Zdravim,
mel jsem zavirovane pc, projel jsem ho uz antivirama a ruznymi utilitami a zda se byt jiz v lepsim stavu nez byl.
Pretrvava ale problem nasledujici. Po spusteni combofixu PC zatuhne - nezamrzne uplne, ale tim zpusobem, ze disk prestane reagovat. Kurzor mysi funguje, ale to je tak asi vse...pomuze pouze tvrdy restart.
Posilam log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by jaja at 2012-11-09 18:07:27
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 121 GB (40%) free of 305 GB
Total RAM: 2038 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:07:30, on 9.11.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19328)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\System32\mobsync.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\taskmgr.exe
C:\Users\jaja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jaja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jaja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jaja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jaja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jaja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jaja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\msfeedssync.exe
C:\Users\jaja\Downloads\RSIT.exe
C:\Program Files\trend micro\jaja.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb174?a=6PQHOf4UtG&i=26
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\jaja\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
--
End of file - 7154 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-242081688-3743924025-3572715692-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-242081688-3743924025-3572715692-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{090F3CD4-12E4-4F3E-AEFF-E437010052E1}.job
=========Mozilla firefox=========
ProfilePath - C:\Users\jaja\AppData\Roaming\Mozilla\Firefox\Profiles\3hw7tc7a.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, toolbar@ask.com:3.12.2.100007, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.2.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... e=en_EU&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\jaja\AppData\Roaming\Mozilla\Firefox\Profiles\3hw7tc7a.default\extensions\
ffxtlbr@incredibar.com
{20a82645-c095-46ed-80e3-08825760534b}
C:\Users\jaja\AppData\Roaming\Mozilla\Firefox\Profiles\3hw7tc7a.default\searchplugins\
askcom.xml
MyStart Search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-04-25 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-04-25 170520]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-04-25 141848]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"Media Codec Update Service"=C:\Program Files\Essentials Codec Pack\update.exe [2007-04-08 303104]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Google Update"=C:\Users\jaja\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-20 136176]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\jaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-04-18 208896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=153
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-11-09 18:07:28 ----D---- C:\Program Files\trend micro
2012-11-09 18:07:27 ----D---- C:\rsit
2012-11-09 17:56:55 ----SHD---- C:\$RECYCLE.BIN
2012-11-09 17:52:45 ----A---- C:\Windows\zip.exe
2012-11-09 17:52:45 ----A---- C:\Windows\SWSC.exe
2012-11-09 17:52:45 ----A---- C:\Windows\SWREG.exe
2012-11-09 17:52:45 ----A---- C:\Windows\sed.exe
2012-11-09 17:52:45 ----A---- C:\Windows\PEV.exe
2012-11-09 17:52:45 ----A---- C:\Windows\MBR.exe
2012-11-09 17:52:45 ----A---- C:\Windows\grep.exe
2012-11-09 17:52:42 ----SD---- C:\ComboFix
2012-11-09 17:52:39 ----D---- C:\Qoobox
2012-11-08 20:25:08 ----D---- C:\Users\jaja\AppData\Roaming\Malwarebytes
2012-11-08 20:24:58 ----D---- C:\ProgramData\Malwarebytes
2012-11-08 20:15:06 ----A---- C:\Windows\NIRCMD.exe
2012-11-08 20:14:37 ----SD---- C:\32788R22FWJFW
2012-11-08 18:01:58 ----D---- C:\Program Files\Sophos
2012-11-08 17:50:54 ----A---- C:\Windows\ntbtlog.txt
2012-11-07 20:23:08 ----D---- C:\Windows\erdnt
2012-11-07 19:59:37 ----A---- C:\Windows\system32\msvcr80.dll
2012-11-07 19:59:36 ----A---- C:\Windows\system32\msvcp80.dll
2012-11-07 19:59:35 ----A---- C:\Windows\system32\msvcp90.dll
2012-11-07 19:59:34 ----A---- C:\Windows\system32\msvcr90.dll
2012-11-07 19:59:33 ----A---- C:\Windows\system32\eEmpty.exe
2012-11-07 19:59:29 ----D---- C:\Program Files\Common Files\MicroWorld
2012-11-07 19:59:19 ----D---- C:\ProgramData\MicroWorld
2012-11-07 18:57:20 ----A---- C:\Windows\system32\CSVer.dll
2012-11-07 18:57:19 ----D---- C:\Program Files\Intel
2012-11-07 18:48:02 ----D---- C:\Program Files\Common Files\Adobe
2012-11-07 18:46:45 ----D---- C:\ProgramData\Adobe
2012-11-07 18:44:18 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2012-11-07 18:44:18 ----A---- C:\Windows\system32\javaw.exe
2012-11-07 18:44:18 ----A---- C:\Windows\system32\java.exe
2012-11-07 18:11:07 ----A---- C:\Windows\system32\crypt32.dll
2012-11-07 18:11:06 ----A---- C:\Windows\system32\cryptsvc.dll
2012-11-07 18:11:05 ----A---- C:\Windows\system32\cryptnet.dll
2012-11-07 18:10:58 ----A---- C:\Windows\system32\wintrust.dll
2012-11-07 18:10:50 ----A---- C:\Windows\system32\tzres.dll
2012-11-07 18:10:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-11-07 18:10:44 ----A---- C:\Windows\system32\ntkrnlpa.exe
======List of files/folders modified in the last 1 month======
2012-11-09 18:07:28 ----RD---- C:\Program Files
2012-11-09 18:07:25 ----D---- C:\Windows\Temp
2012-11-09 18:03:05 ----D---- C:\Windows\System32
2012-11-09 18:03:05 ----D---- C:\Windows\inf
2012-11-09 18:03:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-09 17:58:56 ----SHD---- C:\System Volume Information
2012-11-09 17:54:35 ----D---- C:\Windows
2012-11-09 17:52:40 ----D---- C:\Windows\system32\drivers
2012-11-09 17:47:18 ----D---- C:\install
2012-11-09 17:37:46 ----SHD---- C:\Windows\Installer
2012-11-09 17:37:46 ----HD---- C:\Config.Msi
2012-11-09 17:35:21 ----D---- C:\Windows\system32\catroot2
2012-11-08 20:24:58 ----HD---- C:\ProgramData
2012-11-08 18:38:04 ----D---- C:\Windows\Minidump
2012-11-08 17:18:39 ----D---- C:\Program Files\Common Files\Motive
2012-11-08 16:37:43 ----D---- C:\Windows\system32\Tasks
2012-11-07 20:41:30 ----D---- C:\Windows\SoftwareDistribution
2012-11-07 19:59:29 ----D---- C:\Program Files\Common Files
2012-11-07 19:59:23 ----N---- C:\Windows\win.ini
2012-11-07 19:49:58 ----D---- C:\Users\jaja\AppData\Roaming\Media Player Classic
2012-11-07 19:48:30 ----D---- C:\Windows\Panther
2012-11-07 19:48:29 ----D---- C:\Windows\Logs
2012-11-07 19:48:29 ----D---- C:\Windows\Debug
2012-11-07 19:45:14 ----AD---- C:\ProgramData\TEMP
2012-11-07 19:00:51 ----D---- C:\Windows\system32\catroot
2012-11-07 18:54:53 ----D---- C:\Windows\rescache
2012-11-07 18:51:47 ----SD---- C:\Users\jaja\AppData\Roaming\Microsoft
2012-11-07 18:51:47 ----D---- C:\Users\jaja\AppData\Roaming\Adobe
2012-11-07 18:48:02 ----D---- C:\Program Files\Adobe
2012-11-07 18:44:18 ----D---- C:\Program Files\Java
2012-11-07 18:44:11 ----D---- C:\Windows\winsxs
2012-11-07 18:30:32 ----D---- C:\Windows\system32\cs-CZ
2012-11-07 18:30:26 ----D---- C:\ProgramData\Norton
2012-11-07 18:22:00 ----D---- C:\ProgramData\Microsoft Help
2012-11-07 18:19:54 ----A---- C:\Windows\system32\mrt.exe
2012-11-07 18:10:38 ----SD---- C:\ProgramData\Microsoft
2012-11-07 18:07:19 ----D---- C:\Program Files\Common Files\PC Tools
2012-11-07 18:05:29 ----D---- C:\Windows\Tasks
2012-11-07 18:05:29 ----D---- C:\ProgramData\Symantec
2012-11-07 17:57:01 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-04-18 2354176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S1 MpKsld2d0cb7a;MpKsld2d0cb7a; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98F15D8E-AEC7-4832-AA24-707623E7F628}\MpKsld2d0cb7a.sys []
S3 catchme;catchme; \??\C:\Users\jaja\AppData\Local\Temp\catchme.sys [2012-11-09 31744]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-03-29 21248]
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-03-29 20096]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-03-29 598312]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-03-20 75136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-22 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Combofix - zatuhne PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119520
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Combofix - zatuhne PC
Zdravím!
Combofix je utilita určené pouze odborníkům. Takže se jí budeme zaobírat, až bude nutné ji nasadit. Laikům ji nedoporučuji vůbec spouštět, pokud si něchtějí zbořit systém.
Nejprve systém vyčistíme od zbytečností.
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
Combofix je utilita určené pouze odborníkům. Takže se jí budeme zaobírat, až bude nutné ji nasadit. Laikům ji nedoporučuji vůbec spouštět, pokud si něchtějí zbořit systém.
Nejprve systém vyčistíme od zbytečností.
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-242081688-3743924025-3572715692-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-242081688-3743924025-3572715692-1000UA.job
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Combofix - zatuhne PC
Logfile of random's system information tool 1.09 (written by random/random)
Run by jaja at 2012-11-09 19:00:42
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 118 GB (39%) free of 305 GB
Total RAM: 2038 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:01:41, on 9.11.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19328)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Users\jaja\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\Motive\McciControlHost.exe
C:\Users\jaja\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\trend micro\jaja.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb174?a=6PQHOf4UtG&i=26
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\jaja\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
--
End of file - 6740 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{090F3CD4-12E4-4F3E-AEFF-E437010052E1}.job
=========Mozilla firefox=========
ProfilePath - C:\Users\jaja\AppData\Roaming\Mozilla\Firefox\Profiles\3hw7tc7a.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, toolbar@ask.com:3.12.2.100007, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.2.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... e=en_EU&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\jaja\AppData\Roaming\Mozilla\Firefox\Profiles\3hw7tc7a.default\extensions\
ffxtlbr@incredibar.com
{20a82645-c095-46ed-80e3-08825760534b}
C:\Users\jaja\AppData\Roaming\Mozilla\Firefox\Profiles\3hw7tc7a.default\searchplugins\
askcom.xml
MyStart Search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-04-25 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-04-25 170520]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-04-25 141848]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"Media Codec Update Service"=C:\Program Files\Essentials Codec Pack\update.exe [2007-04-08 303104]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Google Update"=C:\Users\jaja\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-20 136176]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\jaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-04-18 208896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=153
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-11-09 18:59:00 ----D---- C:\_OTM
2012-11-09 18:43:29 ----D---- C:\Users\jaja\AppData\Roaming\HD Tune Pro
2012-11-09 18:43:26 ----D---- C:\Program Files\HD Tune Pro
2012-11-09 18:07:28 ----D---- C:\Program Files\trend micro
2012-11-09 18:07:27 ----D---- C:\rsit
2012-11-09 17:56:55 ----SHD---- C:\$RECYCLE.BIN
2012-11-09 17:52:45 ----A---- C:\Windows\zip.exe
2012-11-09 17:52:45 ----A---- C:\Windows\SWSC.exe
2012-11-09 17:52:45 ----A---- C:\Windows\SWREG.exe
2012-11-09 17:52:45 ----A---- C:\Windows\sed.exe
2012-11-09 17:52:45 ----A---- C:\Windows\PEV.exe
2012-11-09 17:52:45 ----A---- C:\Windows\MBR.exe
2012-11-09 17:52:45 ----A---- C:\Windows\grep.exe
2012-11-09 17:52:42 ----SD---- C:\ComboFix
2012-11-09 17:52:39 ----D---- C:\Qoobox
2012-11-08 20:25:08 ----D---- C:\Users\jaja\AppData\Roaming\Malwarebytes
2012-11-08 20:24:58 ----D---- C:\ProgramData\Malwarebytes
2012-11-08 20:15:06 ----A---- C:\Windows\NIRCMD.exe
2012-11-08 20:14:37 ----SD---- C:\32788R22FWJFW
2012-11-08 18:01:58 ----D---- C:\Program Files\Sophos
2012-11-08 17:50:54 ----A---- C:\Windows\ntbtlog.txt
2012-11-07 20:23:08 ----D---- C:\Windows\erdnt
2012-11-07 19:59:37 ----A---- C:\Windows\system32\msvcr80.dll
2012-11-07 19:59:36 ----A---- C:\Windows\system32\msvcp80.dll
2012-11-07 19:59:35 ----A---- C:\Windows\system32\msvcp90.dll
2012-11-07 19:59:34 ----A---- C:\Windows\system32\msvcr90.dll
2012-11-07 19:59:33 ----A---- C:\Windows\system32\eEmpty.exe
2012-11-07 19:59:29 ----D---- C:\Program Files\Common Files\MicroWorld
2012-11-07 19:59:19 ----D---- C:\ProgramData\MicroWorld
2012-11-07 18:57:20 ----A---- C:\Windows\system32\CSVer.dll
2012-11-07 18:57:19 ----D---- C:\Program Files\Intel
2012-11-07 18:48:02 ----D---- C:\Program Files\Common Files\Adobe
2012-11-07 18:46:45 ----D---- C:\ProgramData\Adobe
2012-11-07 18:44:18 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2012-11-07 18:44:18 ----A---- C:\Windows\system32\javaw.exe
2012-11-07 18:44:18 ----A---- C:\Windows\system32\java.exe
2012-11-07 18:11:07 ----A---- C:\Windows\system32\crypt32.dll
2012-11-07 18:11:06 ----A---- C:\Windows\system32\cryptsvc.dll
2012-11-07 18:11:05 ----A---- C:\Windows\system32\cryptnet.dll
2012-11-07 18:10:58 ----A---- C:\Windows\system32\wintrust.dll
2012-11-07 18:10:50 ----A---- C:\Windows\system32\tzres.dll
2012-11-07 18:10:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-11-07 18:10:44 ----A---- C:\Windows\system32\ntkrnlpa.exe
======List of files/folders modified in the last 1 month======
2012-11-09 19:01:29 ----D---- C:\Windows\Temp
2012-11-09 18:59:01 ----D---- C:\Windows\Tasks
2012-11-09 18:43:26 ----RD---- C:\Program Files
2012-11-09 18:30:10 ----D---- C:\Windows\System32
2012-11-09 18:30:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-09 18:30:09 ----D---- C:\Windows\inf
2012-11-09 17:58:56 ----SHD---- C:\System Volume Information
2012-11-09 17:54:35 ----D---- C:\Windows
2012-11-09 17:52:40 ----D---- C:\Windows\system32\drivers
2012-11-09 17:47:18 ----D---- C:\install
2012-11-09 17:37:46 ----SHD---- C:\Windows\Installer
2012-11-09 17:37:46 ----HD---- C:\Config.Msi
2012-11-09 17:35:21 ----D---- C:\Windows\system32\catroot2
2012-11-08 20:24:58 ----HD---- C:\ProgramData
2012-11-08 18:38:04 ----D---- C:\Windows\Minidump
2012-11-08 17:18:39 ----D---- C:\Program Files\Common Files\Motive
2012-11-08 16:37:43 ----D---- C:\Windows\system32\Tasks
2012-11-07 20:41:30 ----D---- C:\Windows\SoftwareDistribution
2012-11-07 19:59:29 ----D---- C:\Program Files\Common Files
2012-11-07 19:59:23 ----N---- C:\Windows\win.ini
2012-11-07 19:49:58 ----D---- C:\Users\jaja\AppData\Roaming\Media Player Classic
2012-11-07 19:48:30 ----D---- C:\Windows\Panther
2012-11-07 19:48:29 ----D---- C:\Windows\Logs
2012-11-07 19:48:29 ----D---- C:\Windows\Debug
2012-11-07 19:45:14 ----AD---- C:\ProgramData\TEMP
2012-11-07 19:00:51 ----D---- C:\Windows\system32\catroot
2012-11-07 18:54:53 ----D---- C:\Windows\rescache
2012-11-07 18:51:47 ----SD---- C:\Users\jaja\AppData\Roaming\Microsoft
2012-11-07 18:51:47 ----D---- C:\Users\jaja\AppData\Roaming\Adobe
2012-11-07 18:48:02 ----D---- C:\Program Files\Adobe
2012-11-07 18:44:18 ----D---- C:\Program Files\Java
2012-11-07 18:44:11 ----D---- C:\Windows\winsxs
2012-11-07 18:30:32 ----D---- C:\Windows\system32\cs-CZ
2012-11-07 18:30:26 ----D---- C:\ProgramData\Norton
2012-11-07 18:22:00 ----D---- C:\ProgramData\Microsoft Help
2012-11-07 18:19:54 ----A---- C:\Windows\system32\mrt.exe
2012-11-07 18:10:38 ----SD---- C:\ProgramData\Microsoft
2012-11-07 18:07:19 ----D---- C:\Program Files\Common Files\PC Tools
2012-11-07 18:05:29 ----D---- C:\ProgramData\Symantec
2012-11-07 17:57:01 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-04-18 2354176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S1 MpKsld2d0cb7a;MpKsld2d0cb7a; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98F15D8E-AEC7-4832-AA24-707623E7F628}\MpKsld2d0cb7a.sys []
S3 catchme;catchme; \??\C:\Users\jaja\AppData\Local\Temp\catchme.sys [2012-11-09 31744]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-03-29 21248]
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-03-29 20096]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-03-29 598312]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-03-20 75136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-22 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Run by jaja at 2012-11-09 19:00:42
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 118 GB (39%) free of 305 GB
Total RAM: 2038 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:01:41, on 9.11.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19328)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Users\jaja\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\Motive\McciControlHost.exe
C:\Users\jaja\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\trend micro\jaja.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb174?a=6PQHOf4UtG&i=26
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\jaja\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
--
End of file - 6740 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{090F3CD4-12E4-4F3E-AEFF-E437010052E1}.job
=========Mozilla firefox=========
ProfilePath - C:\Users\jaja\AppData\Roaming\Mozilla\Firefox\Profiles\3hw7tc7a.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, toolbar@ask.com:3.12.2.100007, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.2.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... e=en_EU&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\jaja\AppData\Roaming\Mozilla\Firefox\Profiles\3hw7tc7a.default\extensions\
ffxtlbr@incredibar.com
{20a82645-c095-46ed-80e3-08825760534b}
C:\Users\jaja\AppData\Roaming\Mozilla\Firefox\Profiles\3hw7tc7a.default\searchplugins\
askcom.xml
MyStart Search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-04-25 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-04-25 170520]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-04-25 141848]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"Media Codec Update Service"=C:\Program Files\Essentials Codec Pack\update.exe [2007-04-08 303104]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Google Update"=C:\Users\jaja\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-20 136176]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\jaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-04-18 208896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=153
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-11-09 18:59:00 ----D---- C:\_OTM
2012-11-09 18:43:29 ----D---- C:\Users\jaja\AppData\Roaming\HD Tune Pro
2012-11-09 18:43:26 ----D---- C:\Program Files\HD Tune Pro
2012-11-09 18:07:28 ----D---- C:\Program Files\trend micro
2012-11-09 18:07:27 ----D---- C:\rsit
2012-11-09 17:56:55 ----SHD---- C:\$RECYCLE.BIN
2012-11-09 17:52:45 ----A---- C:\Windows\zip.exe
2012-11-09 17:52:45 ----A---- C:\Windows\SWSC.exe
2012-11-09 17:52:45 ----A---- C:\Windows\SWREG.exe
2012-11-09 17:52:45 ----A---- C:\Windows\sed.exe
2012-11-09 17:52:45 ----A---- C:\Windows\PEV.exe
2012-11-09 17:52:45 ----A---- C:\Windows\MBR.exe
2012-11-09 17:52:45 ----A---- C:\Windows\grep.exe
2012-11-09 17:52:42 ----SD---- C:\ComboFix
2012-11-09 17:52:39 ----D---- C:\Qoobox
2012-11-08 20:25:08 ----D---- C:\Users\jaja\AppData\Roaming\Malwarebytes
2012-11-08 20:24:58 ----D---- C:\ProgramData\Malwarebytes
2012-11-08 20:15:06 ----A---- C:\Windows\NIRCMD.exe
2012-11-08 20:14:37 ----SD---- C:\32788R22FWJFW
2012-11-08 18:01:58 ----D---- C:\Program Files\Sophos
2012-11-08 17:50:54 ----A---- C:\Windows\ntbtlog.txt
2012-11-07 20:23:08 ----D---- C:\Windows\erdnt
2012-11-07 19:59:37 ----A---- C:\Windows\system32\msvcr80.dll
2012-11-07 19:59:36 ----A---- C:\Windows\system32\msvcp80.dll
2012-11-07 19:59:35 ----A---- C:\Windows\system32\msvcp90.dll
2012-11-07 19:59:34 ----A---- C:\Windows\system32\msvcr90.dll
2012-11-07 19:59:33 ----A---- C:\Windows\system32\eEmpty.exe
2012-11-07 19:59:29 ----D---- C:\Program Files\Common Files\MicroWorld
2012-11-07 19:59:19 ----D---- C:\ProgramData\MicroWorld
2012-11-07 18:57:20 ----A---- C:\Windows\system32\CSVer.dll
2012-11-07 18:57:19 ----D---- C:\Program Files\Intel
2012-11-07 18:48:02 ----D---- C:\Program Files\Common Files\Adobe
2012-11-07 18:46:45 ----D---- C:\ProgramData\Adobe
2012-11-07 18:44:18 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2012-11-07 18:44:18 ----A---- C:\Windows\system32\javaw.exe
2012-11-07 18:44:18 ----A---- C:\Windows\system32\java.exe
2012-11-07 18:11:07 ----A---- C:\Windows\system32\crypt32.dll
2012-11-07 18:11:06 ----A---- C:\Windows\system32\cryptsvc.dll
2012-11-07 18:11:05 ----A---- C:\Windows\system32\cryptnet.dll
2012-11-07 18:10:58 ----A---- C:\Windows\system32\wintrust.dll
2012-11-07 18:10:50 ----A---- C:\Windows\system32\tzres.dll
2012-11-07 18:10:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-11-07 18:10:44 ----A---- C:\Windows\system32\ntkrnlpa.exe
======List of files/folders modified in the last 1 month======
2012-11-09 19:01:29 ----D---- C:\Windows\Temp
2012-11-09 18:59:01 ----D---- C:\Windows\Tasks
2012-11-09 18:43:26 ----RD---- C:\Program Files
2012-11-09 18:30:10 ----D---- C:\Windows\System32
2012-11-09 18:30:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-09 18:30:09 ----D---- C:\Windows\inf
2012-11-09 17:58:56 ----SHD---- C:\System Volume Information
2012-11-09 17:54:35 ----D---- C:\Windows
2012-11-09 17:52:40 ----D---- C:\Windows\system32\drivers
2012-11-09 17:47:18 ----D---- C:\install
2012-11-09 17:37:46 ----SHD---- C:\Windows\Installer
2012-11-09 17:37:46 ----HD---- C:\Config.Msi
2012-11-09 17:35:21 ----D---- C:\Windows\system32\catroot2
2012-11-08 20:24:58 ----HD---- C:\ProgramData
2012-11-08 18:38:04 ----D---- C:\Windows\Minidump
2012-11-08 17:18:39 ----D---- C:\Program Files\Common Files\Motive
2012-11-08 16:37:43 ----D---- C:\Windows\system32\Tasks
2012-11-07 20:41:30 ----D---- C:\Windows\SoftwareDistribution
2012-11-07 19:59:29 ----D---- C:\Program Files\Common Files
2012-11-07 19:59:23 ----N---- C:\Windows\win.ini
2012-11-07 19:49:58 ----D---- C:\Users\jaja\AppData\Roaming\Media Player Classic
2012-11-07 19:48:30 ----D---- C:\Windows\Panther
2012-11-07 19:48:29 ----D---- C:\Windows\Logs
2012-11-07 19:48:29 ----D---- C:\Windows\Debug
2012-11-07 19:45:14 ----AD---- C:\ProgramData\TEMP
2012-11-07 19:00:51 ----D---- C:\Windows\system32\catroot
2012-11-07 18:54:53 ----D---- C:\Windows\rescache
2012-11-07 18:51:47 ----SD---- C:\Users\jaja\AppData\Roaming\Microsoft
2012-11-07 18:51:47 ----D---- C:\Users\jaja\AppData\Roaming\Adobe
2012-11-07 18:48:02 ----D---- C:\Program Files\Adobe
2012-11-07 18:44:18 ----D---- C:\Program Files\Java
2012-11-07 18:44:11 ----D---- C:\Windows\winsxs
2012-11-07 18:30:32 ----D---- C:\Windows\system32\cs-CZ
2012-11-07 18:30:26 ----D---- C:\ProgramData\Norton
2012-11-07 18:22:00 ----D---- C:\ProgramData\Microsoft Help
2012-11-07 18:19:54 ----A---- C:\Windows\system32\mrt.exe
2012-11-07 18:10:38 ----SD---- C:\ProgramData\Microsoft
2012-11-07 18:07:19 ----D---- C:\Program Files\Common Files\PC Tools
2012-11-07 18:05:29 ----D---- C:\ProgramData\Symantec
2012-11-07 17:57:01 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-04-18 2354176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S1 MpKsld2d0cb7a;MpKsld2d0cb7a; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98F15D8E-AEC7-4832-AA24-707623E7F628}\MpKsld2d0cb7a.sys []
S3 catchme;catchme; \??\C:\Users\jaja\AppData\Local\Temp\catchme.sys [2012-11-09 31744]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-03-29 21248]
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-03-29 20096]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-03-29 598312]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-03-20 75136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-22 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119520
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Combofix - zatuhne PC
Dvouklikem na soubor C:\Program Files\trend micro\jaja.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb174?a=6PQHOf4UtG&i=26
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Combofix - zatuhne PC
Hotovo...takze vse by melo byt OK ?
-
Rudy
- Site Admin
- Příspěvky: 119520
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Combofix - zatuhne PC
Žádný malware v logu není vidět. Žádný další problém nemáte?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Combofix - zatuhne PC
Viditelné problémy zatím nemám.
Ale mám podezření na nějakej ten rootkit...mbr.exe totiž taky sekne PC. Tak nevím no...ale tak snad je to OK
Ale mám podezření na nějakej ten rootkit...mbr.exe totiž taky sekne PC. Tak nevím no...ale tak snad je to OK
-
Rudy
- Site Admin
- Příspěvky: 119520
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Combofix - zatuhne PC
Zkuste ještě tento sken: http://support.kaspersky.com/downloads/ ... killer.zip . Stažený soubor rozbalte a spusťte. Nechte pracovat a po ukončení akce sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Combofix - zatuhne PC
Zdá se, že taky nic...
20:16:59.0016 3852 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:16:59.0226 3852 ============================================================
20:16:59.0226 3852 Current date / time: 2012/11/09 20:16:59.0226
20:16:59.0226 3852 SystemInfo:
20:16:59.0226 3852
20:16:59.0226 3852 OS Version: 6.0.6002 ServicePack: 2.0
20:16:59.0226 3852 Product type: Workstation
20:16:59.0226 3852 ComputerName: JAJA-PC
20:16:59.0227 3852 UserName: jaja
20:16:59.0227 3852 Windows directory: C:\Windows
20:16:59.0227 3852 System windows directory: C:\Windows
20:16:59.0227 3852 Processor architecture: Intel x86
20:16:59.0227 3852 Number of processors: 2
20:16:59.0227 3852 Page size: 0x1000
20:16:59.0227 3852 Boot type: Normal boot
20:16:59.0227 3852 ============================================================
20:17:00.0011 3852 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:17:00.0027 3852 ============================================================
20:17:00.0027 3852 \Device\Harddisk0\DR0:
20:17:00.0027 3852 MBR partitions:
20:17:00.0027 3852 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542E2B0
20:17:00.0027 3852 ============================================================
20:17:00.0052 3852 C: <-> \Device\Harddisk0\DR0\Partition1
20:17:00.0052 3852 ============================================================
20:17:00.0052 3852 Initialize success
20:17:00.0052 3852 ============================================================
20:17:05.0888 3108 ============================================================
20:17:05.0888 3108 Scan started
20:17:05.0888 3108 Mode: Manual;
20:17:05.0888 3108 ============================================================
20:17:06.0117 3108 ================ Scan system memory ========================
20:17:06.0117 3108 System memory - ok
20:17:06.0118 3108 ================ Scan services =============================
20:17:06.0240 3108 [ EBD7BD25C1D33B10D2251194C300EE85 ] 602XML Updater C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
20:17:06.0241 3108 602XML Updater - ok
20:17:06.0360 3108 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
20:17:06.0363 3108 ACPI - ok
20:17:06.0513 3108 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:17:06.0514 3108 AdobeARMservice - ok
20:17:06.0592 3108 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:17:06.0597 3108 adp94xx - ok
20:17:06.0627 3108 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:17:06.0630 3108 adpahci - ok
20:17:06.0672 3108 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:17:06.0673 3108 adpu160m - ok
20:17:06.0714 3108 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:17:06.0716 3108 adpu320 - ok
20:17:06.0755 3108 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:17:06.0756 3108 AeLookupSvc - ok
20:17:06.0799 3108 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
20:17:06.0802 3108 AFD - ok
20:17:06.0835 3108 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:17:06.0836 3108 agp440 - ok
20:17:06.0869 3108 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:17:06.0870 3108 aic78xx - ok
20:17:06.0897 3108 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
20:17:06.0898 3108 ALG - ok
20:17:06.0917 3108 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
20:17:06.0918 3108 aliide - ok
20:17:06.0942 3108 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:17:06.0943 3108 amdagp - ok
20:17:06.0959 3108 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
20:17:06.0959 3108 amdide - ok
20:17:06.0980 3108 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
20:17:06.0980 3108 AmdK7 - ok
20:17:06.0995 3108 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:17:06.0996 3108 AmdK8 - ok
20:17:07.0031 3108 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
20:17:07.0032 3108 Appinfo - ok
20:17:07.0073 3108 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
20:17:07.0074 3108 arc - ok
20:17:07.0110 3108 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:17:07.0111 3108 arcsas - ok
20:17:07.0137 3108 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:17:07.0138 3108 AsyncMac - ok
20:17:07.0156 3108 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
20:17:07.0156 3108 atapi - ok
20:17:07.0185 3108 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:17:07.0187 3108 AudioEndpointBuilder - ok
20:17:07.0195 3108 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:17:07.0197 3108 Audiosrv - ok
20:17:07.0227 3108 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
20:17:07.0228 3108 Beep - ok
20:17:07.0258 3108 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
20:17:07.0260 3108 BFE - ok
20:17:07.0304 3108 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
20:17:07.0310 3108 BITS - ok
20:17:07.0331 3108 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:17:07.0332 3108 blbdrive - ok
20:17:07.0365 3108 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:17:07.0365 3108 bowser - ok
20:17:07.0388 3108 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:17:07.0389 3108 BrFiltLo - ok
20:17:07.0407 3108 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:17:07.0408 3108 BrFiltUp - ok
20:17:07.0437 3108 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
20:17:07.0438 3108 Browser - ok
20:17:07.0477 3108 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
20:17:07.0478 3108 Brserid - ok
20:17:07.0495 3108 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:17:07.0495 3108 BrSerWdm - ok
20:17:07.0519 3108 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:17:07.0519 3108 BrUsbMdm - ok
20:17:07.0549 3108 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:17:07.0549 3108 BrUsbSer - ok
20:17:07.0569 3108 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:17:07.0569 3108 BTHMODEM - ok
20:17:07.0596 3108 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:17:07.0597 3108 cdfs - ok
20:17:07.0624 3108 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:17:07.0625 3108 cdrom - ok
20:17:07.0649 3108 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
20:17:07.0650 3108 CertPropSvc - ok
20:17:07.0675 3108 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
20:17:07.0676 3108 circlass - ok
20:17:07.0710 3108 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
20:17:07.0712 3108 CLFS - ok
20:17:07.0783 3108 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:17:07.0784 3108 clr_optimization_v2.0.50727_32 - ok
20:17:07.0844 3108 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:17:07.0846 3108 clr_optimization_v4.0.30319_32 - ok
20:17:07.0863 3108 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:17:07.0864 3108 cmdide - ok
20:17:07.0881 3108 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:17:07.0882 3108 Compbatt - ok
20:17:07.0890 3108 COMSysApp - ok
20:17:07.0900 3108 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:17:07.0901 3108 crcdisk - ok
20:17:07.0930 3108 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
20:17:07.0930 3108 Crusoe - ok
20:17:07.0962 3108 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:17:07.0964 3108 CryptSvc - ok
20:17:07.0993 3108 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:17:08.0002 3108 DcomLaunch - ok
20:17:08.0028 3108 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:17:08.0029 3108 DfsC - ok
20:17:08.0104 3108 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
20:17:08.0125 3108 DFSR - ok
20:17:08.0175 3108 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:17:08.0179 3108 Dhcp - ok
20:17:08.0209 3108 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
20:17:08.0210 3108 disk - ok
20:17:08.0237 3108 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:17:08.0239 3108 Dnscache - ok
20:17:08.0257 3108 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:17:08.0260 3108 dot3svc - ok
20:17:08.0301 3108 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:17:08.0303 3108 Dot4 - ok
20:17:08.0327 3108 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:17:08.0327 3108 Dot4Print - ok
20:17:08.0361 3108 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:17:08.0361 3108 dot4usb - ok
20:17:08.0386 3108 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
20:17:08.0388 3108 DPS - ok
20:17:08.0423 3108 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:17:08.0423 3108 drmkaud - ok
20:17:08.0459 3108 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:17:08.0466 3108 DXGKrnl - ok
20:17:08.0499 3108 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
20:17:08.0500 3108 E1G60 - ok
20:17:08.0528 3108 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
20:17:08.0530 3108 EapHost - ok
20:17:08.0554 3108 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
20:17:08.0556 3108 Ecache - ok
20:17:08.0610 3108 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:17:08.0613 3108 ehRecvr - ok
20:17:08.0632 3108 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
20:17:08.0634 3108 ehSched - ok
20:17:08.0647 3108 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
20:17:08.0648 3108 ehstart - ok
20:17:08.0690 3108 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:17:08.0694 3108 elxstor - ok
20:17:08.0743 3108 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:17:08.0750 3108 EMDMgmt - ok
20:17:08.0769 3108 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:17:08.0770 3108 ErrDev - ok
20:17:08.0811 3108 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
20:17:08.0815 3108 EventSystem - ok
20:17:08.0859 3108 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
20:17:08.0860 3108 exfat - ok
20:17:08.0897 3108 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:17:08.0899 3108 fastfat - ok
20:17:08.0923 3108 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:17:08.0924 3108 fdc - ok
20:17:08.0950 3108 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
20:17:08.0952 3108 fdPHost - ok
20:17:08.0975 3108 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
20:17:08.0977 3108 FDResPub - ok
20:17:08.0992 3108 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:17:08.0993 3108 FileInfo - ok
20:17:09.0017 3108 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:17:09.0018 3108 Filetrace - ok
20:17:09.0053 3108 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:17:09.0053 3108 flpydisk - ok
20:17:09.0081 3108 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:17:09.0084 3108 FltMgr - ok
20:17:09.0150 3108 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
20:17:09.0159 3108 FontCache - ok
20:17:09.0213 3108 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:17:09.0214 3108 FontCache3.0.0.0 - ok
20:17:09.0239 3108 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:17:09.0240 3108 Fs_Rec - ok
20:17:09.0264 3108 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:17:09.0265 3108 gagp30kx - ok
20:17:09.0309 3108 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
20:17:09.0316 3108 gpsvc - ok
20:17:09.0349 3108 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:17:09.0351 3108 HdAudAddService - ok
20:17:09.0397 3108 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:17:09.0403 3108 HDAudBus - ok
20:17:09.0425 3108 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:17:09.0426 3108 HidBth - ok
20:17:09.0445 3108 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:17:09.0446 3108 HidIr - ok
20:17:09.0468 3108 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
20:17:09.0469 3108 hidserv - ok
20:17:09.0498 3108 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:17:09.0499 3108 HidUsb - ok
20:17:09.0530 3108 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:17:09.0533 3108 hkmsvc - ok
20:17:09.0553 3108 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:17:09.0555 3108 HpCISSs - ok
20:17:09.0621 3108 [ 38D6B51F04DEF7FB248FA56E4C47407E ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:17:09.0624 3108 hpqcxs08 - ok
20:17:09.0645 3108 [ 3EE4A63539EC04EE2D4BD293985087AB ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:17:09.0647 3108 hpqddsvc - ok
20:17:09.0680 3108 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:17:09.0684 3108 HTTP - ok
20:17:09.0709 3108 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:17:09.0710 3108 i2omp - ok
20:17:09.0745 3108 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:17:09.0746 3108 i8042prt - ok
20:17:09.0785 3108 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:17:09.0788 3108 iaStorV - ok
20:17:09.0849 3108 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:17:09.0858 3108 idsvc - ok
20:17:09.0943 3108 [ 63C56DAC467EF814B60FF2AA2286C917 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
20:17:09.0966 3108 igfx - ok
20:17:09.0998 3108 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:17:09.0999 3108 iirsp - ok
20:17:10.0044 3108 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
20:17:10.0050 3108 IKEEXT - ok
20:17:10.0112 3108 [ C61B3B87F3856CEF0C9F204028C6860D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:17:10.0128 3108 IntcAzAudAddService - ok
20:17:10.0140 3108 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
20:17:10.0141 3108 intelide - ok
20:17:10.0157 3108 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:17:10.0158 3108 intelppm - ok
20:17:10.0183 3108 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:17:10.0186 3108 IPBusEnum - ok
20:17:10.0209 3108 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:17:10.0210 3108 IpFilterDriver - ok
20:17:10.0245 3108 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:17:10.0248 3108 iphlpsvc - ok
20:17:10.0253 3108 IpInIp - ok
20:17:10.0277 3108 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:17:10.0278 3108 IPMIDRV - ok
20:17:10.0295 3108 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:17:10.0296 3108 IPNAT - ok
20:17:10.0304 3108 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:17:10.0305 3108 IRENUM - ok
20:17:10.0322 3108 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:17:10.0323 3108 isapnp - ok
20:17:10.0359 3108 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:17:10.0361 3108 iScsiPrt - ok
20:17:10.0385 3108 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:17:10.0386 3108 iteatapi - ok
20:17:10.0407 3108 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:17:10.0407 3108 iteraid - ok
20:17:10.0414 3108 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:17:10.0415 3108 kbdclass - ok
20:17:10.0434 3108 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:17:10.0434 3108 kbdhid - ok
20:17:10.0458 3108 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
20:17:10.0459 3108 KeyIso - ok
20:17:10.0492 3108 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:17:10.0494 3108 KSecDD - ok
20:17:10.0519 3108 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:17:10.0523 3108 KtmRm - ok
20:17:10.0541 3108 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
20:17:10.0545 3108 LanmanServer - ok
20:17:10.0574 3108 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:17:10.0578 3108 LanmanWorkstation - ok
20:17:10.0596 3108 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:17:10.0596 3108 lltdio - ok
20:17:10.0621 3108 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:17:10.0624 3108 lltdsvc - ok
20:17:10.0651 3108 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:17:10.0653 3108 lmhosts - ok
20:17:10.0681 3108 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:17:10.0682 3108 LSI_FC - ok
20:17:10.0700 3108 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:17:10.0701 3108 LSI_SAS - ok
20:17:10.0722 3108 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:17:10.0723 3108 LSI_SCSI - ok
20:17:10.0749 3108 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
20:17:10.0750 3108 luafv - ok
20:17:10.0783 3108 [ 4F74184920B2D6E33024409B4C5C57C1 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
20:17:10.0786 3108 McciCMService - ok
20:17:10.0818 3108 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:17:10.0821 3108 Mcx2Svc - ok
20:17:10.0839 3108 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
20:17:10.0839 3108 megasas - ok
20:17:10.0870 3108 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
20:17:10.0874 3108 MegaSR - ok
20:17:10.0963 3108 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:17:10.0964 3108 Microsoft Office Groove Audit Service - ok
20:17:10.0991 3108 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
20:17:10.0994 3108 MMCSS - ok
20:17:11.0015 3108 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
20:17:11.0016 3108 Modem - ok
20:17:11.0046 3108 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:17:11.0047 3108 monitor - ok
20:17:11.0058 3108 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:17:11.0059 3108 mouclass - ok
20:17:11.0080 3108 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:17:11.0081 3108 mouhid - ok
20:17:11.0088 3108 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:17:11.0089 3108 MountMgr - ok
20:17:11.0128 3108 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:17:11.0130 3108 MozillaMaintenance - ok
20:17:11.0163 3108 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
20:17:11.0164 3108 mpio - ok
20:17:11.0245 3108 MpKsld2d0cb7a - ok
20:17:11.0261 3108 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:17:11.0262 3108 mpsdrv - ok
20:17:11.0296 3108 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
20:17:11.0301 3108 MpsSvc - ok
20:17:11.0326 3108 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:17:11.0327 3108 Mraid35x - ok
20:17:11.0370 3108 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
20:17:11.0371 3108 MREMP50 - ok
20:17:11.0411 3108 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
20:17:11.0412 3108 MRESP50 - ok
20:17:11.0449 3108 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:17:11.0451 3108 MRxDAV - ok
20:17:11.0475 3108 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:17:11.0476 3108 mrxsmb - ok
20:17:11.0499 3108 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:17:11.0501 3108 mrxsmb10 - ok
20:17:11.0519 3108 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:17:11.0520 3108 mrxsmb20 - ok
20:17:11.0540 3108 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
20:17:11.0541 3108 msahci - ok
20:17:11.0563 3108 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:17:11.0565 3108 msdsm - ok
20:17:11.0594 3108 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
20:17:11.0598 3108 MSDTC - ok
20:17:11.0629 3108 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:17:11.0630 3108 Msfs - ok
20:17:11.0657 3108 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:17:11.0658 3108 msisadrv - ok
20:17:11.0682 3108 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:17:11.0685 3108 MSiSCSI - ok
20:17:11.0691 3108 msiserver - ok
20:17:11.0724 3108 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:17:11.0725 3108 MSKSSRV - ok
20:17:11.0739 3108 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:17:11.0740 3108 MSPCLOCK - ok
20:17:11.0759 3108 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:17:11.0760 3108 MSPQM - ok
20:17:11.0800 3108 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:17:11.0802 3108 MsRPC - ok
20:17:11.0817 3108 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:17:11.0818 3108 mssmbios - ok
20:17:11.0836 3108 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:17:11.0836 3108 MSTEE - ok
20:17:11.0848 3108 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
20:17:11.0849 3108 Mup - ok
20:17:11.0870 3108 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
20:17:11.0877 3108 napagent - ok
20:17:11.0919 3108 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:17:11.0920 3108 NativeWifiP - ok
20:17:11.0984 3108 [ 13AA2130F2A104DD775EAD0F0EE5417B ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
20:17:11.0990 3108 NAUpdate - ok
20:17:12.0034 3108 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:17:12.0039 3108 NDIS - ok
20:17:12.0050 3108 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:17:12.0051 3108 NdisTapi - ok
20:17:12.0075 3108 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:17:12.0076 3108 Ndisuio - ok
20:17:12.0114 3108 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:17:12.0116 3108 NdisWan - ok
20:17:12.0131 3108 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:17:12.0132 3108 NDProxy - ok
20:17:12.0165 3108 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:17:12.0167 3108 Net Driver HPZ12 - ok
20:17:12.0182 3108 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:17:12.0183 3108 NetBIOS - ok
20:17:12.0209 3108 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:17:12.0210 3108 netbt - ok
20:17:12.0223 3108 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
20:17:12.0226 3108 Netlogon - ok
20:17:12.0255 3108 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
20:17:12.0261 3108 Netman - ok
20:17:12.0297 3108 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
20:17:12.0302 3108 netprofm - ok
20:17:12.0323 3108 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:17:12.0324 3108 NetTcpPortSharing - ok
20:17:12.0352 3108 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:17:12.0353 3108 nfrd960 - ok
20:17:12.0381 3108 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:17:12.0385 3108 NlaSvc - ok
20:17:12.0413 3108 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:17:12.0415 3108 Npfs - ok
20:17:12.0436 3108 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
20:17:12.0439 3108 nsi - ok
20:17:12.0460 3108 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:17:12.0460 3108 nsiproxy - ok
20:17:12.0510 3108 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:17:12.0520 3108 Ntfs - ok
20:17:12.0543 3108 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
20:17:12.0543 3108 ntrigdigi - ok
20:17:12.0568 3108 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
20:17:12.0569 3108 Null - ok
20:17:12.0597 3108 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:17:12.0598 3108 nvraid - ok
20:17:12.0621 3108 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:17:12.0622 3108 nvstor - ok
20:17:12.0647 3108 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:17:12.0649 3108 nv_agp - ok
20:17:12.0656 3108 NwlnkFlt - ok
20:17:12.0665 3108 NwlnkFwd - ok
20:17:12.0746 3108 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:17:12.0751 3108 odserv - ok
20:17:12.0781 3108 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:17:12.0782 3108 ohci1394 - ok
20:17:12.0826 3108 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:17:12.0828 3108 ose - ok
20:17:12.0875 3108 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:17:12.0883 3108 p2pimsvc - ok
20:17:12.0898 3108 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
20:17:12.0907 3108 p2psvc - ok
20:17:12.0942 3108 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:17:12.0943 3108 Parport - ok
20:17:12.0968 3108 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:17:12.0969 3108 partmgr - ok
20:17:12.0983 3108 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:17:12.0984 3108 Parvdm - ok
20:17:13.0013 3108 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
20:17:13.0016 3108 PcaSvc - ok
20:17:13.0051 3108 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
20:17:13.0052 3108 pci - ok
20:17:13.0083 3108 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
20:17:13.0083 3108 pciide - ok
20:17:13.0103 3108 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:17:13.0106 3108 pcmcia - ok
20:17:13.0154 3108 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:17:13.0164 3108 PEAUTH - ok
20:17:13.0233 3108 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
20:17:13.0250 3108 pla - ok
20:17:13.0276 3108 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:17:13.0282 3108 PlugPlay - ok
20:17:13.0312 3108 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:17:13.0315 3108 Pml Driver HPZ12 - ok
20:17:13.0345 3108 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
20:17:13.0349 3108 PnkBstrA - ok
20:17:13.0380 3108 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:17:13.0390 3108 PNRPAutoReg - ok
20:17:13.0419 3108 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:17:13.0437 3108 PNRPsvc - ok
20:17:13.0473 3108 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:17:13.0478 3108 PolicyAgent - ok
20:17:13.0494 3108 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:17:13.0495 3108 PptpMiniport - ok
20:17:13.0524 3108 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
20:17:13.0525 3108 Processor - ok
20:17:13.0554 3108 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
20:17:13.0559 3108 ProfSvc - ok
20:17:13.0576 3108 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:17:13.0578 3108 ProtectedStorage - ok
20:17:13.0600 3108 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:17:13.0602 3108 PSched - ok
20:17:13.0653 3108 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:17:13.0664 3108 ql2300 - ok
20:17:13.0681 3108 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:17:13.0683 3108 ql40xx - ok
20:17:13.0719 3108 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
20:17:13.0725 3108 QWAVE - ok
20:17:13.0742 3108 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:17:13.0743 3108 QWAVEdrv - ok
20:17:13.0756 3108 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:17:13.0757 3108 RasAcd - ok
20:17:13.0771 3108 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
20:17:13.0775 3108 RasAuto - ok
20:17:13.0792 3108 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:17:13.0793 3108 Rasl2tp - ok
20:17:13.0821 3108 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
20:17:13.0827 3108 RasMan - ok
20:17:13.0851 3108 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:17:13.0853 3108 RasPppoe - ok
20:17:13.0877 3108 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:17:13.0878 3108 RasSstp - ok
20:17:13.0905 3108 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:17:13.0908 3108 rdbss - ok
20:17:13.0914 3108 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:17:13.0914 3108 RDPCDD - ok
20:17:13.0953 3108 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:17:13.0956 3108 rdpdr - ok
20:17:13.0962 3108 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:17:13.0963 3108 RDPENCDD - ok
20:17:14.0013 3108 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:17:14.0015 3108 RDPWD - ok
20:17:14.0048 3108 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:17:14.0051 3108 RemoteAccess - ok
20:17:14.0068 3108 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:17:14.0073 3108 RemoteRegistry - ok
20:17:14.0089 3108 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
20:17:14.0091 3108 RpcLocator - ok
20:17:14.0114 3108 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
20:17:14.0122 3108 RpcSs - ok
20:17:14.0137 3108 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:17:14.0139 3108 rspndr - ok
20:17:14.0171 3108 [ ABBE0F54BA3A378262C9CB86CF7D91F8 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
20:17:14.0173 3108 RTL8169 - ok
20:17:14.0179 3108 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
20:17:14.0182 3108 SamSs - ok
20:17:14.0209 3108 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:17:14.0210 3108 sbp2port - ok
20:17:14.0252 3108 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:17:14.0257 3108 SCardSvr - ok
20:17:14.0291 3108 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
20:17:14.0300 3108 Schedule - ok
20:17:14.0317 3108 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:17:14.0318 3108 SCPolicySvc - ok
20:17:14.0353 3108 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:17:14.0357 3108 SDRSVC - ok
20:17:14.0372 3108 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:17:14.0373 3108 secdrv - ok
20:17:14.0385 3108 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
20:17:14.0389 3108 seclogon - ok
20:17:14.0404 3108 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
20:17:14.0408 3108 SENS - ok
20:17:14.0422 3108 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:17:14.0423 3108 Serenum - ok
20:17:14.0457 3108 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:17:14.0458 3108 Serial - ok
20:17:14.0484 3108 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:17:14.0485 3108 sermouse - ok
20:17:14.0525 3108 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
20:17:14.0530 3108 SessionEnv - ok
20:17:14.0554 3108 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:17:14.0555 3108 sffdisk - ok
20:17:14.0579 3108 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:17:14.0580 3108 sffp_mmc - ok
20:17:14.0595 3108 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:17:14.0596 3108 sffp_sd - ok
20:17:14.0612 3108 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:17:14.0613 3108 sfloppy - ok
20:17:14.0652 3108 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:17:14.0657 3108 SharedAccess - ok
20:17:14.0681 3108 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:17:14.0687 3108 ShellHWDetection - ok
20:17:14.0706 3108 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:17:14.0707 3108 sisagp - ok
20:17:14.0723 3108 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:17:14.0724 3108 SiSRaid2 - ok
20:17:14.0746 3108 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:17:14.0747 3108 SiSRaid4 - ok
20:17:14.0849 3108 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
20:17:14.0883 3108 slsvc - ok
20:17:14.0912 3108 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:17:14.0916 3108 SLUINotify - ok
20:17:14.0942 3108 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:17:14.0943 3108 Smb - ok
20:17:14.0978 3108 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:17:14.0982 3108 SNMPTRAP - ok
20:17:14.0996 3108 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
20:17:14.0997 3108 spldr - ok
20:17:15.0022 3108 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
20:17:15.0027 3108 Spooler - ok
20:17:15.0051 3108 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:17:15.0055 3108 srv - ok
20:17:15.0078 3108 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:17:15.0079 3108 srv2 - ok
20:17:15.0095 3108 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:17:15.0097 3108 srvnet - ok
20:17:15.0128 3108 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:17:15.0133 3108 SSDPSRV - ok
20:17:15.0169 3108 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:17:15.0174 3108 SstpSvc - ok
20:17:15.0215 3108 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
20:17:15.0223 3108 stisvc - ok
20:17:15.0234 3108 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:17:15.0235 3108 swenum - ok
20:17:15.0265 3108 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
20:17:15.0270 3108 swprv - ok
20:17:15.0293 3108 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:17:15.0294 3108 Symc8xx - ok
20:17:15.0308 3108 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:17:15.0308 3108 Sym_hi - ok
20:17:15.0326 3108 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:17:15.0326 3108 Sym_u3 - ok
20:17:15.0367 3108 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
20:17:15.0372 3108 SysMain - ok
20:17:15.0387 3108 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:17:15.0390 3108 TabletInputService - ok
20:17:15.0404 3108 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:17:15.0408 3108 TapiSrv - ok
20:17:15.0417 3108 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
20:17:15.0420 3108 TBS - ok
20:17:15.0459 3108 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:17:15.0465 3108 Tcpip - ok
20:17:15.0484 3108 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:17:15.0491 3108 Tcpip6 - ok
20:17:15.0516 3108 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:17:15.0516 3108 tcpipreg - ok
20:17:15.0540 3108 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:17:15.0541 3108 TDPIPE - ok
20:17:15.0559 3108 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:17:15.0560 3108 TDTCP - ok
20:17:15.0591 3108 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:17:15.0592 3108 tdx - ok
20:17:15.0614 3108 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:17:15.0615 3108 TermDD - ok
20:17:15.0635 3108 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
20:17:15.0641 3108 TermService - ok
20:17:15.0659 3108 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
20:17:15.0663 3108 Themes - ok
20:17:15.0669 3108 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
20:17:15.0673 3108 THREADORDER - ok
20:17:15.0684 3108 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
20:17:15.0688 3108 TrkWks - ok
20:17:15.0714 3108 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:17:15.0715 3108 TrustedInstaller - ok
20:17:15.0742 3108 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:17:15.0742 3108 tssecsrv - ok
20:17:15.0772 3108 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:17:15.0773 3108 tunmp - ok
20:17:15.0799 3108 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:17:15.0800 3108 tunnel - ok
20:17:15.0828 3108 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:17:15.0829 3108 uagp35 - ok
20:17:15.0852 3108 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:17:15.0855 3108 udfs - ok
20:17:15.0879 3108 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:17:15.0882 3108 UI0Detect - ok
20:17:15.0908 3108 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:17:15.0909 3108 uliagpkx - ok
20:17:15.0928 3108 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:17:15.0930 3108 uliahci - ok
20:17:15.0954 3108 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:17:15.0956 3108 UlSata - ok
20:17:15.0993 3108 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:17:15.0995 3108 ulsata2 - ok
20:17:16.0016 3108 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:17:16.0017 3108 umbus - ok
20:17:16.0051 3108 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
20:17:16.0058 3108 upnphost - ok
20:17:16.0086 3108 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:17:16.0087 3108 usbccgp - ok
20:17:16.0108 3108 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:17:16.0110 3108 usbcir - ok
20:17:16.0139 3108 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:17:16.0140 3108 usbehci - ok
20:17:16.0174 3108 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:17:16.0176 3108 usbhub - ok
20:17:16.0200 3108 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:17:16.0201 3108 usbohci - ok
20:17:16.0223 3108 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:17:16.0224 3108 usbprint - ok
20:17:16.0253 3108 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:17:16.0254 3108 usbscan - ok
20:17:16.0272 3108 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:17:16.0274 3108 USBSTOR - ok
20:17:16.0291 3108 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:17:16.0292 3108 usbuhci - ok
20:17:16.0351 3108 [ 9D19B042A4FD5C02195071EA2FE0C821 ] usnjsvc C:\Program Files\Windows Live\Messenger\usnsvc.exe
20:17:16.0352 3108 usnjsvc - ok
20:17:16.0387 3108 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
20:17:16.0391 3108 UxSms - ok
20:17:16.0420 3108 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
20:17:16.0428 3108 vds - ok
20:17:16.0460 3108 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:17:16.0462 3108 vga - ok
20:17:16.0488 3108 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
20:17:16.0489 3108 VgaSave - ok
20:17:16.0514 3108 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:17:16.0515 3108 viaagp - ok
20:17:16.0549 3108 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:17:16.0550 3108 ViaC7 - ok
20:17:16.0575 3108 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
20:17:16.0576 3108 viaide - ok
20:17:16.0603 3108 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:17:16.0605 3108 volmgr - ok
20:17:16.0644 3108 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:17:16.0648 3108 volmgrx - ok
20:17:16.0689 3108 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:17:16.0692 3108 volsnap - ok
20:17:16.0716 3108 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:17:16.0718 3108 vsmraid - ok
20:17:16.0765 3108 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
20:17:16.0779 3108 VSS - ok
20:17:16.0818 3108 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
20:17:16.0824 3108 W32Time - ok
20:17:16.0855 3108 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:17:16.0856 3108 WacomPen - ok
20:17:16.0883 3108 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:17:16.0884 3108 Wanarp - ok
20:17:16.0889 3108 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:17:16.0894 3108 Wanarpv6 - ok
20:17:16.0931 3108 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:17:16.0939 3108 wcncsvc - ok
20:17:16.0969 3108 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:17:16.0974 3108 WcsPlugInService - ok
20:17:16.0995 3108 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
20:17:16.0996 3108 Wd - ok
20:17:17.0033 3108 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:17:17.0038 3108 Wdf01000 - ok
20:17:17.0055 3108 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:17:17.0061 3108 WdiServiceHost - ok
20:17:17.0067 3108 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:17:17.0072 3108 WdiSystemHost - ok
20:17:17.0098 3108 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
20:17:17.0104 3108 WebClient - ok
20:17:17.0128 3108 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:17:17.0134 3108 Wecsvc - ok
20:17:17.0149 3108 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:17:17.0154 3108 wercplsupport - ok
20:17:17.0180 3108 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
20:17:17.0185 3108 WerSvc - ok
20:17:17.0237 3108 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:17:17.0239 3108 WinDefend - ok
20:17:17.0247 3108 WinHttpAutoProxySvc - ok
20:17:17.0279 3108 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:17:17.0280 3108 Winmgmt - ok
20:17:17.0328 3108 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
20:17:17.0344 3108 WinRM - ok
20:17:17.0377 3108 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:17:17.0387 3108 Wlansvc - ok
20:17:17.0465 3108 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:17:17.0480 3108 wlidsvc - ok
20:17:17.0516 3108 [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc C:\Program Files\Windows Live\installer\WLSetupSvc.exe
20:17:17.0519 3108 WLSetupSvc - ok
20:17:17.0555 3108 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:17:17.0556 3108 WmiAcpi - ok
20:17:17.0583 3108 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:17:17.0585 3108 wmiApSrv - ok
20:17:17.0645 3108 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:17:17.0654 3108 WMPNetworkSvc - ok
20:17:17.0675 3108 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:17:17.0681 3108 WPCSvc - ok
20:17:17.0704 3108 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:17:17.0709 3108 WPDBusEnum - ok
20:17:17.0738 3108 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
20:17:17.0739 3108 WpdUsb - ok
20:17:17.0799 3108 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:17:17.0806 3108 WPFFontCache_v0400 - ok
20:17:17.0833 3108 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:17:17.0834 3108 ws2ifsl - ok
20:17:17.0862 3108 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
20:17:17.0867 3108 wscsvc - ok
20:17:17.0873 3108 WSearch - ok
20:17:17.0970 3108 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:17:17.0991 3108 wuauserv - ok
20:17:18.0017 3108 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:17:18.0018 3108 WUDFRd - ok
20:17:18.0044 3108 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:17:18.0049 3108 wudfsvc - ok
20:17:18.0065 3108 ================ Scan global ===============================
20:17:18.0095 3108 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:17:18.0127 3108 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:17:18.0144 3108 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:17:18.0169 3108 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:17:18.0175 3108 [Global] - ok
20:17:18.0176 3108 ================ Scan MBR ==================================
20:17:18.0190 3108 [ 9F42D254A022A735A29693DB1CABE1F6 ] \Device\Harddisk0\DR0
20:17:18.0573 3108 \Device\Harddisk0\DR0 - ok
20:17:18.0573 3108 ================ Scan VBR ==================================
20:17:18.0577 3108 [ 8DB86A3D082B5AE08C19ACA5922FD628 ] \Device\Harddisk0\DR0\Partition1
20:17:18.0580 3108 \Device\Harddisk0\DR0\Partition1 - ok
20:17:18.0582 3108 ============================================================
20:17:18.0582 3108 Scan finished
20:17:18.0582 3108 ============================================================
20:17:18.0593 2880 Detected object count: 0
20:17:18.0593 2880 Actual detected object count: 0
20:16:59.0016 3852 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:16:59.0226 3852 ============================================================
20:16:59.0226 3852 Current date / time: 2012/11/09 20:16:59.0226
20:16:59.0226 3852 SystemInfo:
20:16:59.0226 3852
20:16:59.0226 3852 OS Version: 6.0.6002 ServicePack: 2.0
20:16:59.0226 3852 Product type: Workstation
20:16:59.0226 3852 ComputerName: JAJA-PC
20:16:59.0227 3852 UserName: jaja
20:16:59.0227 3852 Windows directory: C:\Windows
20:16:59.0227 3852 System windows directory: C:\Windows
20:16:59.0227 3852 Processor architecture: Intel x86
20:16:59.0227 3852 Number of processors: 2
20:16:59.0227 3852 Page size: 0x1000
20:16:59.0227 3852 Boot type: Normal boot
20:16:59.0227 3852 ============================================================
20:17:00.0011 3852 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:17:00.0027 3852 ============================================================
20:17:00.0027 3852 \Device\Harddisk0\DR0:
20:17:00.0027 3852 MBR partitions:
20:17:00.0027 3852 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542E2B0
20:17:00.0027 3852 ============================================================
20:17:00.0052 3852 C: <-> \Device\Harddisk0\DR0\Partition1
20:17:00.0052 3852 ============================================================
20:17:00.0052 3852 Initialize success
20:17:00.0052 3852 ============================================================
20:17:05.0888 3108 ============================================================
20:17:05.0888 3108 Scan started
20:17:05.0888 3108 Mode: Manual;
20:17:05.0888 3108 ============================================================
20:17:06.0117 3108 ================ Scan system memory ========================
20:17:06.0117 3108 System memory - ok
20:17:06.0118 3108 ================ Scan services =============================
20:17:06.0240 3108 [ EBD7BD25C1D33B10D2251194C300EE85 ] 602XML Updater C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
20:17:06.0241 3108 602XML Updater - ok
20:17:06.0360 3108 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
20:17:06.0363 3108 ACPI - ok
20:17:06.0513 3108 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:17:06.0514 3108 AdobeARMservice - ok
20:17:06.0592 3108 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:17:06.0597 3108 adp94xx - ok
20:17:06.0627 3108 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:17:06.0630 3108 adpahci - ok
20:17:06.0672 3108 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:17:06.0673 3108 adpu160m - ok
20:17:06.0714 3108 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:17:06.0716 3108 adpu320 - ok
20:17:06.0755 3108 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:17:06.0756 3108 AeLookupSvc - ok
20:17:06.0799 3108 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
20:17:06.0802 3108 AFD - ok
20:17:06.0835 3108 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:17:06.0836 3108 agp440 - ok
20:17:06.0869 3108 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:17:06.0870 3108 aic78xx - ok
20:17:06.0897 3108 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
20:17:06.0898 3108 ALG - ok
20:17:06.0917 3108 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
20:17:06.0918 3108 aliide - ok
20:17:06.0942 3108 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:17:06.0943 3108 amdagp - ok
20:17:06.0959 3108 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
20:17:06.0959 3108 amdide - ok
20:17:06.0980 3108 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
20:17:06.0980 3108 AmdK7 - ok
20:17:06.0995 3108 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:17:06.0996 3108 AmdK8 - ok
20:17:07.0031 3108 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
20:17:07.0032 3108 Appinfo - ok
20:17:07.0073 3108 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
20:17:07.0074 3108 arc - ok
20:17:07.0110 3108 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:17:07.0111 3108 arcsas - ok
20:17:07.0137 3108 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:17:07.0138 3108 AsyncMac - ok
20:17:07.0156 3108 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
20:17:07.0156 3108 atapi - ok
20:17:07.0185 3108 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:17:07.0187 3108 AudioEndpointBuilder - ok
20:17:07.0195 3108 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:17:07.0197 3108 Audiosrv - ok
20:17:07.0227 3108 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
20:17:07.0228 3108 Beep - ok
20:17:07.0258 3108 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
20:17:07.0260 3108 BFE - ok
20:17:07.0304 3108 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
20:17:07.0310 3108 BITS - ok
20:17:07.0331 3108 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:17:07.0332 3108 blbdrive - ok
20:17:07.0365 3108 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:17:07.0365 3108 bowser - ok
20:17:07.0388 3108 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:17:07.0389 3108 BrFiltLo - ok
20:17:07.0407 3108 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:17:07.0408 3108 BrFiltUp - ok
20:17:07.0437 3108 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
20:17:07.0438 3108 Browser - ok
20:17:07.0477 3108 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
20:17:07.0478 3108 Brserid - ok
20:17:07.0495 3108 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:17:07.0495 3108 BrSerWdm - ok
20:17:07.0519 3108 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:17:07.0519 3108 BrUsbMdm - ok
20:17:07.0549 3108 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:17:07.0549 3108 BrUsbSer - ok
20:17:07.0569 3108 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:17:07.0569 3108 BTHMODEM - ok
20:17:07.0596 3108 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:17:07.0597 3108 cdfs - ok
20:17:07.0624 3108 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:17:07.0625 3108 cdrom - ok
20:17:07.0649 3108 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
20:17:07.0650 3108 CertPropSvc - ok
20:17:07.0675 3108 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
20:17:07.0676 3108 circlass - ok
20:17:07.0710 3108 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
20:17:07.0712 3108 CLFS - ok
20:17:07.0783 3108 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:17:07.0784 3108 clr_optimization_v2.0.50727_32 - ok
20:17:07.0844 3108 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:17:07.0846 3108 clr_optimization_v4.0.30319_32 - ok
20:17:07.0863 3108 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:17:07.0864 3108 cmdide - ok
20:17:07.0881 3108 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:17:07.0882 3108 Compbatt - ok
20:17:07.0890 3108 COMSysApp - ok
20:17:07.0900 3108 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:17:07.0901 3108 crcdisk - ok
20:17:07.0930 3108 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
20:17:07.0930 3108 Crusoe - ok
20:17:07.0962 3108 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:17:07.0964 3108 CryptSvc - ok
20:17:07.0993 3108 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:17:08.0002 3108 DcomLaunch - ok
20:17:08.0028 3108 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:17:08.0029 3108 DfsC - ok
20:17:08.0104 3108 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
20:17:08.0125 3108 DFSR - ok
20:17:08.0175 3108 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:17:08.0179 3108 Dhcp - ok
20:17:08.0209 3108 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
20:17:08.0210 3108 disk - ok
20:17:08.0237 3108 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:17:08.0239 3108 Dnscache - ok
20:17:08.0257 3108 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:17:08.0260 3108 dot3svc - ok
20:17:08.0301 3108 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:17:08.0303 3108 Dot4 - ok
20:17:08.0327 3108 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:17:08.0327 3108 Dot4Print - ok
20:17:08.0361 3108 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:17:08.0361 3108 dot4usb - ok
20:17:08.0386 3108 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
20:17:08.0388 3108 DPS - ok
20:17:08.0423 3108 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:17:08.0423 3108 drmkaud - ok
20:17:08.0459 3108 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:17:08.0466 3108 DXGKrnl - ok
20:17:08.0499 3108 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
20:17:08.0500 3108 E1G60 - ok
20:17:08.0528 3108 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
20:17:08.0530 3108 EapHost - ok
20:17:08.0554 3108 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
20:17:08.0556 3108 Ecache - ok
20:17:08.0610 3108 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:17:08.0613 3108 ehRecvr - ok
20:17:08.0632 3108 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
20:17:08.0634 3108 ehSched - ok
20:17:08.0647 3108 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
20:17:08.0648 3108 ehstart - ok
20:17:08.0690 3108 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:17:08.0694 3108 elxstor - ok
20:17:08.0743 3108 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:17:08.0750 3108 EMDMgmt - ok
20:17:08.0769 3108 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:17:08.0770 3108 ErrDev - ok
20:17:08.0811 3108 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
20:17:08.0815 3108 EventSystem - ok
20:17:08.0859 3108 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
20:17:08.0860 3108 exfat - ok
20:17:08.0897 3108 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:17:08.0899 3108 fastfat - ok
20:17:08.0923 3108 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:17:08.0924 3108 fdc - ok
20:17:08.0950 3108 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
20:17:08.0952 3108 fdPHost - ok
20:17:08.0975 3108 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
20:17:08.0977 3108 FDResPub - ok
20:17:08.0992 3108 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:17:08.0993 3108 FileInfo - ok
20:17:09.0017 3108 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:17:09.0018 3108 Filetrace - ok
20:17:09.0053 3108 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:17:09.0053 3108 flpydisk - ok
20:17:09.0081 3108 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:17:09.0084 3108 FltMgr - ok
20:17:09.0150 3108 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
20:17:09.0159 3108 FontCache - ok
20:17:09.0213 3108 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:17:09.0214 3108 FontCache3.0.0.0 - ok
20:17:09.0239 3108 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:17:09.0240 3108 Fs_Rec - ok
20:17:09.0264 3108 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:17:09.0265 3108 gagp30kx - ok
20:17:09.0309 3108 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
20:17:09.0316 3108 gpsvc - ok
20:17:09.0349 3108 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:17:09.0351 3108 HdAudAddService - ok
20:17:09.0397 3108 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:17:09.0403 3108 HDAudBus - ok
20:17:09.0425 3108 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:17:09.0426 3108 HidBth - ok
20:17:09.0445 3108 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:17:09.0446 3108 HidIr - ok
20:17:09.0468 3108 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
20:17:09.0469 3108 hidserv - ok
20:17:09.0498 3108 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:17:09.0499 3108 HidUsb - ok
20:17:09.0530 3108 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:17:09.0533 3108 hkmsvc - ok
20:17:09.0553 3108 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:17:09.0555 3108 HpCISSs - ok
20:17:09.0621 3108 [ 38D6B51F04DEF7FB248FA56E4C47407E ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:17:09.0624 3108 hpqcxs08 - ok
20:17:09.0645 3108 [ 3EE4A63539EC04EE2D4BD293985087AB ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:17:09.0647 3108 hpqddsvc - ok
20:17:09.0680 3108 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:17:09.0684 3108 HTTP - ok
20:17:09.0709 3108 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:17:09.0710 3108 i2omp - ok
20:17:09.0745 3108 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:17:09.0746 3108 i8042prt - ok
20:17:09.0785 3108 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:17:09.0788 3108 iaStorV - ok
20:17:09.0849 3108 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:17:09.0858 3108 idsvc - ok
20:17:09.0943 3108 [ 63C56DAC467EF814B60FF2AA2286C917 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
20:17:09.0966 3108 igfx - ok
20:17:09.0998 3108 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:17:09.0999 3108 iirsp - ok
20:17:10.0044 3108 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
20:17:10.0050 3108 IKEEXT - ok
20:17:10.0112 3108 [ C61B3B87F3856CEF0C9F204028C6860D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:17:10.0128 3108 IntcAzAudAddService - ok
20:17:10.0140 3108 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
20:17:10.0141 3108 intelide - ok
20:17:10.0157 3108 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:17:10.0158 3108 intelppm - ok
20:17:10.0183 3108 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:17:10.0186 3108 IPBusEnum - ok
20:17:10.0209 3108 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:17:10.0210 3108 IpFilterDriver - ok
20:17:10.0245 3108 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:17:10.0248 3108 iphlpsvc - ok
20:17:10.0253 3108 IpInIp - ok
20:17:10.0277 3108 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:17:10.0278 3108 IPMIDRV - ok
20:17:10.0295 3108 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:17:10.0296 3108 IPNAT - ok
20:17:10.0304 3108 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:17:10.0305 3108 IRENUM - ok
20:17:10.0322 3108 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:17:10.0323 3108 isapnp - ok
20:17:10.0359 3108 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:17:10.0361 3108 iScsiPrt - ok
20:17:10.0385 3108 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:17:10.0386 3108 iteatapi - ok
20:17:10.0407 3108 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:17:10.0407 3108 iteraid - ok
20:17:10.0414 3108 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:17:10.0415 3108 kbdclass - ok
20:17:10.0434 3108 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:17:10.0434 3108 kbdhid - ok
20:17:10.0458 3108 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
20:17:10.0459 3108 KeyIso - ok
20:17:10.0492 3108 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:17:10.0494 3108 KSecDD - ok
20:17:10.0519 3108 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:17:10.0523 3108 KtmRm - ok
20:17:10.0541 3108 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
20:17:10.0545 3108 LanmanServer - ok
20:17:10.0574 3108 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:17:10.0578 3108 LanmanWorkstation - ok
20:17:10.0596 3108 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:17:10.0596 3108 lltdio - ok
20:17:10.0621 3108 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:17:10.0624 3108 lltdsvc - ok
20:17:10.0651 3108 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:17:10.0653 3108 lmhosts - ok
20:17:10.0681 3108 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:17:10.0682 3108 LSI_FC - ok
20:17:10.0700 3108 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:17:10.0701 3108 LSI_SAS - ok
20:17:10.0722 3108 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:17:10.0723 3108 LSI_SCSI - ok
20:17:10.0749 3108 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
20:17:10.0750 3108 luafv - ok
20:17:10.0783 3108 [ 4F74184920B2D6E33024409B4C5C57C1 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
20:17:10.0786 3108 McciCMService - ok
20:17:10.0818 3108 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:17:10.0821 3108 Mcx2Svc - ok
20:17:10.0839 3108 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
20:17:10.0839 3108 megasas - ok
20:17:10.0870 3108 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
20:17:10.0874 3108 MegaSR - ok
20:17:10.0963 3108 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:17:10.0964 3108 Microsoft Office Groove Audit Service - ok
20:17:10.0991 3108 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
20:17:10.0994 3108 MMCSS - ok
20:17:11.0015 3108 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
20:17:11.0016 3108 Modem - ok
20:17:11.0046 3108 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:17:11.0047 3108 monitor - ok
20:17:11.0058 3108 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:17:11.0059 3108 mouclass - ok
20:17:11.0080 3108 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:17:11.0081 3108 mouhid - ok
20:17:11.0088 3108 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:17:11.0089 3108 MountMgr - ok
20:17:11.0128 3108 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:17:11.0130 3108 MozillaMaintenance - ok
20:17:11.0163 3108 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
20:17:11.0164 3108 mpio - ok
20:17:11.0245 3108 MpKsld2d0cb7a - ok
20:17:11.0261 3108 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:17:11.0262 3108 mpsdrv - ok
20:17:11.0296 3108 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
20:17:11.0301 3108 MpsSvc - ok
20:17:11.0326 3108 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:17:11.0327 3108 Mraid35x - ok
20:17:11.0370 3108 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
20:17:11.0371 3108 MREMP50 - ok
20:17:11.0411 3108 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
20:17:11.0412 3108 MRESP50 - ok
20:17:11.0449 3108 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:17:11.0451 3108 MRxDAV - ok
20:17:11.0475 3108 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:17:11.0476 3108 mrxsmb - ok
20:17:11.0499 3108 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:17:11.0501 3108 mrxsmb10 - ok
20:17:11.0519 3108 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:17:11.0520 3108 mrxsmb20 - ok
20:17:11.0540 3108 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
20:17:11.0541 3108 msahci - ok
20:17:11.0563 3108 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:17:11.0565 3108 msdsm - ok
20:17:11.0594 3108 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
20:17:11.0598 3108 MSDTC - ok
20:17:11.0629 3108 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:17:11.0630 3108 Msfs - ok
20:17:11.0657 3108 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:17:11.0658 3108 msisadrv - ok
20:17:11.0682 3108 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:17:11.0685 3108 MSiSCSI - ok
20:17:11.0691 3108 msiserver - ok
20:17:11.0724 3108 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:17:11.0725 3108 MSKSSRV - ok
20:17:11.0739 3108 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:17:11.0740 3108 MSPCLOCK - ok
20:17:11.0759 3108 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:17:11.0760 3108 MSPQM - ok
20:17:11.0800 3108 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:17:11.0802 3108 MsRPC - ok
20:17:11.0817 3108 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:17:11.0818 3108 mssmbios - ok
20:17:11.0836 3108 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:17:11.0836 3108 MSTEE - ok
20:17:11.0848 3108 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
20:17:11.0849 3108 Mup - ok
20:17:11.0870 3108 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
20:17:11.0877 3108 napagent - ok
20:17:11.0919 3108 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:17:11.0920 3108 NativeWifiP - ok
20:17:11.0984 3108 [ 13AA2130F2A104DD775EAD0F0EE5417B ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
20:17:11.0990 3108 NAUpdate - ok
20:17:12.0034 3108 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:17:12.0039 3108 NDIS - ok
20:17:12.0050 3108 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:17:12.0051 3108 NdisTapi - ok
20:17:12.0075 3108 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:17:12.0076 3108 Ndisuio - ok
20:17:12.0114 3108 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:17:12.0116 3108 NdisWan - ok
20:17:12.0131 3108 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:17:12.0132 3108 NDProxy - ok
20:17:12.0165 3108 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:17:12.0167 3108 Net Driver HPZ12 - ok
20:17:12.0182 3108 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:17:12.0183 3108 NetBIOS - ok
20:17:12.0209 3108 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:17:12.0210 3108 netbt - ok
20:17:12.0223 3108 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
20:17:12.0226 3108 Netlogon - ok
20:17:12.0255 3108 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
20:17:12.0261 3108 Netman - ok
20:17:12.0297 3108 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
20:17:12.0302 3108 netprofm - ok
20:17:12.0323 3108 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:17:12.0324 3108 NetTcpPortSharing - ok
20:17:12.0352 3108 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:17:12.0353 3108 nfrd960 - ok
20:17:12.0381 3108 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:17:12.0385 3108 NlaSvc - ok
20:17:12.0413 3108 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:17:12.0415 3108 Npfs - ok
20:17:12.0436 3108 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
20:17:12.0439 3108 nsi - ok
20:17:12.0460 3108 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:17:12.0460 3108 nsiproxy - ok
20:17:12.0510 3108 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:17:12.0520 3108 Ntfs - ok
20:17:12.0543 3108 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
20:17:12.0543 3108 ntrigdigi - ok
20:17:12.0568 3108 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
20:17:12.0569 3108 Null - ok
20:17:12.0597 3108 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:17:12.0598 3108 nvraid - ok
20:17:12.0621 3108 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:17:12.0622 3108 nvstor - ok
20:17:12.0647 3108 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:17:12.0649 3108 nv_agp - ok
20:17:12.0656 3108 NwlnkFlt - ok
20:17:12.0665 3108 NwlnkFwd - ok
20:17:12.0746 3108 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:17:12.0751 3108 odserv - ok
20:17:12.0781 3108 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:17:12.0782 3108 ohci1394 - ok
20:17:12.0826 3108 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:17:12.0828 3108 ose - ok
20:17:12.0875 3108 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:17:12.0883 3108 p2pimsvc - ok
20:17:12.0898 3108 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
20:17:12.0907 3108 p2psvc - ok
20:17:12.0942 3108 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:17:12.0943 3108 Parport - ok
20:17:12.0968 3108 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:17:12.0969 3108 partmgr - ok
20:17:12.0983 3108 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:17:12.0984 3108 Parvdm - ok
20:17:13.0013 3108 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
20:17:13.0016 3108 PcaSvc - ok
20:17:13.0051 3108 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
20:17:13.0052 3108 pci - ok
20:17:13.0083 3108 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
20:17:13.0083 3108 pciide - ok
20:17:13.0103 3108 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:17:13.0106 3108 pcmcia - ok
20:17:13.0154 3108 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:17:13.0164 3108 PEAUTH - ok
20:17:13.0233 3108 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
20:17:13.0250 3108 pla - ok
20:17:13.0276 3108 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:17:13.0282 3108 PlugPlay - ok
20:17:13.0312 3108 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:17:13.0315 3108 Pml Driver HPZ12 - ok
20:17:13.0345 3108 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
20:17:13.0349 3108 PnkBstrA - ok
20:17:13.0380 3108 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:17:13.0390 3108 PNRPAutoReg - ok
20:17:13.0419 3108 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:17:13.0437 3108 PNRPsvc - ok
20:17:13.0473 3108 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:17:13.0478 3108 PolicyAgent - ok
20:17:13.0494 3108 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:17:13.0495 3108 PptpMiniport - ok
20:17:13.0524 3108 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
20:17:13.0525 3108 Processor - ok
20:17:13.0554 3108 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
20:17:13.0559 3108 ProfSvc - ok
20:17:13.0576 3108 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:17:13.0578 3108 ProtectedStorage - ok
20:17:13.0600 3108 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:17:13.0602 3108 PSched - ok
20:17:13.0653 3108 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:17:13.0664 3108 ql2300 - ok
20:17:13.0681 3108 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:17:13.0683 3108 ql40xx - ok
20:17:13.0719 3108 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
20:17:13.0725 3108 QWAVE - ok
20:17:13.0742 3108 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:17:13.0743 3108 QWAVEdrv - ok
20:17:13.0756 3108 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:17:13.0757 3108 RasAcd - ok
20:17:13.0771 3108 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
20:17:13.0775 3108 RasAuto - ok
20:17:13.0792 3108 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:17:13.0793 3108 Rasl2tp - ok
20:17:13.0821 3108 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
20:17:13.0827 3108 RasMan - ok
20:17:13.0851 3108 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:17:13.0853 3108 RasPppoe - ok
20:17:13.0877 3108 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:17:13.0878 3108 RasSstp - ok
20:17:13.0905 3108 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:17:13.0908 3108 rdbss - ok
20:17:13.0914 3108 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:17:13.0914 3108 RDPCDD - ok
20:17:13.0953 3108 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:17:13.0956 3108 rdpdr - ok
20:17:13.0962 3108 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:17:13.0963 3108 RDPENCDD - ok
20:17:14.0013 3108 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:17:14.0015 3108 RDPWD - ok
20:17:14.0048 3108 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:17:14.0051 3108 RemoteAccess - ok
20:17:14.0068 3108 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:17:14.0073 3108 RemoteRegistry - ok
20:17:14.0089 3108 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
20:17:14.0091 3108 RpcLocator - ok
20:17:14.0114 3108 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
20:17:14.0122 3108 RpcSs - ok
20:17:14.0137 3108 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:17:14.0139 3108 rspndr - ok
20:17:14.0171 3108 [ ABBE0F54BA3A378262C9CB86CF7D91F8 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
20:17:14.0173 3108 RTL8169 - ok
20:17:14.0179 3108 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
20:17:14.0182 3108 SamSs - ok
20:17:14.0209 3108 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:17:14.0210 3108 sbp2port - ok
20:17:14.0252 3108 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:17:14.0257 3108 SCardSvr - ok
20:17:14.0291 3108 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
20:17:14.0300 3108 Schedule - ok
20:17:14.0317 3108 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:17:14.0318 3108 SCPolicySvc - ok
20:17:14.0353 3108 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:17:14.0357 3108 SDRSVC - ok
20:17:14.0372 3108 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:17:14.0373 3108 secdrv - ok
20:17:14.0385 3108 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
20:17:14.0389 3108 seclogon - ok
20:17:14.0404 3108 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
20:17:14.0408 3108 SENS - ok
20:17:14.0422 3108 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:17:14.0423 3108 Serenum - ok
20:17:14.0457 3108 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:17:14.0458 3108 Serial - ok
20:17:14.0484 3108 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:17:14.0485 3108 sermouse - ok
20:17:14.0525 3108 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
20:17:14.0530 3108 SessionEnv - ok
20:17:14.0554 3108 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:17:14.0555 3108 sffdisk - ok
20:17:14.0579 3108 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:17:14.0580 3108 sffp_mmc - ok
20:17:14.0595 3108 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:17:14.0596 3108 sffp_sd - ok
20:17:14.0612 3108 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:17:14.0613 3108 sfloppy - ok
20:17:14.0652 3108 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:17:14.0657 3108 SharedAccess - ok
20:17:14.0681 3108 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:17:14.0687 3108 ShellHWDetection - ok
20:17:14.0706 3108 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:17:14.0707 3108 sisagp - ok
20:17:14.0723 3108 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:17:14.0724 3108 SiSRaid2 - ok
20:17:14.0746 3108 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:17:14.0747 3108 SiSRaid4 - ok
20:17:14.0849 3108 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
20:17:14.0883 3108 slsvc - ok
20:17:14.0912 3108 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:17:14.0916 3108 SLUINotify - ok
20:17:14.0942 3108 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:17:14.0943 3108 Smb - ok
20:17:14.0978 3108 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:17:14.0982 3108 SNMPTRAP - ok
20:17:14.0996 3108 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
20:17:14.0997 3108 spldr - ok
20:17:15.0022 3108 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
20:17:15.0027 3108 Spooler - ok
20:17:15.0051 3108 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:17:15.0055 3108 srv - ok
20:17:15.0078 3108 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:17:15.0079 3108 srv2 - ok
20:17:15.0095 3108 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:17:15.0097 3108 srvnet - ok
20:17:15.0128 3108 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:17:15.0133 3108 SSDPSRV - ok
20:17:15.0169 3108 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:17:15.0174 3108 SstpSvc - ok
20:17:15.0215 3108 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
20:17:15.0223 3108 stisvc - ok
20:17:15.0234 3108 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:17:15.0235 3108 swenum - ok
20:17:15.0265 3108 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
20:17:15.0270 3108 swprv - ok
20:17:15.0293 3108 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:17:15.0294 3108 Symc8xx - ok
20:17:15.0308 3108 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:17:15.0308 3108 Sym_hi - ok
20:17:15.0326 3108 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:17:15.0326 3108 Sym_u3 - ok
20:17:15.0367 3108 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
20:17:15.0372 3108 SysMain - ok
20:17:15.0387 3108 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:17:15.0390 3108 TabletInputService - ok
20:17:15.0404 3108 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:17:15.0408 3108 TapiSrv - ok
20:17:15.0417 3108 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
20:17:15.0420 3108 TBS - ok
20:17:15.0459 3108 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:17:15.0465 3108 Tcpip - ok
20:17:15.0484 3108 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:17:15.0491 3108 Tcpip6 - ok
20:17:15.0516 3108 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:17:15.0516 3108 tcpipreg - ok
20:17:15.0540 3108 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:17:15.0541 3108 TDPIPE - ok
20:17:15.0559 3108 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:17:15.0560 3108 TDTCP - ok
20:17:15.0591 3108 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:17:15.0592 3108 tdx - ok
20:17:15.0614 3108 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:17:15.0615 3108 TermDD - ok
20:17:15.0635 3108 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
20:17:15.0641 3108 TermService - ok
20:17:15.0659 3108 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
20:17:15.0663 3108 Themes - ok
20:17:15.0669 3108 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
20:17:15.0673 3108 THREADORDER - ok
20:17:15.0684 3108 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
20:17:15.0688 3108 TrkWks - ok
20:17:15.0714 3108 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:17:15.0715 3108 TrustedInstaller - ok
20:17:15.0742 3108 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:17:15.0742 3108 tssecsrv - ok
20:17:15.0772 3108 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:17:15.0773 3108 tunmp - ok
20:17:15.0799 3108 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:17:15.0800 3108 tunnel - ok
20:17:15.0828 3108 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:17:15.0829 3108 uagp35 - ok
20:17:15.0852 3108 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:17:15.0855 3108 udfs - ok
20:17:15.0879 3108 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:17:15.0882 3108 UI0Detect - ok
20:17:15.0908 3108 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:17:15.0909 3108 uliagpkx - ok
20:17:15.0928 3108 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:17:15.0930 3108 uliahci - ok
20:17:15.0954 3108 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:17:15.0956 3108 UlSata - ok
20:17:15.0993 3108 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:17:15.0995 3108 ulsata2 - ok
20:17:16.0016 3108 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:17:16.0017 3108 umbus - ok
20:17:16.0051 3108 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
20:17:16.0058 3108 upnphost - ok
20:17:16.0086 3108 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:17:16.0087 3108 usbccgp - ok
20:17:16.0108 3108 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:17:16.0110 3108 usbcir - ok
20:17:16.0139 3108 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:17:16.0140 3108 usbehci - ok
20:17:16.0174 3108 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:17:16.0176 3108 usbhub - ok
20:17:16.0200 3108 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:17:16.0201 3108 usbohci - ok
20:17:16.0223 3108 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:17:16.0224 3108 usbprint - ok
20:17:16.0253 3108 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:17:16.0254 3108 usbscan - ok
20:17:16.0272 3108 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:17:16.0274 3108 USBSTOR - ok
20:17:16.0291 3108 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:17:16.0292 3108 usbuhci - ok
20:17:16.0351 3108 [ 9D19B042A4FD5C02195071EA2FE0C821 ] usnjsvc C:\Program Files\Windows Live\Messenger\usnsvc.exe
20:17:16.0352 3108 usnjsvc - ok
20:17:16.0387 3108 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
20:17:16.0391 3108 UxSms - ok
20:17:16.0420 3108 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
20:17:16.0428 3108 vds - ok
20:17:16.0460 3108 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:17:16.0462 3108 vga - ok
20:17:16.0488 3108 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
20:17:16.0489 3108 VgaSave - ok
20:17:16.0514 3108 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:17:16.0515 3108 viaagp - ok
20:17:16.0549 3108 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:17:16.0550 3108 ViaC7 - ok
20:17:16.0575 3108 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
20:17:16.0576 3108 viaide - ok
20:17:16.0603 3108 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:17:16.0605 3108 volmgr - ok
20:17:16.0644 3108 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:17:16.0648 3108 volmgrx - ok
20:17:16.0689 3108 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:17:16.0692 3108 volsnap - ok
20:17:16.0716 3108 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:17:16.0718 3108 vsmraid - ok
20:17:16.0765 3108 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
20:17:16.0779 3108 VSS - ok
20:17:16.0818 3108 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
20:17:16.0824 3108 W32Time - ok
20:17:16.0855 3108 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:17:16.0856 3108 WacomPen - ok
20:17:16.0883 3108 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:17:16.0884 3108 Wanarp - ok
20:17:16.0889 3108 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:17:16.0894 3108 Wanarpv6 - ok
20:17:16.0931 3108 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:17:16.0939 3108 wcncsvc - ok
20:17:16.0969 3108 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:17:16.0974 3108 WcsPlugInService - ok
20:17:16.0995 3108 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
20:17:16.0996 3108 Wd - ok
20:17:17.0033 3108 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:17:17.0038 3108 Wdf01000 - ok
20:17:17.0055 3108 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:17:17.0061 3108 WdiServiceHost - ok
20:17:17.0067 3108 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:17:17.0072 3108 WdiSystemHost - ok
20:17:17.0098 3108 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
20:17:17.0104 3108 WebClient - ok
20:17:17.0128 3108 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:17:17.0134 3108 Wecsvc - ok
20:17:17.0149 3108 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:17:17.0154 3108 wercplsupport - ok
20:17:17.0180 3108 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
20:17:17.0185 3108 WerSvc - ok
20:17:17.0237 3108 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:17:17.0239 3108 WinDefend - ok
20:17:17.0247 3108 WinHttpAutoProxySvc - ok
20:17:17.0279 3108 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:17:17.0280 3108 Winmgmt - ok
20:17:17.0328 3108 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
20:17:17.0344 3108 WinRM - ok
20:17:17.0377 3108 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:17:17.0387 3108 Wlansvc - ok
20:17:17.0465 3108 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:17:17.0480 3108 wlidsvc - ok
20:17:17.0516 3108 [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc C:\Program Files\Windows Live\installer\WLSetupSvc.exe
20:17:17.0519 3108 WLSetupSvc - ok
20:17:17.0555 3108 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:17:17.0556 3108 WmiAcpi - ok
20:17:17.0583 3108 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:17:17.0585 3108 wmiApSrv - ok
20:17:17.0645 3108 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:17:17.0654 3108 WMPNetworkSvc - ok
20:17:17.0675 3108 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:17:17.0681 3108 WPCSvc - ok
20:17:17.0704 3108 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:17:17.0709 3108 WPDBusEnum - ok
20:17:17.0738 3108 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
20:17:17.0739 3108 WpdUsb - ok
20:17:17.0799 3108 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:17:17.0806 3108 WPFFontCache_v0400 - ok
20:17:17.0833 3108 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:17:17.0834 3108 ws2ifsl - ok
20:17:17.0862 3108 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
20:17:17.0867 3108 wscsvc - ok
20:17:17.0873 3108 WSearch - ok
20:17:17.0970 3108 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:17:17.0991 3108 wuauserv - ok
20:17:18.0017 3108 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:17:18.0018 3108 WUDFRd - ok
20:17:18.0044 3108 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:17:18.0049 3108 wudfsvc - ok
20:17:18.0065 3108 ================ Scan global ===============================
20:17:18.0095 3108 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:17:18.0127 3108 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:17:18.0144 3108 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:17:18.0169 3108 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:17:18.0175 3108 [Global] - ok
20:17:18.0176 3108 ================ Scan MBR ==================================
20:17:18.0190 3108 [ 9F42D254A022A735A29693DB1CABE1F6 ] \Device\Harddisk0\DR0
20:17:18.0573 3108 \Device\Harddisk0\DR0 - ok
20:17:18.0573 3108 ================ Scan VBR ==================================
20:17:18.0577 3108 [ 8DB86A3D082B5AE08C19ACA5922FD628 ] \Device\Harddisk0\DR0\Partition1
20:17:18.0580 3108 \Device\Harddisk0\DR0\Partition1 - ok
20:17:18.0582 3108 ============================================================
20:17:18.0582 3108 Scan finished
20:17:18.0582 3108 ============================================================
20:17:18.0593 2880 Detected object count: 0
20:17:18.0593 2880 Actual detected object count: 0
-
Rudy
- Site Admin
- Příspěvky: 119520
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Combofix - zatuhne PC
MBR rootkita nemáte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?