:49.0827 4676 elxstor - ok
13:42:49.0842 4676 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
13:42:50.0717 4676 epfwwfpr - ok
13:42:50.0733 4676 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:42:50.0811 4676 ErrDev - ok
13:42:50.0889 4676 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:42:50.0889 4676 EventSystem - ok
13:42:50.0920 4676 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:42:50.0983 4676 exfat - ok
13:42:50.0999 4676 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:42:51.0045 4676 fastfat - ok
13:42:51.0108 4676 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:42:51.0202 4676 Fax - ok
13:42:51.0217 4676 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
13:42:51.0264 4676 fdc - ok
13:42:51.0311 4676 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:42:51.0358 4676 fdPHost - ok
13:42:51.0374 4676 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:42:51.0405 4676 FDResPub - ok
13:42:51.0420 4676 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:42:51.0452 4676 FileInfo - ok
13:42:51.0467 4676 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:42:51.0514 4676 Filetrace - ok
13:42:51.0639 4676 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:42:51.0655 4676 FLEXnet Licensing Service - ok
13:42:51.0717 4676 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
13:42:51.0733 4676 FLEXnet Licensing Service 64 - ok
13:42:51.0749 4676 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:42:51.0780 4676 flpydisk - ok
13:42:51.0811 4676 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:42:51.0889 4676 FltMgr - ok
13:42:51.0936 4676 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:42:52.0014 4676 FontCache - ok
13:42:52.0061 4676 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:42:52.0061 4676 FontCache3.0.0.0 - ok
13:42:52.0077 4676 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:42:52.0124 4676 FsDepends - ok
13:42:52.0139 4676 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:42:52.0170 4676 Fs_Rec - ok
13:42:52.0217 4676 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:42:52.0342 4676 fvevol - ok
13:42:52.0358 4676 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:42:52.0420 4676 gagp30kx - ok
13:42:52.0467 4676 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:42:52.0545 4676 gpsvc - ok
13:42:52.0545 4676 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:42:52.0577 4676 hcw85cir - ok
13:42:52.0639 4676 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:42:52.0733 4676 HdAudAddService - ok
13:42:52.0749 4676 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:42:52.0780 4676 HDAudBus - ok
13:42:52.0811 4676 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:42:52.0858 4676 HidBatt - ok
13:42:52.0889 4676 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:42:52.0936 4676 HidBth - ok
13:42:52.0952 4676 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:42:53.0014 4676 HidIr - ok
13:42:53.0045 4676 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
13:42:53.0077 4676 hidserv - ok
13:42:53.0092 4676 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:42:53.0124 4676 HidUsb - ok
13:42:53.0139 4676 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:42:53.0170 4676 hkmsvc - ok
13:42:53.0186 4676 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:42:53.0233 4676 HomeGroupListener - ok
13:42:53.0264 4676 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:42:53.0358 4676 HomeGroupProvider - ok
13:42:53.0436 4676 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:42:53.0452 4676 hpqcxs08 - ok
13:42:53.0483 4676 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:42:53.0514 4676 HpSAMD - ok
13:42:53.0545 4676 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:42:53.0624 4676 HTTP - ok
13:42:53.0624 4676 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:42:53.0670 4676 hwpolicy - ok
13:42:53.0686 4676 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:42:53.0717 4676 i8042prt - ok
13:42:53.0764 4676 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:42:53.0842 4676 iaStorV - ok
13:42:53.0920 4676 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:42:53.0936 4676 idsvc - ok
13:42:53.0967 4676 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:42:53.0999 4676 iirsp - ok
13:42:54.0061 4676 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:42:54.0155 4676 IKEEXT - ok
13:42:54.0170 4676 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:42:54.0217 4676 intelide - ok
13:42:54.0249 4676 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
13:42:54.0295 4676 intelppm - ok
13:42:54.0311 4676 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:42:54.0342 4676 IPBusEnum - ok
13:42:54.0358 4676 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:42:54.0389 4676 IpFilterDriver - ok
13:42:54.0420 4676 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:42:54.0561 4676 iphlpsvc - ok
13:42:54.0577 4676 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:42:54.0624 4676 IPMIDRV - ok
13:42:54.0639 4676 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:42:54.0686 4676 IPNAT - ok
13:42:54.0686 4676 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:42:54.0717 4676 IRENUM - ok
13:42:54.0733 4676 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:42:54.0780 4676 isapnp - ok
13:42:54.0811 4676 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:42:54.0936 4676 iScsiPrt - ok
13:42:54.0952 4676 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:42:54.0983 4676 kbdclass - ok
13:42:55.0014 4676 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:42:55.0045 4676 kbdhid - ok
13:42:55.0061 4676 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:42:55.0061 4676 KeyIso - ok
13:42:55.0077 4676 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:42:55.0108 4676 KSecDD - ok
13:42:55.0124 4676 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:42:55.0155 4676 KSecPkg - ok
13:42:55.0170 4676 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:42:55.0202 4676 ksthunk - ok
13:42:55.0217 4676 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:42:55.0264 4676 KtmRm - ok
13:42:55.0327 4676 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:42:55.0405 4676 LanmanServer - ok
13:42:55.0467 4676 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:42:55.0514 4676 LanmanWorkstation - ok
13:42:55.0561 4676 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:42:55.0592 4676 lltdio - ok
13:42:55.0639 4676 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:42:55.0686 4676 lltdsvc - ok
13:42:55.0702 4676 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:42:55.0717 4676 lmhosts - ok
13:42:55.0749 4676 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:42:55.0795 4676 LSI_FC - ok
13:42:55.0811 4676 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:42:55.0858 4676 LSI_SAS - ok
13:42:55.0874 4676 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:42:55.0920 4676 LSI_SAS2 - ok
13:42:55.0936 4676 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:42:55.0983 4676 LSI_SCSI - ok
13:42:55.0999 4676 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:42:56.0030 4676 luafv - ok
13:42:56.0045 4676 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:42:56.0061 4676 Mcx2Svc - ok
13:42:56.0077 4676 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
13:42:56.0124 4676 megasas - ok
13:42:56.0155 4676 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:42:56.0217 4676 MegaSR - ok
13:42:56.0233 4676 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:42:56.0249 4676 MMCSS - ok
13:42:56.0280 4676 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:42:56.0311 4676 Modem - ok
13:42:56.0374 4676 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:42:56.0452 4676 monitor - ok
13:42:56.0483 4676 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:42:56.0499 4676 mouclass - ok
13:42:56.0514 4676 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:42:56.0545 4676 mouhid - ok
13:42:56.0561 4676 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:42:56.0592 4676 mountmgr - ok
13:42:56.0608 4676 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:42:56.0655 4676 mpio - ok
13:42:56.0670 4676 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:42:56.0702 4676 mpsdrv - ok
13:42:56.0749 4676 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:42:56.0827 4676 MpsSvc - ok
13:42:56.0842 4676 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:42:56.0874 4676 MRxDAV - ok
13:42:56.0905 4676 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:42:56.0936 4676 mrxsmb - ok
13:42:56.0967 4676 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:42:57.0030 4676 mrxsmb10 - ok
13:42:57.0045 4676 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:42:57.0108 4676 mrxsmb20 - ok
13:42:57.0139 4676 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:42:57.0217 4676 msahci - ok
13:42:57.0249 4676 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:42:57.0295 4676 msdsm - ok
13:42:57.0311 4676 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:42:57.0342 4676 MSDTC - ok
13:42:57.0374 4676 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:42:57.0405 4676 Msfs - ok
13:42:57.0420 4676 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:42:57.0452 4676 mshidkmdf - ok
13:42:57.0452 4676 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:42:57.0499 4676 msisadrv - ok
13:42:57.0499 4676 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:42:57.0530 4676 MSiSCSI - ok
13:42:57.0545 4676 msiserver - ok
13:42:57.0577 4676 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:42:57.0608 4676 MSKSSRV - ok
13:42:57.0624 4676 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:42:57.0655 4676 MSPCLOCK - ok
13:42:57.0670 4676 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:42:57.0717 4676 MSPQM - ok
13:42:57.0733 4676 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:42:57.0795 4676 MsRPC - ok
13:42:57.0811 4676 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:42:57.0874 4676 mssmbios - ok
13:42:57.0889 4676 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:42:57.0936 4676 MSTEE - ok
13:42:57.0952 4676 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:42:57.0983 4676 MTConfig - ok
13:42:57.0999 4676 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:42:58.0030 4676 Mup - ok
13:42:58.0092 4676 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:42:58.0155 4676 napagent - ok
13:42:58.0233 4676 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:42:58.0311 4676 NativeWifiP - ok
13:42:58.0342 4676 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:42:58.0420 4676 NDIS - ok
13:42:58.0452 4676 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:42:58.0483 4676 NdisCap - ok
13:42:58.0514 4676 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:42:58.0561 4676 NdisTapi - ok
13:42:58.0592 4676 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:42:58.0655 4676 Ndisuio - ok
13:42:58.0670 4676 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:42:58.0717 4676 NdisWan - ok
13:42:58.0733 4676 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:42:58.0780 4676 NDProxy - ok
13:42:58.0795 4676 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:42:58.0827 4676 NetBIOS - ok
13:42:58.0842 4676 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:42:58.0905 4676 NetBT - ok
13:42:58.0952 4676 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:42:58.0952 4676 Netlogon - ok
13:42:59.0030 4676 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:42:59.0124 4676 Netman - ok
13:42:59.0170 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0170 4676 NetMsmqActivator - ok
13:42:59.0170 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0186 4676 NetPipeActivator - ok
13:42:59.0233 4676 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:42:59.0280 4676 netprofm - ok
13:42:59.0280 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0280 4676 NetTcpActivator - ok
13:42:59.0311 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0311 4676 NetTcpPortSharing - ok
13:42:59.0327 4676 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:42:59.0374 4676 nfrd960 - ok
13:42:59.0420 4676 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:42:59.0499 4676 NlaSvc - ok
13:42:59.0530 4676 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:42:59.0577 4676 Npfs - ok
13:42:59.0592 4676 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:42:59.0624 4676 nsi - ok
13:42:59.0624 4676 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:42:59.0655 4676 nsiproxy - ok
13:42:59.0733 4676 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:42:59.0858 4676 Ntfs - ok
13:42:59.0889 4676 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:42:59.0920 4676 Null - ok
13:42:59.0967 4676 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
13:43:00.0077 4676 NVENETFD - ok
13:43:00.0342 4676 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:43:01.0217 4676 nvlddmkm - ok
13:43:01.0249 4676 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:43:01.0327 4676 nvraid - ok
13:43:01.0358 4676 [ 6F2D9D7F339F0C9EF358793F92BA3393 ] nvrd64 C:\Windows\system32\DRIVERS\nvrd64.sys
13:43:01.0358 4676 nvrd64 - ok
13:43:01.0389 4676 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:43:01.0452 4676 nvstor - ok
13:43:01.0483 4676 [ A1578751D32B2CED76DCA2B20C2B22A5 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
13:43:01.0514 4676 nvstor64 - ok
13:43:01.0577 4676 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:43:01.0577 4676 nvsvc - ok
13:43:01.0670 4676 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:43:01.0858 4676 nvUpdatusService - ok
13:43:01.0920 4676 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:43:02.0014 4676 nv_agp - ok
13:43:02.0092 4676 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:43:02.0092 4676 odserv - ok
13:43:02.0108 4676 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:43:02.0139 4676 ohci1394 - ok
13:43:02.0170 4676 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:43:02.0170 4676 ose - ok
13:43:02.0217 4676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:43:02.0264 4676 p2pimsvc - ok
13:43:02.0295 4676 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:43:02.0405 4676 p2psvc - ok
13:43:02.0420 4676 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:43:02.0467 4676 Parport - ok
13:43:02.0499 4676 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:43:02.0545 4676 partmgr - ok
13:43:02.0577 4676 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:43:02.0655 4676 PcaSvc - ok
13:43:02.0670 4676 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:43:02.0749 4676 pci - ok
13:43:02.0764 4676 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:43:02.0780 4676 pciide - ok
13:43:02.0811 4676 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:43:02.0952 4676 pcmcia - ok
13:43:02.0967 4676 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:43:03.0014 4676 pcw - ok
13:43:03.0045 4676 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:43:03.0108 4676 PEAUTH - ok
13:43:03.0155 4676 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:43:03.0264 4676 PeerDistSvc - ok
13:43:03.0342 4676 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:43:03.0342 4676 PerfHost - ok
13:43:03.0389 4676 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:43:03.0514 4676 pla - ok
13:43:03.0561 4676 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:43:03.0608 4676 PlugPlay - ok
13:43:03.0639 4676 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:43:03.0655 4676 PNRPAutoReg - ok
13:43:03.0655 4676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:43:03.0670 4676 PNRPsvc - ok
13:43:03.0670 4676 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
13:43:03.0702 4676 Point64 - ok
13:43:03.0764 4676 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:43:03.0874 4676 PolicyAgent - ok
13:43:03.0905 4676 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:43:03.0967 4676 Power - ok
13:43:03.0983 4676 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:43:04.0045 4676 PptpMiniport - ok
13:43:04.0061 4676 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
13:43:04.0092 4676 Processor - ok
13:43:04.0139 4676 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:43:04.0186 4676 ProfSvc - ok
13:43:04.0202 4676 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:43:04.0202 4676 ProtectedStorage - ok
13:43:04.0217 4676 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:43:04.0264 4676 Psched - ok
13:43:04.0295 4676 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:43:04.0420 4676 ql2300 - ok
13:43:04.0452 4676 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:43:04.0499 4676 ql40xx - ok
13:43:04.0530 4676 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:43:04.0592 4676 QWAVE - ok
13:43:04.0624 4676 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:43:04.0655 4676 QWAVEdrv - ok
13:43:04.0670 4676 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:43:04.0702 4676 RasAcd - ok
13:43:04.0733 4676 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:43:04.0764 4676 RasAgileVpn - ok
13:43:04.0795 4676 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:43:04.0827 4676 RasAuto - ok
13:43:04.0858 4676 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:43:04.0905 4676 Rasl2tp - ok
13:43:04.0936 4676 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:43:04.0983 4676 RasMan - ok
13:43:04.0999 4676 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:43:05.0670 4676 RasPppoe - ok
13:43:05.0717 4676 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:43:05.0827 4676 RasSstp - ok
13:43:05.0858 4676 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:43:05.0905 4676 rdbss - ok
13:43:05.0920 4676 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:43:05.0967 4676 rdpbus - ok
13:43:05.0983 4676 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:43:06.0014 4676 RDPCDD - ok
13:43:06.0030 4676 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:43:06.0092 4676 RDPDR - ok
13:43:06.0124 4676 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:43:06.0186 4676 RDPENCDD - ok
13:43:06.0202 4676 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:43:06.0233 4676 RDPREFMP - ok
13:43:06.0264 4676 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:43:06.0311 4676 RDPWD - ok
13:43:06.0342 4676 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:43:06.0389 4676 rdyboost - ok
13:43:06.0420 4676 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:43:06.0452 4676 RemoteAccess - ok
13:43:06.0483 4676 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:43:06.0514 4676 RemoteRegistry - ok
13:43:06.0530 4676 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:43:06.0545 4676 RpcEptMapper - ok
13:43:06.0577 4676 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:43:06.0592 4676 RpcLocator - ok
13:43:06.0624 4676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:43:06.0639 4676 RpcSs - ok
13:43:06.0655 4676 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:43:06.0686 4676 rspndr - ok
13:43:06.0717 4676 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:43:06.0749 4676 s3cap - ok
13:43:06.0764 4676 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:43:06.0764 4676 SamSs - ok
13:43:06.0936 4676 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys
13:43:06.0936 4676 SANDRA - ok
13:43:06.0967 4676 [ 0FBDF70E3A8623732EFCDB9E56E79550 ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe
13:43:06.0967 4676 SandraAgentSrv - ok
13:43:06.0999 4676 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:43:07.0061 4676 sbp2port - ok
13:43:07.0077 4676 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:43:07.0124 4676 SCardSvr - ok
13:43:07.0139 4676 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:43:07.0186 4676 scfilter - ok
13:43:07.0217 4676 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:43:07.0311 4676 Schedule - ok
13:43:07.0342 4676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:43:07.0342 4676 SCPolicySvc - ok
13:43:07.0342 4676 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:43:07.0374 4676 SDRSVC - ok
13:43:07.0389 4676 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:43:07.0436 4676 secdrv - ok
13:43:07.0452 4676 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:43:07.0467 4676 seclogon - ok
13:43:07.0499 4676 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
13:43:07.0577 4676 SENS - ok
13:43:07.0592 4676 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:43:07.0624 4676 SensrSvc - ok
13:43:07.0686 4676 [ 255476B54C82A89416EFDF09FD62F107 ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys
13:43:07.0780 4676 Sentinel64 - ok
13:43:07.0795 4676 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
13:43:07.0842 4676 Serenum - ok
13:43:07.0858 4676 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
13:43:07.0920 4676 Serial - ok
13:43:07.0967 4676 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:43:08.0045 4676 sermouse - ok
13:43:08.0092 4676 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:43:08.0124 4676 SessionEnv - ok
13:43:08.0139 4676 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:43:08.0170 4676 sffdisk - ok
13:43:08.0202 4676 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:43:08.0249 4676 sffp_mmc - ok
13:43:08.0249 4676 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:43:08.0264 4676 sffp_sd - ok
13:43:08.0295 4676 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:43:08.0342 4676 sfloppy - ok
13:43:08.0358 4676 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:43:08.0420 4676 SharedAccess - ok
13:43:08.0436 4676 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:43:08.0483 4676 ShellHWDetection - ok
13:43:08.0499 4676 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:43:08.0545 4676 SiSRaid2 - ok
13:43:08.0577 4676 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:43:08.0624 4676 SiSRaid4 - ok
13:43:08.0905 4676 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:43:08.0920 4676 Skype C2C Service - ok
13:43:09.0014 4676 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:43:09.0014 4676 SkypeUpdate - ok
13:43:09.0030 4676 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:43:09.0077 4676 Smb - ok
13:43:09.0108 4676 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:43:09.0139 4676 SNMPTRAP - ok
13:43:09.0170 4676 [ BAECAF8945218EC7390BFE2277406354 ] SNTUSB64 C:\Windows\system32\DRIVERS\SNTUSB64.SYS
13:43:09.0202 4676 SNTUSB64 - ok
13:43:09.0233 4676 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
13:43:09.0264 4676 speedfan - ok
13:43:09.0280 4676 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:43:09.0327 4676 spldr - ok
13:43:09.0389 4676 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:43:09.0499 4676 Spooler - ok
13:43:09.0561 4676 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:43:09.0780 4676 sppsvc - ok
13:43:09.0795 4676 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:43:09.0827 4676 sppuinotify - ok
13:43:09.0874 4676 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
13:43:09.0874 4676 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
13:43:09.0874 4676 sptd ( LockedFile.Multi.Generic ) - warning
13:43:09.0874 4676 sptd - detected LockedFile.Multi.Generic (1)
13:43:09.0905 4676 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:43:09.0999 4676 srv - ok
13:43:10.0014 4676 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:43:10.0077 4676 srv2 - ok
13:43:10.0108 4676 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:43:10.0139 4676 srvnet - ok
13:43:10.0170 4676 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:43:10.0217 4676 SSDPSRV - ok
13:43:10.0233 4676 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:43:10.0264 4676 SstpSvc - ok
13:43:10.0295 4676 [ D21FF3592DAEE244EE8376830A672B52 ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys
13:43:10.0327 4676 ss_bus - ok
13:43:10.0358 4676 [ 451DB3D10E6112E06B4506D4A7BECEC1 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys
13:43:10.0374 4676 ss_mdfl - ok
13:43:10.0389 4676 [ EF40C8A268A5263A0EF48FED8E57CBED ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys
13:43:10.0420 4676 ss_mdm - ok
13:43:10.0545 4676 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:43:10.0561 4676 Stereo Service - ok
13:43:10.0592 4676 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:43:10.0655 4676 stexstor - ok
13:43:10.0686 4676 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:43:10.0795 4676 stisvc - ok
13:43:10.0842 4676 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:43:10.0874 4676 storflt - ok
13:43:10.0905 4676 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
13:43:10.0936 4676 StorSvc - ok
13:43:10.0952 4676 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:43:10.0983 4676 storvsc - ok
13:43:10.0999 4676 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:43:11.0030 4676 swenum - ok
13:43:11.0155 4676 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:43:11.0155 4676 SwitchBoard - ok
13:43:11.0202 4676 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:43:11.0280 4676 swprv - ok
13:43:11.0327 4676 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:43:11.0452 4676 SysMain - ok
13:43:11.0483 4676 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:43:11.0530 4676 TabletInputService - ok
13:43:11.0577 4676 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:43:11.0670 4676 TapiSrv - ok
13:43:11.0717 4676 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:43:11.0780 4676 TBS - ok
13:43:11.0936 4676 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:43:12.0202 4676 Tcpip - ok
13:43:12.0233 4676 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:43:12.0249 4676 TCPIP6 - ok
13:43:12.0280 4676 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:43:12.0311 4676 tcpipreg - ok
13:43:12.0342 4676 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:43:12.0374 4676 TDPIPE - ok
13:43:12.0405 4676 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:43:12.0436 4676 TDTCP - ok
13:43:12.0452 4676 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:43:12.0499 4676 tdx - ok
13:43:12.0592 4676 [ E449211A88BBF6B734DE39140BAF3389 ] Tekla Structures Licensing Service C:\TeklaStructures\License\Server\lmgrd.exe
13:43:12.0624 4676 Tekla Structures Licensing Service - ok
13:43:12.0639 4676 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:43:12.0686 4676 TermDD - ok
13:43:12.0717 4676 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:43:12.0811 4676 TermService - ok
13:43:12.0827 4676 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:43:12.0874 4676 Themes - ok
13:43:12.0889 4676 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:43:12.0905 4676 THREADORDER - ok
13:43:12.0936 4676 [ 83682F469A3D65E8B6F06C28212318BD ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
13:43:12.0952 4676 TomTomHOMEService - ok
13:43:12.0952 4676 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:43:12.0983 4676 TrkWks - ok
13:43:13.0014 4676 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:43:13.0030 4676 TrustedInstaller - ok
13:43:13.0045 4676 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:43:13.0061 4676 tssecsrv - ok
13:43:13.0092 4676 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:43:13.0202 4676 TsUsbFlt - ok
13:43:13.0217 4676 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:43:13.0249 4676 TsUsbGD - ok
13:43:13.0280 4676 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:43:13.0327 4676 tunnel - ok
13:43:13.0358 4676 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:43:13.0389 4676 uagp35 - ok
13:43:13.0420 4676 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:43:13.0467 4676 udfs - ok
13:43:13.0483 4676 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:43:13.0514 4676 UI0Detect - ok
13:43:13.0545 4676 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:43:13.0592 4676 uliagpkx - ok
13:43:13.0624 4676 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:43:13.0733 4676 umbus - ok
13:43:13.0749 4676 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
13:43:13.0858 4676 UmPass - ok
13:43:13.0920 4676 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
13:43:13.0999 4676 UmRdpService - ok
13:43:14.0030 4676 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:43:14.0092 4676 upnphost - ok
13:43:14.0124 4676 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:43:14.0170 4676 USBAAPL64 - ok
13:43:14.0186 4676 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
13:43:14.0233 4676 usbccgp - ok
13:43:14.0264 4676 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:43:14.0327 4676 usbcir - ok
13:43:14.0358 4676 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:43:14.0436 4676 usbehci - ok
13:43:14.0467 4676 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:43:14.0530 4676 usbhub - ok
13:43:14.0545 4676 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:43:14.0577 4676 usbohci - ok
13:43:14.0592 4676 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:43:14.0624 4676 usbprint - ok
13:43:14.0670 4676 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:43:14.0702 4676 usbscan - ok
13:43:14.0717 4676 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:43:14.0764 4676 USBSTOR - ok
13:43:14.0795 4676 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:43:14.0858 4676 usbuhci - ok
13:43:14.0889 4676 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:43:14.0952 4676 UxSms - ok
13:43:14.0983 4676 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:43:14.0983 4676 VaultSvc - ok
13:43:14.0999 4676 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:43:15.0077 4676 vdrvroot - ok
13:43:15.0108 4676 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:43:15.0186 4676 vds - ok
13:43:15.0217 4676 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:43:15.0249 4676 vga - ok
13:43:15.0249 4676 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:43:15.0295 4676 VgaSave - ok
13:43:15.0311 4676 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:43:15.0358 4676 vhdmp - ok
13:43:15.0374 4676 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:43:15.0405 4676 viaide - ok
13:43:15.0420 4676 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:43:15.0499 4676 vmbus - ok
13:43:15.0514 4676 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:43:15.0545 4676 VMBusHID - ok
13:43:15.0561 4676 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:43:15.0608 4676 volmgr - ok
13:43:15.0655 4676 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:43:15.0702 4676 volmgrx - ok
13:43:15.0702 4676 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:43:15.0764 4676 volsnap - ok
13:43:15.0780 4676 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:43:15.0889 4676 vsmraid - ok
13:43:15.0967 4676 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:43:16.0124 4676 VSS - ok
13:43:16.0139 4676 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:43:16.0186 4676 vwifibus - ok
13:43:16.0217 4676 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:43:16.0264 4676 W32Time - ok
13:43:16.0280 4676 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:43:16.0311 4676 WacomPen - ok
13:43:16.0358 4676 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:43:16.0436 4676 WANARP - ok
13:43:16.0452 4676 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:43:16.0452 4676 Wanarpv6 - ok
13:43:16.0514 4676 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:43:16.0639 4676 WatAdminSvc - ok
13:43:16.0686 4676 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:43:16.0827 4676 wbengine - ok
13:43:16.0842 4676 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:43:16.0889 4676 WbioSrvc - ok
13:43:16.0920 4676 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:43:16.0983 4676 wcncsvc - ok
13:43:16.0999 4676 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:43:17.0030 4676 WcsPlugInService - ok
13:43:17.0030 4676 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
13:43:17.0061 4676 Wd - ok
13:43:17.0092 4676 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:43:17.0139 4676 Wdf01000 - ok
13:43:17.0155 4676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:43:17.0186 4676 WdiServiceHost - ok
13:43:17.0186 4676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:43:17.0186 4676 WdiSystemHost - ok
13:43:17.0202 4676 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:43:17.0249 4676 WebClient - ok
13:43:17.0264 4676 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:43:17.0389 4676 Wecsvc - ok
13:43:17.0405 4676 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:43:17.0436 4676 wercplsupport - ok
13:43:17.0452 4676 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:43:17.0452 4676 WerSvc - ok
13:43:17.0467 4676 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:43:17.0499 4676 WfpLwf - ok
13:43:17.0514 4676 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:43:17.0577 4676 WIMMount - ok
13:43:17.0608 4676 WinDefend - ok
13:43:17.0624 4676 WinHttpAutoProxySvc - ok
13:43:17.0670 4676 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:43:17.0702 4676 Winmgmt - ok
13:43:17.0780 4676 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:43:17.0999 4676 WinRM - ok
13:43:18.0030 4676 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:43:18.0061 4676 WinUsb - ok
13:43:18.0108 4676 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:43:18.0202 4676 Wlansvc - ok
13:43:18.0264 4676 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:43:18.0264 4676 wlcrasvc - ok
13:43:18.0436 4676 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:43:18.0452 4676 wlidsvc - ok
13:43:18.0499 4676 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:43:18.0530 4676 WmiAcpi - ok
13:43:18.0561 4676 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:43:18.0592 4676 wmiApSrv - ok
13:43:18.0608 4676 WMPNetworkSvc - ok
13:43:18.0624 4676 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:43:18.0655 4676 WPCSvc - ok
13:43:18.0670 4676 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:43:18.0702 4676 WPDBusEnum - ok
13:43:18.0702 4676 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:43:18.0733 4676 ws2ifsl - ok
13:43:18.0749 4676 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
13:43:18.0780 4676 wscsvc - ok
13:43:18.0780 4676 WSearch - ok
13:43:18.0874 4676 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:43:19.0124 4676 wuauserv - ok
13:43:19.0155 4676 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:43:19.0202 4676 WudfPf - ok
13:43:19.0217 4676 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:43:19.0280 4676 WUDFRd - ok
13:43:19.0295 4676 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:43:19.0374 4676 wudfsvc - ok
13:43:19.0405 4676 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:43:19.0467 4676 WwanSvc - ok
13:43:19.0467 4676 ================ Scan global ===============================
13:43:19.0499 4676 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:43:19.0561 4676 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:43:19.0624 4676 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:43:19.0639 4676 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:43:19.0702 4676 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:43:19.0702 4676 [Global] - ok
13:43:19.0702 4676 ================ Scan MBR ==================================
13:43:19.0733 4676 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:43:19.0983 4676 \Device\Harddisk0\DR0 - ok
13:43:19.0983 4676 ================ Scan VBR ==================================
13:43:20.0030 4676 [ 6B2F7788391DF0A3C0195D477E73D08D ] \Device\Harddisk0\DR0\Partition1
13:43:20.0030 4676 \Device\Harddisk0\DR0\Partition1 - ok
13:43:20.0061 4676 [ CCD2DAB5652F45B6A844CC57ED66382B ] \Device\Harddisk0\DR0\Partition2
13:43:20.0077 4676 \Device\Harddisk0\DR0\Partition2 - ok
13:43:20.0092 4676 [ E7287CA5A931B3A528B8D84C452DB15A ] \Device\Harddisk0\DR0\Partition3
13:43:20.0124 4676 \Device\Harddisk0\DR0\Partition3 - ok
13:43:20.0155 4676 [ 914F1BD2D5C0D31D3C839D3B1B92B285 ] \Device\Harddisk0\DR0\Partition4
13:43:20.0170 4676 \Device\Harddisk0\DR0\Partition4 - ok
13:43:20.0170 4676 ============================================================
13:43:20.0170 4676 Scan finished
13:43:20.0170 4676 ============================================================
13:43:20.0186 3652 Detected object count: 1
13:43:20.0186 3652 Actual detected object count: 1
13:44:53.0106 3652 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
13:44:53.0168 3652 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
zatím děkuji
stp
aplikoval jsem tdsskiller, log níže:
13:42:36.0045 3692 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:42:36.0202 3692 ============================================================
13:42:36.0202 3692 Current date / time: 2012/09/10 13:42:36.0202
13:42:36.0202 3692 SystemInfo:
13:42:36.0202 3692
13:42:36.0202 3692 OS Version: 6.1.7601 ServicePack: 1.0
13:42:36.0202 3692 Product type: Workstation
13:42:36.0202 3692 ComputerName: STP
13:42:36.0202 3692 UserName: steepee
13:42:36.0202 3692 Windows directory: C:\Windows
13:42:36.0202 3692 System windows directory: C:\Windows
13:42:36.0202 3692 Running under WOW64
13:42:36.0202 3692 Processor architecture: Intel x64
13:42:36.0202 3692 Number of processors: 2
13:42:36.0202 3692 Page size: 0x1000
13:42:36.0202 3692 Boot type: Normal boot
13:42:36.0202 3692 ============================================================
13:42:37.0717 3692 Drive \Device\Harddisk0\DR0 - Size: 0x15D50E50000 (1397.26 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:42:37.0733 3692 ============================================================
13:42:37.0733 3692 \Device\Harddisk0\DR0:
13:42:37.0733 3692 MBR partitions:
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x249BD800
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x249F0000, BlocksNum 0x4F588000
13:42:37.0733 3692 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x73F78000, BlocksNum 0x3AB0E800
13:42:37.0733 3692 ============================================================
13:42:37.0764 3692 C: <-> \Device\Harddisk0\DR0\Partition2
13:42:37.0811 3692 D: <-> \Device\Harddisk0\DR0\Partition3
13:42:37.0874 3692 E: <-> \Device\Harddisk0\DR0\Partition4
13:42:37.0874 3692 ============================================================
13:42:37.0874 3692 Initialize success
13:42:37.0874 3692 ============================================================
13:42:40.0874 4676 ============================================================
13:42:40.0874 4676 Scan started
13:42:40.0874 4676 Mode: Manual;
13:42:40.0874 4676 ============================================================
13:42:42.0264 4676 ================ Scan system memory ========================
13:42:42.0264 4676 System memory - ok
13:42:42.0264 4676 ================ Scan services =============================
13:42:42.0452 4676 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:42:42.0545 4676 1394ohci - ok
13:42:42.0561 4676 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:42:42.0608 4676 ACPI - ok
13:42:42.0608 4676 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:42:42.0655 4676 AcpiPmi - ok
13:42:42.0686 4676 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:42:42.0764 4676 adp94xx - ok
13:42:42.0827 4676 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:42:42.0936 4676 adpahci - ok
13:42:42.0952 4676 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:42:42.0983 4676 adpu320 - ok
13:42:42.0999 4676 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:42:42.0999 4676 AeLookupSvc - ok
13:42:43.0061 4676 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:42:43.0124 4676 AFD - ok
13:42:43.0139 4676 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:42:43.0217 4676 agp440 - ok
13:42:43.0233 4676 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:42:43.0264 4676 ALG - ok
13:42:43.0280 4676 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:42:43.0327 4676 aliide - ok
13:42:43.0342 4676 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:42:43.0389 4676 amdide - ok
13:42:43.0420 4676 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:42:43.0452 4676 AmdK8 - ok
13:42:43.0467 4676 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:42:43.0577 4676 AmdPPM - ok
13:42:43.0624 4676 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:42:43.0686 4676 amdsata - ok
13:42:43.0702 4676 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:42:43.0749 4676 amdsbs - ok
13:42:43.0780 4676 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:42:43.0811 4676 amdxata - ok
13:42:43.0827 4676 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:42:43.0874 4676 AppID - ok
13:42:43.0889 4676 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:42:43.0905 4676 AppIDSvc - ok
13:42:43.0920 4676 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:42:43.0936 4676 Appinfo - ok
13:42:43.0952 4676 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:42:43.0999 4676 AppMgmt - ok
13:42:44.0014 4676 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
13:42:44.0061 4676 arc - ok
13:42:44.0077 4676 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:42:44.0124 4676 arcsas - ok
13:42:44.0217 4676 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:42:44.0233 4676 aspnet_state - ok
13:42:44.0280 4676 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:42:44.0327 4676 AsyncMac - ok
13:42:44.0327 4676 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:42:44.0374 4676 atapi - ok
13:42:44.0436 4676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:42:44.0514 4676 AudioEndpointBuilder - ok
13:42:44.0545 4676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:42:44.0561 4676 AudioSrv - ok
13:42:44.0670 4676 [ 1992C2A1867D95AA3A0802539358D162 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
13:42:44.0670 4676 Autodesk Content Service - ok
13:42:44.0764 4676 [ 9F29157695EE58875B06724743CE9C42 ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
13:42:44.0764 4676 Autodesk Licensing Service - ok
13:42:44.0795 4676 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:42:44.0874 4676 AxInstSV - ok
13:42:44.0936 4676 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:42:44.0983 4676 b06bdrv - ok
13:42:45.0014 4676 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:42:45.0077 4676 b57nd60a - ok
13:42:45.0092 4676 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:42:45.0124 4676 BDESVC - ok
13:42:45.0124 4676 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:42:45.0139 4676 Beep - ok
13:42:45.0186 4676 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:42:45.0264 4676 BFE - ok
13:42:45.0374 4676 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
13:42:45.0530 4676 BITS - ok
13:42:45.0530 4676 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:42:45.0561 4676 blbdrive - ok
13:42:45.0608 4676 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:42:45.0702 4676 bowser - ok
13:42:45.0749 4676 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:42:45.0764 4676 BrFiltLo - ok
13:42:45.0780 4676 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:42:45.0811 4676 BrFiltUp - ok
13:42:45.0811 4676 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:42:45.0858 4676 BridgeMP - ok
13:42:45.0874 4676 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:42:45.0952 4676 Browser - ok
13:42:45.0983 4676 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:42:46.0045 4676 Brserid - ok
13:42:46.0061 4676 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:42:46.0124 4676 BrSerWdm - ok
13:42:46.0124 4676 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:42:46.0170 4676 BrUsbMdm - ok
13:42:46.0186 4676 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:42:46.0217 4676 BrUsbSer - ok
13:42:46.0233 4676 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:42:46.0280 4676 BTHMODEM - ok
13:42:46.0295 4676 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:42:46.0327 4676 bthserv - ok
13:42:46.0358 4676 catchme - ok
13:42:46.0374 4676 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:42:46.0405 4676 cdfs - ok
13:42:46.0420 4676 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:42:46.0561 4676 cdrom - ok
13:42:46.0592 4676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:42:46.0624 4676 CertPropSvc - ok
13:42:46.0655 4676 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
13:42:46.0686 4676 circlass - ok
13:42:46.0717 4676 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:42:46.0795 4676 CLFS - ok
13:42:46.0874 4676 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:42:46.0874 4676 clr_optimization_v2.0.50727_32 - ok
13:42:46.0920 4676 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:42:46.0920 4676 clr_optimization_v2.0.50727_64 - ok
13:42:46.0999 4676 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:42:47.0014 4676 clr_optimization_v4.0.30319_32 - ok
13:42:47.0030 4676 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:42:47.0030 4676 clr_optimization_v4.0.30319_64 - ok
13:42:47.0061 4676 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:42:47.0108 4676 CmBatt - ok
13:42:47.0124 4676 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:42:47.0170 4676 cmdide - ok
13:42:47.0202 4676 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:42:47.0280 4676 CNG - ok
13:42:47.0280 4676 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:42:47.0311 4676 Compbatt - ok
13:42:47.0327 4676 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:42:47.0358 4676 CompositeBus - ok
13:42:47.0374 4676 COMSysApp - ok
13:42:47.0389 4676 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:42:47.0405 4676 crcdisk - ok
13:42:47.0436 4676 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:42:47.0530 4676 CryptSvc - ok
13:42:47.0577 4676 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
13:42:47.0670 4676 CSC - ok
13:42:47.0702 4676 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
13:42:47.0764 4676 CscService - ok
13:42:47.0842 4676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:42:47.0858 4676 DcomLaunch - ok
13:42:47.0920 4676 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:42:47.0967 4676 defragsvc - ok
13:42:47.0983 4676 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:42:48.0014 4676 DfsC - ok
13:42:48.0045 4676 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:42:48.0045 4676 Dhcp - ok
13:42:48.0061 4676 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:42:48.0108 4676 discache - ok
13:42:48.0124 4676 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
13:42:48.0170 4676 Disk - ok
13:42:48.0186 4676 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
13:42:48.0264 4676 dmvsc - ok
13:42:48.0295 4676 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:42:48.0358 4676 Dnscache - ok
13:42:48.0374 4676 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:42:48.0420 4676 dot3svc - ok
13:42:48.0436 4676 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:42:48.0467 4676 DPS - ok
13:42:48.0514 4676 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:42:48.0545 4676 drmkaud - ok
13:42:48.0592 4676 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:42:48.0670 4676 DXGKrnl - ok
13:42:48.0749 4676 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
13:42:48.0889 4676 eamonm - ok
13:42:48.0905 4676 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:42:48.0936 4676 EapHost - ok
13:42:49.0014 4676 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:42:49.0280 4676 ebdrv - ok
13:42:49.0311 4676 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:42:49.0342 4676 EFS - ok
13:42:49.0405 4676 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
13:42:49.0452 4676 ehdrv - ok
13:42:49.0530 4676 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:42:49.0530 4676 ehRecvr - ok
13:42:49.0545 4676 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:42:49.0545 4676 ehSched - ok
13:42:49.0702 4676 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
13:42:49.0702 4676 ekrn - ok
13:42:49.0749 4676 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:42:49.0827 4676 elxstor - ok
13:42:49.0842 4676 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
13:42:50.0717 4676 epfwwfpr - ok
13:42:50.0733 4676 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:42:50.0811 4676 ErrDev - ok
13:42:50.0889 4676 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:42:50.0889 4676 EventSystem - ok
13:42:50.0920 4676 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:42:50.0983 4676 exfat - ok
13:42:50.0999 4676 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:42:51.0045 4676 fastfat - ok
13:42:51.0108 4676 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:42:51.0202 4676 Fax - ok
13:42:51.0217 4676 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
13:42:51.0264 4676 fdc - ok
13:42:51.0311 4676 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:42:51.0358 4676 fdPHost - ok
13:42:51.0374 4676 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:42:51.0405 4676 FDResPub - ok
13:42:51.0420 4676 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:42:51.0452 4676 FileInfo - ok
13:42:51.0467 4676 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:42:51.0514 4676 Filetrace - ok
13:42:51.0639 4676 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:42:51.0655 4676 FLEXnet Licensing Service - ok
13:42:51.0717 4676 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
13:42:51.0733 4676 FLEXnet Licensing Service 64 - ok
13:42:51.0749 4676 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:42:51.0780 4676 flpydisk - ok
13:42:51.0811 4676 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:42:51.0889 4676 FltMgr - ok
13:42:51.0936 4676 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:42:52.0014 4676 FontCache - ok
13:42:52.0061 4676 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:42:52.0061 4676 FontCache3.0.0.0 - ok
13:42:52.0077 4676 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:42:52.0124 4676 FsDepends - ok
13:42:52.0139 4676 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:42:52.0170 4676 Fs_Rec - ok
13:42:52.0217 4676 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:42:52.0342 4676 fvevol - ok
13:42:52.0358 4676 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:42:52.0420 4676 gagp30kx - ok
13:42:52.0467 4676 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:42:52.0545 4676 gpsvc - ok
13:42:52.0545 4676 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:42:52.0577 4676 hcw85cir - ok
13:42:52.0639 4676 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:42:52.0733 4676 HdAudAddService - ok
13:42:52.0749 4676 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:42:52.0780 4676 HDAudBus - ok
13:42:52.0811 4676 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:42:52.0858 4676 HidBatt - ok
13:42:52.0889 4676 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:42:52.0936 4676 HidBth - ok
13:42:52.0952 4676 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:42:53.0014 4676 HidIr - ok
13:42:53.0045 4676 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
13:42:53.0077 4676 hidserv - ok
13:42:53.0092 4676 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:42:53.0124 4676 HidUsb - ok
13:42:53.0139 4676 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:42:53.0170 4676 hkmsvc - ok
13:42:53.0186 4676 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:42:53.0233 4676 HomeGroupListener - ok
13:42:53.0264 4676 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:42:53.0358 4676 HomeGroupProvider - ok
13:42:53.0436 4676 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:42:53.0452 4676 hpqcxs08 - ok
13:42:53.0483 4676 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:42:53.0514 4676 HpSAMD - ok
13:42:53.0545 4676 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:42:53.0624 4676 HTTP - ok
13:42:53.0624 4676 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:42:53.0670 4676 hwpolicy - ok
13:42:53.0686 4676 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:42:53.0717 4676 i8042prt - ok
13:42:53.0764 4676 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:42:53.0842 4676 iaStorV - ok
13:42:53.0920 4676 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:42:53.0936 4676 idsvc - ok
13:42:53.0967 4676 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:42:53.0999 4676 iirsp - ok
13:42:54.0061 4676 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:42:54.0155 4676 IKEEXT - ok
13:42:54.0170 4676 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:42:54.0217 4676 intelide - ok
13:42:54.0249 4676 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
13:42:54.0295 4676 intelppm - ok
13:42:54.0311 4676 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:42:54.0342 4676 IPBusEnum - ok
13:42:54.0358 4676 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:42:54.0389 4676 IpFilterDriver - ok
13:42:54.0420 4676 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:42:54.0561 4676 iphlpsvc - ok
13:42:54.0577 4676 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:42:54.0624 4676 IPMIDRV - ok
13:42:54.0639 4676 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:42:54.0686 4676 IPNAT - ok
13:42:54.0686 4676 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:42:54.0717 4676 IRENUM - ok
13:42:54.0733 4676 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:42:54.0780 4676 isapnp - ok
13:42:54.0811 4676 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:42:54.0936 4676 iScsiPrt - ok
13:42:54.0952 4676 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:42:54.0983 4676 kbdclass - ok
13:42:55.0014 4676 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:42:55.0045 4676 kbdhid - ok
13:42:55.0061 4676 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:42:55.0061 4676 KeyIso - ok
13:42:55.0077 4676 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:42:55.0108 4676 KSecDD - ok
13:42:55.0124 4676 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:42:55.0155 4676 KSecPkg - ok
13:42:55.0170 4676 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:42:55.0202 4676 ksthunk - ok
13:42:55.0217 4676 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:42:55.0264 4676 KtmRm - ok
13:42:55.0327 4676 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:42:55.0405 4676 LanmanServer - ok
13:42:55.0467 4676 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:42:55.0514 4676 LanmanWorkstation - ok
13:42:55.0561 4676 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:42:55.0592 4676 lltdio - ok
13:42:55.0639 4676 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:42:55.0686 4676 lltdsvc - ok
13:42:55.0702 4676 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:42:55.0717 4676 lmhosts - ok
13:42:55.0749 4676 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:42:55.0795 4676 LSI_FC - ok
13:42:55.0811 4676 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:42:55.0858 4676 LSI_SAS - ok
13:42:55.0874 4676 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:42:55.0920 4676 LSI_SAS2 - ok
13:42:55.0936 4676 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:42:55.0983 4676 LSI_SCSI - ok
13:42:55.0999 4676 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:42:56.0030 4676 luafv - ok
13:42:56.0045 4676 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:42:56.0061 4676 Mcx2Svc - ok
13:42:56.0077 4676 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
13:42:56.0124 4676 megasas - ok
13:42:56.0155 4676 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:42:56.0217 4676 MegaSR - ok
13:42:56.0233 4676 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:42:56.0249 4676 MMCSS - ok
13:42:56.0280 4676 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:42:56.0311 4676 Modem - ok
13:42:56.0374 4676 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:42:56.0452 4676 monitor - ok
13:42:56.0483 4676 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:42:56.0499 4676 mouclass - ok
13:42:56.0514 4676 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:42:56.0545 4676 mouhid - ok
13:42:56.0561 4676 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:42:56.0592 4676 mountmgr - ok
13:42:56.0608 4676 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:42:56.0655 4676 mpio - ok
13:42:56.0670 4676 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:42:56.0702 4676 mpsdrv - ok
13:42:56.0749 4676 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:42:56.0827 4676 MpsSvc - ok
13:42:56.0842 4676 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:42:56.0874 4676 MRxDAV - ok
13:42:56.0905 4676 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:42:56.0936 4676 mrxsmb - ok
13:42:56.0967 4676 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:42:57.0030 4676 mrxsmb10 - ok
13:42:57.0045 4676 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:42:57.0108 4676 mrxsmb20 - ok
13:42:57.0139 4676 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:42:57.0217 4676 msahci - ok
13:42:57.0249 4676 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:42:57.0295 4676 msdsm - ok
13:42:57.0311 4676 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:42:57.0342 4676 MSDTC - ok
13:42:57.0374 4676 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:42:57.0405 4676 Msfs - ok
13:42:57.0420 4676 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:42:57.0452 4676 mshidkmdf - ok
13:42:57.0452 4676 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:42:57.0499 4676 msisadrv - ok
13:42:57.0499 4676 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:42:57.0530 4676 MSiSCSI - ok
13:42:57.0545 4676 msiserver - ok
13:42:57.0577 4676 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:42:57.0608 4676 MSKSSRV - ok
13:42:57.0624 4676 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:42:57.0655 4676 MSPCLOCK - ok
13:42:57.0670 4676 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:42:57.0717 4676 MSPQM - ok
13:42:57.0733 4676 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:42:57.0795 4676 MsRPC - ok
13:42:57.0811 4676 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:42:57.0874 4676 mssmbios - ok
13:42:57.0889 4676 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:42:57.0936 4676 MSTEE - ok
13:42:57.0952 4676 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:42:57.0983 4676 MTConfig - ok
13:42:57.0999 4676 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:42:58.0030 4676 Mup - ok
13:42:58.0092 4676 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:42:58.0155 4676 napagent - ok
13:42:58.0233 4676 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:42:58.0311 4676 NativeWifiP - ok
13:42:58.0342 4676 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:42:58.0420 4676 NDIS - ok
13:42:58.0452 4676 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:42:58.0483 4676 NdisCap - ok
13:42:58.0514 4676 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:42:58.0561 4676 NdisTapi - ok
13:42:58.0592 4676 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:42:58.0655 4676 Ndisuio - ok
13:42:58.0670 4676 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:42:58.0717 4676 NdisWan - ok
13:42:58.0733 4676 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:42:58.0780 4676 NDProxy - ok
13:42:58.0795 4676 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:42:58.0827 4676 NetBIOS - ok
13:42:58.0842 4676 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:42:58.0905 4676 NetBT - ok
13:42:58.0952 4676 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:42:58.0952 4676 Netlogon - ok
13:42:59.0030 4676 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:42:59.0124 4676 Netman - ok
13:42:59.0170 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0170 4676 NetMsmqActivator - ok
13:42:59.0170 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0186 4676 NetPipeActivator - ok
13:42:59.0233 4676 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:42:59.0280 4676 netprofm - ok
13:42:59.0280 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0280 4676 NetTcpActivator - ok
13:42:59.0311 4676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:59.0311 4676 NetTcpPortSharing - ok
13:42:59.0327 4676 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:42:59.0374 4676 nfrd960 - ok
13:42:59.0420 4676 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:42:59.0499 4676 NlaSvc - ok
13:42:59.0530 4676 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:42:59.0577 4676 Npfs - ok
13:42:59.0592 4676 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:42:59.0624 4676 nsi - ok
13:42:59.0624 4676 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:42:59.0655 4676 nsiproxy - ok
13:42:59.0733 4676 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:42:59.0858 4676 Ntfs - ok
13:42:59.0889 4676 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:42:59.0920 4676 Null - ok
13:42:59.0967 4676 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
13:43:00.0077 4676 NVENETFD - ok
13:43:00.0342 4676 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:43:01.0217 4676 nvlddmkm - ok
13:43:01.0249 4676 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:43:01.0327 4676 nvraid - ok
13:43:01.0358 4676 [ 6F2D9D7F339F0C9EF358793F92BA3393 ] nvrd64 C:\Windows\system32\DRIVERS\nvrd64.sys
13:43:01.0358 4676 nvrd64 - ok
13:43:01.0389 4676 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:43:01.0452 4676 nvstor - ok
13:43:01.0483 4676 [ A1578751D32B2CED76DCA2B20C2B22A5 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
13:43:01.0514 4676 nvstor64 - ok
13:43:01.0577 4676 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:43:01.0577 4676 nvsvc - ok
13:43:01.0670 4676 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:43:01.0858 4676 nvUpdatusService - ok
13:43:01.0920 4676 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:43:02.0014 4676 nv_agp - ok
13:43:02.0092 4676 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:43:02.0092 4676 odserv - ok
13:43:02.0108 4676 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:43:02.0139 4676 ohci1394 - ok
13:43:02.0170 4676 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:43:02.0170 4676 ose - ok
13:43:02.0217 4676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:43:02.0264 4676 p2pimsvc - ok
13:43:02.0295 4676 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:43:02.0405 4676 p2psvc - ok
13:43:02.0420 4676 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:43:02.0467 4676 Parport - ok
13:43:02.0499 4676 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:43:02.0545 4676 partmgr - ok
13:43:02.0577 4676 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:43:02.0655 4676 PcaSvc - ok
13:43:02.0670 4676 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:43:02.0749 4676 pci - ok
13:43:02.0764 4676 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:43:02.0780 4676 pciide - ok
13:43:02.0811 4676 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:43:02.0952 4676 pcmcia - ok
13:43:02.0967 4676 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:43:03.0014 4676 pcw - ok
13:43:03.0045 4676 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:43:03.0108 4676 PEAUTH - ok
13:43:03.0155 4676 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:43:03.0264 4676 PeerDistSvc - ok
13:43:03.0342 4676 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:43:03.0342 4676 PerfHost - ok
13:43:03.0389 4676 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:43:03.0514 4676 pla - ok
13:43:03.0561 4676 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:43:03.0608 4676 PlugPlay - ok
13:43:03.0639 4676 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:43:03.0655 4676 PNRPAutoReg - ok
13:43:03.0655 4676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:43:03.0670 4676 PNRPsvc - ok
13:43:03.0670 4676 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
13:43:03.0702 4676 Point64 - ok
13:43:03.0764 4676 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:43:03.0874 4676 PolicyAgent - ok
13:43:03.0905 4676 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:43:03.0967 4676 Power - ok
13:43:03.0983 4676 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:43:04.0045 4676 PptpMiniport - ok
13:43:04.0061 4676 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
13:43:04.0092 4676 Processor - ok
13:43:04.0139 4676 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:43:04.0186 4676 ProfSvc - ok
13:43:04.0202 4676 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:43:04.0202 4676 ProtectedStorage - ok
13:43:04.0217 4676 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:43:04.0264 4676 Psched - ok
13:43:04.0295 4676 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:43:04.0420 4676 ql2300 - ok
13:43:04.0452 4676 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:43:04.0499 4676 ql40xx - ok
13:43:04.0530 4676 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:43:04.0592 4676 QWAVE - ok
13:43:04.0624 4676 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:43:04.0655 4676 QWAVEdrv - ok
13:43:04.0670 4676 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:43:04.0702 4676 RasAcd - ok
13:43:04.0733 4676 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:43:04.0764 4676 RasAgileVpn - ok
13:43:04.0795 4676 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:43:04.0827 4676 RasAuto - ok
13:43:04.0858 4676 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:43:04.0905 4676 Rasl2tp - ok
13:43:04.0936 4676 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:43:04.0983 4676 RasMan - ok
13:43:04.0999 4676 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:43:05.0670 4676 RasPppoe - ok
13:43:05.0717 4676 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:43:05.0827 4676 RasSstp - ok
13:43:05.0858 4676 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:43:05.0905 4676 rdbss - ok
13:43:05.0920 4676 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:43:05.0967 4676 rdpbus - ok
13:43:05.0983 4676 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:43:06.0014 4676 RDPCDD - ok
13:43:06.0030 4676 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:43:06.0092 4676 RDPDR - ok
13:43:06.0124 4676 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:43:06.0186 4676 RDPENCDD - ok
13:43:06.0202 4676 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:43:06.0233 4676 RDPREFMP - ok
13:43:06.0264 4676 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:43:06.0311 4676 RDPWD - ok
13:43:06.0342 4676 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:43:06.0389 4676 rdyboost - ok
13:43:06.0420 4676 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:43:06.0452 4676 RemoteAccess - ok
13:43:06.0483 4676 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:43:06.0514 4676 RemoteRegistry - ok
13:43:06.0530 4676 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:43:06.0545 4676 RpcEptMapper - ok
13:43:06.0577 4676 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:43:06.0592 4676 RpcLocator - ok
13:43:06.0624 4676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:43:06.0639 4676 RpcSs - ok
13:43:06.0655 4676 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:43:06.0686 4676 rspndr - ok
13:43:06.0717 4676 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:43:06.0749 4676 s3cap - ok
13:43:06.0764 4676 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:43:06.0764 4676 SamSs - ok
13:43:06.0936 4676 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys
13:43:06.0936 4676 SANDRA - ok
13:43:06.0967 4676 [ 0FBDF70E3A8623732EFCDB9E56E79550 ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe
13:43:06.0967 4676 SandraAgentSrv - ok
13:43:06.0999 4676 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:43:07.0061 4676 sbp2port - ok
13:43:07.0077 4676 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:43:07.0124 4676 SCardSvr - ok
13:43:07.0139 4676 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:43:07.0186 4676 scfilter - ok
13:43:07.0217 4676 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:43:07.0311 4676 Schedule - ok
13:43:07.0342 4676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:43:07.0342 4676 SCPolicySvc - ok
13:43:07.0342 4676 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:43:07.0374 4676 SDRSVC - ok
13:43:07.0389 4676 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:43:07.0436 4676 secdrv - ok
13:43:07.0452 4676 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:43:07.0467 4676 seclogon - ok
13:43:07.0499 4676 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
13:43:07.0577 4676 SENS - ok
13:43:07.0592 4676 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:43:07.0624 4676 SensrSvc - ok
13:43:07.0686 4676 [ 255476B54C82A89416EFDF09FD62F107 ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys
13:43:07.0780 4676 Sentinel64 - ok
13:43:07.0795 4676 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
13:43:07.0842 4676 Serenum - ok
13:43:07.0858 4676 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
13:43:07.0920 4676 Serial - ok
13:43:07.0967 4676 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:43:08.0045 4676 sermouse - ok
13:43:08.0092 4676 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:43:08.0124 4676 SessionEnv - ok
13:43:08.0139 4676 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:43:08.0170 4676 sffdisk - ok
13:43:08.0202 4676 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:43:08.0249 4676 sffp_mmc - ok
13:43:08.0249 4676 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:43:08.0264 4676 sffp_sd - ok
13:43:08.0295 4676 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:43:08.0342 4676 sfloppy - ok
13:43:08.0358 4676 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:43:08.0420 4676 SharedAccess - ok
13:43:08.0436 4676 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:43:08.0483 4676 ShellHWDetection - ok
13:43:08.0499 4676 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:43:08.0545 4676 SiSRaid2 - ok
13:43:08.0577 4676 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:43:08.0624 4676 SiSRaid4 - ok
13:43:08.0905 4676 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:43:08.0920 4676 Skype C2C Service - ok
13:43:09.0014 4676 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:43:09.0014 4676 SkypeUpdate - ok
13:43:09.0030 4676 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:43:09.0077 4676 Smb - ok
13:43:09.0108 4676 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:43:09.0139 4676 SNMPTRAP - ok
13:43:09.0170 4676 [ BAECAF8945218EC7390BFE2277406354 ] SNTUSB64 C:\Windows\system32\DRIVERS\SNTUSB64.SYS
13:43:09.0202 4676 SNTUSB64 - ok
13:43:09.0233 4676 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
13:43:09.0264 4676 speedfan - ok
13:43:09.0280 4676 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:43:09.0327 4676 spldr - ok
13:43:09.0389 4676 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:43:09.0499 4676 Spooler - ok
13:43:09.0561 4676 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:43:09.0780 4676 sppsvc - ok
13:43:09.0795 4676 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:43:09.0827 4676 sppuinotify - ok
13:43:09.0874 4676 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
13:43:09.0874 4676 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
13:43:09.0874 4676 sptd ( LockedFile.Multi.Generic ) - warning
13:43:09.0874 4676 sptd - detected LockedFile.Multi.Generic (1)
13:43:09.0905 4676 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:43:09.0999 4676 srv - ok
13:43:10.0014 4676 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:43:10.0077 4676 srv2 - ok
13:43:10.0108 4676 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:43:10.0139 4676 srvnet - ok
13:43:10.0170 4676 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:43:10.0217 4676 SSDPSRV - ok
13:43:10.0233 4676 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:43:10.0264 4676 SstpSvc - ok
13:43:10.0295 4676 [ D21FF3592DAEE244EE8376830A672B52 ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys
13:43:10.0327 4676 ss_bus - ok
13:43:10.0358 4676 [ 451DB3D10E6112E06B4506D4A7BECEC1 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys
13:43:10.0374 4676 ss_mdfl - ok
13:43:10.0389 4676 [ EF40C8A268A5263A0EF48FED8E57CBED ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys
13:43:10.0420 4676 ss_mdm - ok
13:43:10.0545 4676 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:43:10.0561 4676 Stereo Service - ok
13:43:10.0592 4676 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:43:10.0655 4676 stexstor - ok
13:43:10.0686 4676 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:43:10.0795 4676 stisvc - ok
13:43:10.0842 4676 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:43:10.0874 4676 storflt - ok
13:43:10.0905 4676 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
13:43:10.0936 4676 StorSvc - ok
13:43:10.0952 4676 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:43:10.0983 4676 storvsc - ok
13:43:10.0999 4676 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:43:11.0030 4676 swenum - ok
13:43:11.0155 4676 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:43:11.0155 4676 SwitchBoard - ok
13:43:11.0202 4676 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:43:11.0280 4676 swprv - ok
13:43:11.0327 4676 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:43:11.0452 4676 SysMain - ok
13:43:11.0483 4676 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:43:11.0530 4676 TabletInputService - ok
13:43:11.0577 4676 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:43:11.0670 4676 TapiSrv - ok
13:43:11.0717 4676 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:43:11.0780 4676 TBS - ok
13:43:11.0936 4676 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:43:12.0202 4676 Tcpip - ok
13:43:12.0233 4676 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:43:12.0249 4676 TCPIP6 - ok
13:43:12.0280 4676 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:43:12.0311 4676 tcpipreg - ok
13:43:12.0342 4676 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:43:12.0374 4676 TDPIPE - ok
13:43:12.0405 4676 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:43:12.0436 4676 TDTCP - ok
13:43:12.0452 4676 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:43:12.0499 4676 tdx - ok
13:43:12.0592 4676 [ E449211A88BBF6B734DE39140BAF3389 ] Tekla Structures Licensing Service C:\TeklaStructures\License\Server\lmgrd.exe
13:43:12.0624 4676 Tekla Structures Licensing Service - ok
13:43:12.0639 4676 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:43:12.0686 4676 TermDD - ok
13:43:12.0717 4676 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:43:12.0811 4676 TermService - ok
13:43:12.0827 4676 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:43:12.0874 4676 Themes - ok
13:43:12.0889 4676 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:43:12.0905 4676 THREADORDER - ok
13:43:12.0936 4676 [ 83682F469A3D65E8B6F06C28212318BD ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
13:43:12.0952 4676 TomTomHOMEService - ok
13:43:12.0952 4676 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:43:12.0983 4676 TrkWks - ok
13:43:13.0014 4676 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:43:13.0030 4676 TrustedInstaller - ok
13:43:13.0045 4676 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:43:13.0061 4676 tssecsrv - ok
13:43:13.0092 4676 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:43:13.0202 4676 TsUsbFlt - ok
13:43:13.0217 4676 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:43:13.0249 4676 TsUsbGD - ok
13:43:13.0280 4676 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:43:13.0327 4676 tunnel - ok
13:43:13.0358 4676 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:43:13.0389 4676 uagp35 - ok
13:43:13.0420 4676 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:43:13.0467 4676 udfs - ok
13:43:13.0483 4676 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:43:13.0514 4676 UI0Detect - ok
13:43:13.0545 4676 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:43:13.0592 4676 uliagpkx - ok
13:43:13.0624 4676 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:43:13.0733 4676 umbus - ok
13:43:13.0749 4676 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
13:43:13.0858 4676 UmPass - ok
13:43:13.0920 4676 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
13:43:13.0999 4676 UmRdpService - ok
13:43:14.0030 4676 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:43:14.0092 4676 upnphost - ok
13:43:14.0124 4676 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:43:14.0170 4676 USBAAPL64 - ok
13:43:14.0186 4676 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
13:43:14.0233 4676 usbccgp - ok
13:43:14.0264 4676 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:43:14.0327 4676 usbcir - ok
13:43:14.0358 4676 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:43:14.0436 4676 usbehci - ok
13:43:14.0467 4676 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:43:14.0530 4676 usbhub - ok
13:43:14.0545 4676 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:43:14.0577 4676 usbohci - ok
13:43:14.0592 4676 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:43:14.0624 4676 usbprint - ok
13:43:14.0670 4676 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:43:14.0702 4676 usbscan - ok
13:43:14.0717 4676 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:43:14.0764 4676 USBSTOR - ok
13:43:14.0795 4676 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:43:14.0858 4676 usbuhci - ok
13:43:14.0889 4676 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:43:14.0952 4676 UxSms - ok
13:43:14.0983 4676 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:43:14.0983 4676 VaultSvc - ok
13:43:14.0999 4676 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:43:15.0077 4676 vdrvroot - ok
13:43:15.0108 4676 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:43:15.0186 4676 vds - ok
13:43:15.0217 4676 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:43:15.0249 4676 vga - ok
13:43:15.0249 4676 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:43:15.0295 4676 VgaSave - ok
13:43:15.0311 4676 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:43:15.0358 4676 vhdmp - ok
13:43:15.0374 4676 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:43:15.0405 4676 viaide - ok
13:43:15.0420 4676 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:43:15.0499 4676 vmbus - ok
13:43:15.0514 4676 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:43:15.0545 4676 VMBusHID - ok
13:43:15.0561 4676 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:43:15.0608 4676 volmgr - ok
13:43:15.0655 4676 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:43:15.0702 4676 volmgrx - ok
13:43:15.0702 4676 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:43:15.0764 4676 volsnap - ok
13:43:15.0780 4676 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:43:15.0889 4676 vsmraid - ok
13:43:15.0967 4676 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:43:16.0124 4676 VSS - ok
13:43:16.0139 4676 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:43:16.0186 4676 vwifibus - ok
13:43:16.0217 4676 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:43:16.0264 4676 W32Time - ok
13:43:16.0280 4676 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:43:16.0311 4676 WacomPen - ok
13:43:16.0358 4676 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:43:16.0436 4676 WANARP - ok
13:43:16.0452 4676 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:43:16.0452 4676 Wanarpv6 - ok
13:43:16.0514 4676 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:43:16.0639 4676 WatAdminSvc - ok
13:43:16.0686 4676 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:43:16.0827 4676 wbengine - ok
13:43:16.0842 4676 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:43:16.0889 4676 WbioSrvc - ok
13:43:16.0920 4676 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:43:16.0983 4676 wcncsvc - ok
13:43:16.0999 4676 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:43:17.0030 4676 WcsPlugInService - ok
13:43:17.0030 4676 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
13:43:17.0061 4676 Wd - ok
13:43:17.0092 4676 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:43:17.0139 4676 Wdf01000 - ok
13:43:17.0155 4676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:43:17.0186 4676 WdiServiceHost - ok
13:43:17.0186 4676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:43:17.0186 4676 WdiSystemHost - ok
13:43:17.0202 4676 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:43:17.0249 4676 WebClient - ok
13:43:17.0264 4676 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:43:17.0389 4676 Wecsvc - ok
13:43:17.0405 4676 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:43:17.0436 4676 wercplsupport - ok
13:43:17.0452 4676 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:43:17.0452 4676 WerSvc - ok
13:43:17.0467 4676 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:43:17.0499 4676 WfpLwf - ok
13:43:17.0514 4676 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:43:17.0577 4676 WIMMount - ok
13:43:17.0608 4676 WinDefend - ok
13:43:17.0624 4676 WinHttpAutoProxySvc - ok
13:43:17.0670 4676 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:43:17.0702 4676 Winmgmt - ok
13:43:17.0780 4676 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:43:17.0999 4676 WinRM - ok
13:43:18.0030 4676 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:43:18.0061 4676 WinUsb - ok
13:43:18.0108 4676 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:43:18.0202 4676 Wlansvc - ok
13:43:18.0264 4676 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:43:18.0264 4676 wlcrasvc - ok
13:43:18.0436 4676 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:43:18.0452 4676 wlidsvc - ok
13:43:18.0499 4676 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:43:18.0530 4676 WmiAcpi - ok
13:43:18.0561 4676 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:43:18.0592 4676 wmiApSrv - ok
13:43:18.0608 4676 WMPNetworkSvc - ok
13:43:18.0624 4676 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:43:18.0655 4676 WPCSvc - ok
13:43:18.0670 4676 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:43:18.0702 4676 WPDBusEnum - ok
13:43:18.0702 4676 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:43:18.0733 4676 ws2ifsl - ok
13:43:18.0749 4676 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
13:43:18.0780 4676 wscsvc - ok
13:43:18.0780 4676 WSearch - ok
13:43:18.0874 4676 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:43:19.0124 4676 wuauserv - ok
13:43:19.0155 4676 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:43:19.0202 4676 WudfPf - ok
13:43:19.0217 4676 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:43:19.0280 4676 WUDFRd - ok
13:43:19.0295 4676 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:43:19.0374 4676 wudfsvc - ok
13:43:19.0405 4676 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:43:19.0467 4676 WwanSvc - ok
13:43:19.0467 4676 ================ Scan global ===============================
13:43:19.0499 4676 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:43:19.0561 4676 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:43:19.0624 4676 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:43:19.0639 4676 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:43:19.0702 4676 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:43:19.0702 4676 [Global] - ok
13:43:19.0702 4676 ================ Scan MBR ==================================
13:43:19.0733 4676 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:43:19.0983 4676 \Device\Harddisk0\DR0 - ok
13:43:19.0983 4676 ================ Scan VBR ==================================
13:43:20.0030 4676 [ 6B2F7788391DF0A3C0195D477E73D08D ] \Device\Harddisk0\DR0\Partition1
13:43:20.0030 4676 \Device\Harddisk0\DR0\Partition1 - ok
13:43:20.0061 4676 [ CCD2DAB5652F45B6A844CC57ED66382B ] \Device\Harddisk0\DR0\Partition2
13:43:20.0077 4676 \Device\Harddisk0\DR0\Partition2 - ok
13:43:20.0092 4676 [ E7287CA5A931B3A528B8D84C452DB15A ] \Device\Harddisk0\DR0\Partition3
13:43:20.0124 4676 \Device\Harddisk0\DR0\Partition3 - ok
13:43:20.0155 4676 [ 914F1BD2D5C0D31D3C839D3B1B92B285 ] \Device\Harddisk0\DR0\Partition4
13:43:20.0170 4676 \Device\Harddisk0\DR0\Partition4 - ok
13:43:20.0170 4676 ============================================================
13:43:20.0170 4676 Scan finished
13:43:20.0170 4676 ============================================================
13:43:20.0186 3652 Detected object count: 1
13:43:20.0186 3652 Actual detected object count: 1
13:44:53.0106 3652 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
13:44:53.0168 3652 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
zatím děkuji
stp
Re: trojsky kun Ponmocup.AA
Je to ok.
Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít
Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?
Odinstalujte combofix přes Start - Spustit- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy
ok zavřít Záložka Nástroje- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijtehttp://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: trojsky kun Ponmocup.AA
Dobrý den,
aplikoval jsem výše uvedené. Přikládám log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by steepee at 2012-09-10 21:14:24
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 240 GB (80%) free of 300 GB
Total RAM: 4096 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:14:32, on 10.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Flexlm\lmgrd.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Flexlm\SCIA.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\steepee.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... nkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - Startup: SCIA.lnk = C:\Program Files (x86)\SCIA\SCIA.bat
O4 - Startup: TOTALCMD64.lnk = C:\Program Files\totalcmd\TOTALCMD64.EXE
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files (x86)\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} (Web Viewer Class) - file:///C:/Temp/KOLIN_10102011/dll/zkitlib.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Tekla Structures Licensing Service - Acresso Software Inc. - C:\TeklaStructures\License\Server\lmgrd.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10837 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\TeklaStructures\License\Server\lmgrd.exe
"C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
\??\C:\Windows\system32\conhost.exe "-180020577-1617363841-2027874229-1832011817-581973546-1749776390-7153421761108122402
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\TeklaStructures\License\Server\lmgrd.exe" -c "C:\TeklaStructures\License\Server\tekla.lic" -l "+C:\TeklaStructures\License\Server\tekla_debug.log" -z
C:\Windows\System32\svchost.exe -k secsvcs
tekla.exe -T localhost 11.7 -1 -c "C:\TeklaStructures\License\Server\tekla.lic" -lmgrd_port 6978 --lmgrd_start 504e3bc4 -l "C:\TeklaStructures\License\Server\tekla_debug.log"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
"C:\Program Files\totalcmd\TOTALCMD64.EXE"
lmgrd -c C:\Flexlm\license.dat -l log.txt -z2
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
SCIA.exe -T stp 10.8 -1 -c "C:\Flexlm\license.dat" --lmgrd_start 504e3bc8 -l "log.txt"
WLIDSvcM.exe 2532
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Temp\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-08-13 5749952]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-08-28 329712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-08-13 4120256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-08-28 59376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"=C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [2010-04-09 291944]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16 497648]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 2417032]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [2010-10-25 1216416]
"KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-09-29 20880]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-04-20 247728]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-10-25 932288]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2010-10-25 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-10-25 821144]
"KiesHelper"=C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2011-09-29 929680]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2011-09-29 3508112]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutoCAD Startup Accelerator.lnk - C:\Program Files (x86)\Common Files\Autodesk Shared\acstart16.exe
C:\Users\steepee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SCIA.lnk - C:\Program Files (x86)\SCIA\SCIA.bat
TOTALCMD64.lnk - C:\Program Files\totalcmd\TOTALCMD64.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-10-13 249344]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.inf - open - %SystemRoot%\SysWow64\NOTEPAD.EXE %1
.inf - install - %SystemRoot%\SysWow64\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\WScript.exe "%1" %*
.scr - open - "C:\Windows\notepad.exe" "%1"
.scr - install -
.scr - config -
.vbs - open - %SystemRoot%\SysWow64\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-09-10 21:14:25 ----D---- C:\Program Files\trend micro
2012-09-10 21:14:24 ----D---- C:\rsit
2012-09-07 14:11:33 ----D---- C:\ProgramData\Scia
2012-09-04 10:55:54 ----D---- C:\ProgramData\HILTI
2012-09-04 05:43:11 ----D---- C:\ProgramData\Samsung
2012-09-04 05:42:25 ----D---- C:\ProgramData\NVIDIA
2012-09-03 10:48:14 ----D---- C:\ProgramData\ACD Systems
2012-09-03 09:41:50 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-09-03 08:44:53 ----D---- C:\ProgramData\FNP
2012-09-03 07:59:20 ----D---- C:\ProgramData\Macrovision
2012-09-03 07:09:23 ----D---- C:\Users\steepee\AppData\Roaming\f-secure
2012-09-01 10:10:48 ----SHD---- C:\$RECYCLE.BIN
2012-09-01 07:25:22 ----D---- C:\Windows\temp
2012-09-01 05:44:48 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-09-01 05:44:48 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-09-01 05:44:48 ----A---- C:\Windows\SYSWOW64\java.exe
2012-08-30 14:27:55 ----A---- C:\Windows\system32\drivers\tmcomm.sys
2012-08-30 07:17:00 ----D---- C:\Program Files (x86)\PC Tools
2012-08-30 07:07:56 ----A---- C:\Windows\system32\drivers\Cat.DB
2012-08-30 07:07:52 ----A---- C:\Windows\system32\drivers\PCTSD64.sys
2012-08-30 07:07:25 ----D---- C:\Users\steepee\AppData\Roaming\TestApp
2012-08-29 22:10:23 ----D---- C:\Users\steepee\AppData\Roaming\Malwarebytes
2012-08-29 20:38:51 ----D---- C:\ProgramData\ESET
2012-08-29 20:38:51 ----D---- C:\Program Files\ESET
2012-08-28 13:18:56 ----D---- C:\Users\steepee\AppData\Roaming\pdfforge
2012-08-28 13:18:50 ----A---- C:\Windows\SYSWOW64\MSMPIDE.DLL
2012-08-28 13:18:49 ----D---- C:\Program Files (x86)\PDFCreator
2012-08-15 21:11:08 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-08-15 21:11:08 ----A---- C:\Windows\system32\mshtmled.dll
2012-08-15 21:11:07 ----A---- C:\Windows\SYSWOW64\url.dll
2012-08-15 21:11:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-08-15 21:11:07 ----A---- C:\Windows\system32\url.dll
2012-08-15 21:11:07 ----A---- C:\Windows\system32\iertutil.dll
2012-08-15 21:11:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-08-15 21:11:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-08-15 21:11:06 ----A---- C:\Windows\system32\urlmon.dll
2012-08-15 21:11:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-08-15 21:11:05 ----A---- C:\Windows\system32\ieUnatt.exe
2012-08-15 21:11:05 ----A---- C:\Windows\system32\ieui.dll
2012-08-15 21:11:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-08-15 21:11:04 ----A---- C:\Windows\system32\jscript9.dll
2012-08-15 21:11:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-08-15 21:11:03 ----A---- C:\Windows\system32\wininet.dll
2012-08-15 21:11:03 ----A---- C:\Windows\system32\jsproxy.dll
2012-08-15 21:11:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-08-15 21:11:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-08-15 21:11:02 ----A---- C:\Windows\system32\jscript.dll
2012-08-15 21:11:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-08-15 21:10:59 ----A---- C:\Windows\system32\mshtml.dll
2012-08-15 21:10:58 ----A---- C:\Windows\system32\ieframe.dll
2012-08-15 21:10:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-08-15 19:30:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-08-15 19:30:07 ----A---- C:\Windows\system32\srcore.dll
2012-08-15 19:30:00 ----A---- C:\Windows\system32\win32spl.dll
2012-08-15 19:29:59 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-08-15 19:29:59 ----A---- C:\Windows\system32\spoolsv.exe
2012-08-15 19:29:59 ----A---- C:\Windows\splwow64.exe
2012-08-15 19:29:20 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-08-15 19:29:20 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-08-15 19:29:20 ----A---- C:\Windows\system32\netapi32.dll
2012-08-15 19:29:20 ----A---- C:\Windows\system32\browser.dll
2012-08-15 19:29:20 ----A---- C:\Windows\system32\browcli.dll
2012-08-15 19:29:18 ----A---- C:\Windows\system32\win32k.sys
2012-08-15 19:29:16 ----A---- C:\Windows\system32\localspl.dll
======List of files/folders modified in the last 1 month======
2012-09-10 21:14:32 ----D---- C:\Windows\Prefetch
2012-09-10 21:14:25 ----RD---- C:\Program Files
2012-09-10 21:14:03 ----D---- C:\Users\steepee\AppData\Roaming\Skype
2012-09-10 21:13:14 ----D---- C:\Windows\system32\catroot2
2012-09-10 21:13:12 ----D---- C:\Flexlm
2012-09-10 21:12:58 ----D---- C:\Windows
2012-09-10 21:12:50 ----RD---- C:\Temp
2012-09-10 13:42:37 ----D---- C:\Windows\system32\drivers
2012-09-10 11:28:06 ----D---- C:\Windows\system32\config
2012-09-09 08:31:55 ----SHD---- C:\Windows\Installer
2012-09-09 08:31:55 ----D---- C:\Config.Msi
2012-09-08 17:49:30 ----A---- C:\Windows\Metspec.ini
2012-09-07 20:44:38 ----D---- C:\Users\steepee\AppData\Roaming\Winamp
2012-09-07 14:11:33 ----D---- C:\ProgramData
2012-09-07 14:09:30 ----D---- C:\Windows\Downloaded Installations
2012-09-05 16:27:30 ----D---- C:\Users\steepee\AppData\Roaming\Media Player Classic
2012-09-05 09:39:47 ----D---- C:\Windows\System32
2012-09-05 09:39:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-05 09:39:46 ----D---- C:\Windows\inf
2012-09-04 06:57:55 ----D---- C:\KBcertifikat
2012-09-03 07:34:50 ----RD---- C:\Program Files (x86)
2012-09-02 15:07:34 ----SHD---- C:\System Volume Information
2012-09-02 08:10:39 ----D---- C:\Users\steepee\AppData\Roaming\My Games
2012-09-02 08:03:29 ----SD---- C:\Users\steepee\AppData\Roaming\Microsoft
2012-09-02 07:09:26 ----D---- C:\Windows\SoftwareDistribution
2012-09-02 06:08:41 ----D---- C:\ProgramData\Adobe
2012-09-01 07:27:49 ----A---- C:\Windows\system.ini
2012-09-01 07:27:06 ----D---- C:\Windows\system32\drivers\etc
2012-09-01 07:17:56 ----D---- C:\Windows\SYSWOW64\drivers
2012-09-01 07:17:56 ----D---- C:\Windows\SysWOW64
2012-09-01 07:17:56 ----D---- C:\Windows\AppPatch
2012-09-01 07:17:55 ----D---- C:\Program Files (x86)\Common Files
2012-09-01 05:44:47 ----D---- C:\Program Files (x86)\Java
2012-08-30 20:22:20 ----D---- C:\Windows\Tasks
2012-08-30 20:22:20 ----D---- C:\Windows\system32\Tasks
2012-08-30 09:34:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-30 09:34:05 ----A---- C:\Windows\metsec.ini
2012-08-30 09:22:52 ----DC---- C:\Windows\system32\DRVSTORE
2012-08-30 09:18:42 ----RSD---- C:\Windows\assembly
2012-08-30 09:15:34 ----D---- C:\Windows\system32\DriverStore
2012-08-30 09:15:34 ----D---- C:\Windows\system32\catroot
2012-08-30 09:15:32 ----D---- C:\Program Files\Common Files
2012-08-30 09:14:24 ----D---- C:\Program Files (x86)\Adobe
2012-08-30 07:17:18 ----D---- C:\Windows\winsxs
2012-08-29 19:11:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-08-29 08:23:16 ----D---- C:\ProgramData\Skype
2012-08-28 20:24:56 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2012-08-28 20:24:53 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-08-28 16:51:34 ----D---- C:\Users\steepee\AppData\Roaming\BitTorrent
2012-08-16 09:40:17 ----D---- C:\Windows\debug
2012-08-16 05:57:31 ----RSD---- C:\Windows\Fonts
2012-08-16 05:57:30 ----D---- C:\Windows\SYSWOW64\migration
2012-08-16 05:57:30 ----D---- C:\Windows\system32\migration
2012-08-16 05:57:30 ----D---- C:\Program Files (x86)\Internet Explorer
2012-08-16 05:57:29 ----D---- C:\Program Files\Internet Explorer
2012-08-15 21:07:39 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvrd64;NVIDIA nForce RAID Driver; C:\Windows\system32\DRIVERS\nvrd64.sys [2010-04-09 175720]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2010-04-09 244328]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-09 834544]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys [2009-08-07 23112]
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\Windows\system32\DRIVERS\SNTUSB64.SYS [2011-05-27 63528]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2010-12-21 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-12-21 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2010-12-21 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-08-02 51712]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-05-15 889664]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
R2 Tekla Structures Licensing Service;Tekla Structures Licensing Service; C:\TeklaStructures\License\Server\lmgrd.exe [2009-08-17 1122568]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-04-20 92592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-09 1045256]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-10-09 74360]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-09 1431888]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe [2008-09-18 93848]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
děkuji
stp
aplikoval jsem výše uvedené. Přikládám log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by steepee at 2012-09-10 21:14:24
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 240 GB (80%) free of 300 GB
Total RAM: 4096 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:14:32, on 10.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Flexlm\lmgrd.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Flexlm\SCIA.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\steepee.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... nkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - Startup: SCIA.lnk = C:\Program Files (x86)\SCIA\SCIA.bat
O4 - Startup: TOTALCMD64.lnk = C:\Program Files\totalcmd\TOTALCMD64.EXE
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files (x86)\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} (Web Viewer Class) - file:///C:/Temp/KOLIN_10102011/dll/zkitlib.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Tekla Structures Licensing Service - Acresso Software Inc. - C:\TeklaStructures\License\Server\lmgrd.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10837 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\TeklaStructures\License\Server\lmgrd.exe
"C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
\??\C:\Windows\system32\conhost.exe "-180020577-1617363841-2027874229-1832011817-581973546-1749776390-7153421761108122402
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\TeklaStructures\License\Server\lmgrd.exe" -c "C:\TeklaStructures\License\Server\tekla.lic" -l "+C:\TeklaStructures\License\Server\tekla_debug.log" -z
C:\Windows\System32\svchost.exe -k secsvcs
tekla.exe -T localhost 11.7 -1 -c "C:\TeklaStructures\License\Server\tekla.lic" -lmgrd_port 6978 --lmgrd_start 504e3bc4 -l "C:\TeklaStructures\License\Server\tekla_debug.log"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
"C:\Program Files\totalcmd\TOTALCMD64.EXE"
lmgrd -c C:\Flexlm\license.dat -l log.txt -z2
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
SCIA.exe -T stp 10.8 -1 -c "C:\Flexlm\license.dat" --lmgrd_start 504e3bc8 -l "log.txt"
WLIDSvcM.exe 2532
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Temp\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-08-13 5749952]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-08-28 329712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-08-13 4120256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-08-28 59376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"=C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [2010-04-09 291944]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16 497648]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 2417032]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [2010-10-25 1216416]
"KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-09-29 20880]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-04-20 247728]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-10-25 932288]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2010-10-25 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-10-25 821144]
"KiesHelper"=C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2011-09-29 929680]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2011-09-29 3508112]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutoCAD Startup Accelerator.lnk - C:\Program Files (x86)\Common Files\Autodesk Shared\acstart16.exe
C:\Users\steepee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SCIA.lnk - C:\Program Files (x86)\SCIA\SCIA.bat
TOTALCMD64.lnk - C:\Program Files\totalcmd\TOTALCMD64.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-10-13 249344]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.inf - open - %SystemRoot%\SysWow64\NOTEPAD.EXE %1
.inf - install - %SystemRoot%\SysWow64\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\WScript.exe "%1" %*
.scr - open - "C:\Windows\notepad.exe" "%1"
.scr - install -
.scr - config -
.vbs - open - %SystemRoot%\SysWow64\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-09-10 21:14:25 ----D---- C:\Program Files\trend micro
2012-09-10 21:14:24 ----D---- C:\rsit
2012-09-07 14:11:33 ----D---- C:\ProgramData\Scia
2012-09-04 10:55:54 ----D---- C:\ProgramData\HILTI
2012-09-04 05:43:11 ----D---- C:\ProgramData\Samsung
2012-09-04 05:42:25 ----D---- C:\ProgramData\NVIDIA
2012-09-03 10:48:14 ----D---- C:\ProgramData\ACD Systems
2012-09-03 09:41:50 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-09-03 08:44:53 ----D---- C:\ProgramData\FNP
2012-09-03 07:59:20 ----D---- C:\ProgramData\Macrovision
2012-09-03 07:09:23 ----D---- C:\Users\steepee\AppData\Roaming\f-secure
2012-09-01 10:10:48 ----SHD---- C:\$RECYCLE.BIN
2012-09-01 07:25:22 ----D---- C:\Windows\temp
2012-09-01 05:44:48 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-09-01 05:44:48 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-09-01 05:44:48 ----A---- C:\Windows\SYSWOW64\java.exe
2012-08-30 14:27:55 ----A---- C:\Windows\system32\drivers\tmcomm.sys
2012-08-30 07:17:00 ----D---- C:\Program Files (x86)\PC Tools
2012-08-30 07:07:56 ----A---- C:\Windows\system32\drivers\Cat.DB
2012-08-30 07:07:52 ----A---- C:\Windows\system32\drivers\PCTSD64.sys
2012-08-30 07:07:25 ----D---- C:\Users\steepee\AppData\Roaming\TestApp
2012-08-29 22:10:23 ----D---- C:\Users\steepee\AppData\Roaming\Malwarebytes
2012-08-29 20:38:51 ----D---- C:\ProgramData\ESET
2012-08-29 20:38:51 ----D---- C:\Program Files\ESET
2012-08-28 13:18:56 ----D---- C:\Users\steepee\AppData\Roaming\pdfforge
2012-08-28 13:18:50 ----A---- C:\Windows\SYSWOW64\MSMPIDE.DLL
2012-08-28 13:18:49 ----D---- C:\Program Files (x86)\PDFCreator
2012-08-15 21:11:08 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-08-15 21:11:08 ----A---- C:\Windows\system32\mshtmled.dll
2012-08-15 21:11:07 ----A---- C:\Windows\SYSWOW64\url.dll
2012-08-15 21:11:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-08-15 21:11:07 ----A---- C:\Windows\system32\url.dll
2012-08-15 21:11:07 ----A---- C:\Windows\system32\iertutil.dll
2012-08-15 21:11:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-08-15 21:11:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-08-15 21:11:06 ----A---- C:\Windows\system32\urlmon.dll
2012-08-15 21:11:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-08-15 21:11:05 ----A---- C:\Windows\system32\ieUnatt.exe
2012-08-15 21:11:05 ----A---- C:\Windows\system32\ieui.dll
2012-08-15 21:11:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-08-15 21:11:04 ----A---- C:\Windows\system32\jscript9.dll
2012-08-15 21:11:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-08-15 21:11:03 ----A---- C:\Windows\system32\wininet.dll
2012-08-15 21:11:03 ----A---- C:\Windows\system32\jsproxy.dll
2012-08-15 21:11:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-08-15 21:11:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-08-15 21:11:02 ----A---- C:\Windows\system32\jscript.dll
2012-08-15 21:11:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-08-15 21:10:59 ----A---- C:\Windows\system32\mshtml.dll
2012-08-15 21:10:58 ----A---- C:\Windows\system32\ieframe.dll
2012-08-15 21:10:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-08-15 19:30:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-08-15 19:30:07 ----A---- C:\Windows\system32\srcore.dll
2012-08-15 19:30:00 ----A---- C:\Windows\system32\win32spl.dll
2012-08-15 19:29:59 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-08-15 19:29:59 ----A---- C:\Windows\system32\spoolsv.exe
2012-08-15 19:29:59 ----A---- C:\Windows\splwow64.exe
2012-08-15 19:29:20 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-08-15 19:29:20 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-08-15 19:29:20 ----A---- C:\Windows\system32\netapi32.dll
2012-08-15 19:29:20 ----A---- C:\Windows\system32\browser.dll
2012-08-15 19:29:20 ----A---- C:\Windows\system32\browcli.dll
2012-08-15 19:29:18 ----A---- C:\Windows\system32\win32k.sys
2012-08-15 19:29:16 ----A---- C:\Windows\system32\localspl.dll
======List of files/folders modified in the last 1 month======
2012-09-10 21:14:32 ----D---- C:\Windows\Prefetch
2012-09-10 21:14:25 ----RD---- C:\Program Files
2012-09-10 21:14:03 ----D---- C:\Users\steepee\AppData\Roaming\Skype
2012-09-10 21:13:14 ----D---- C:\Windows\system32\catroot2
2012-09-10 21:13:12 ----D---- C:\Flexlm
2012-09-10 21:12:58 ----D---- C:\Windows
2012-09-10 21:12:50 ----RD---- C:\Temp
2012-09-10 13:42:37 ----D---- C:\Windows\system32\drivers
2012-09-10 11:28:06 ----D---- C:\Windows\system32\config
2012-09-09 08:31:55 ----SHD---- C:\Windows\Installer
2012-09-09 08:31:55 ----D---- C:\Config.Msi
2012-09-08 17:49:30 ----A---- C:\Windows\Metspec.ini
2012-09-07 20:44:38 ----D---- C:\Users\steepee\AppData\Roaming\Winamp
2012-09-07 14:11:33 ----D---- C:\ProgramData
2012-09-07 14:09:30 ----D---- C:\Windows\Downloaded Installations
2012-09-05 16:27:30 ----D---- C:\Users\steepee\AppData\Roaming\Media Player Classic
2012-09-05 09:39:47 ----D---- C:\Windows\System32
2012-09-05 09:39:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-05 09:39:46 ----D---- C:\Windows\inf
2012-09-04 06:57:55 ----D---- C:\KBcertifikat
2012-09-03 07:34:50 ----RD---- C:\Program Files (x86)
2012-09-02 15:07:34 ----SHD---- C:\System Volume Information
2012-09-02 08:10:39 ----D---- C:\Users\steepee\AppData\Roaming\My Games
2012-09-02 08:03:29 ----SD---- C:\Users\steepee\AppData\Roaming\Microsoft
2012-09-02 07:09:26 ----D---- C:\Windows\SoftwareDistribution
2012-09-02 06:08:41 ----D---- C:\ProgramData\Adobe
2012-09-01 07:27:49 ----A---- C:\Windows\system.ini
2012-09-01 07:27:06 ----D---- C:\Windows\system32\drivers\etc
2012-09-01 07:17:56 ----D---- C:\Windows\SYSWOW64\drivers
2012-09-01 07:17:56 ----D---- C:\Windows\SysWOW64
2012-09-01 07:17:56 ----D---- C:\Windows\AppPatch
2012-09-01 07:17:55 ----D---- C:\Program Files (x86)\Common Files
2012-09-01 05:44:47 ----D---- C:\Program Files (x86)\Java
2012-08-30 20:22:20 ----D---- C:\Windows\Tasks
2012-08-30 20:22:20 ----D---- C:\Windows\system32\Tasks
2012-08-30 09:34:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-30 09:34:05 ----A---- C:\Windows\metsec.ini
2012-08-30 09:22:52 ----DC---- C:\Windows\system32\DRVSTORE
2012-08-30 09:18:42 ----RSD---- C:\Windows\assembly
2012-08-30 09:15:34 ----D---- C:\Windows\system32\DriverStore
2012-08-30 09:15:34 ----D---- C:\Windows\system32\catroot
2012-08-30 09:15:32 ----D---- C:\Program Files\Common Files
2012-08-30 09:14:24 ----D---- C:\Program Files (x86)\Adobe
2012-08-30 07:17:18 ----D---- C:\Windows\winsxs
2012-08-29 19:11:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-08-29 08:23:16 ----D---- C:\ProgramData\Skype
2012-08-28 20:24:56 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2012-08-28 20:24:53 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-08-28 16:51:34 ----D---- C:\Users\steepee\AppData\Roaming\BitTorrent
2012-08-16 09:40:17 ----D---- C:\Windows\debug
2012-08-16 05:57:31 ----RSD---- C:\Windows\Fonts
2012-08-16 05:57:30 ----D---- C:\Windows\SYSWOW64\migration
2012-08-16 05:57:30 ----D---- C:\Windows\system32\migration
2012-08-16 05:57:30 ----D---- C:\Program Files (x86)\Internet Explorer
2012-08-16 05:57:29 ----D---- C:\Program Files\Internet Explorer
2012-08-15 21:07:39 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvrd64;NVIDIA nForce RAID Driver; C:\Windows\system32\DRIVERS\nvrd64.sys [2010-04-09 175720]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2010-04-09 244328]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-09 834544]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys [2009-08-07 23112]
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\Windows\system32\DRIVERS\SNTUSB64.SYS [2011-05-27 63528]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2010-12-21 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-12-21 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2010-12-21 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-08-02 51712]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-05-15 889664]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
R2 Tekla Structures Licensing Service;Tekla Structures Licensing Service; C:\TeklaStructures\License\Server\lmgrd.exe [2009-08-17 1122568]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-04-20 92592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-09 1045256]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-10-09 74360]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-09 1431888]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe [2008-09-18 93848]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
děkuji
stp
Re: trojsky kun Ponmocup.AA
Log je v pořádku.
Pokud nejsou problémy, je to vše
Pokud nejsou problémy, je to vše
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?