Kontrola logu z Combofixu + případná pomoc

Zpráva

siricz · #1 Příspěvek od **siricz** » 27 pro 2012 20:58

Poslední dobou mi dost divně padá net ... Tak chci vědět jesti to je počasím/prowiderem nebo je to nějaká havěť... popř nějaký opravný script do combofixu

dík

ComboFix 12-12-25.02 - Shiri 26.12.2012 14:03:12.4.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8190.6007 [GMT 1:00]
Spuštěný z: c:\users\Shiri\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\STF2B06.tmp
C:\STF3573.tmp
C:\STF3CC.tmp
C:\STFAFBF.tmp
C:\STFB631.tmp
C:\STFC263.tmp
C:\STFC3C.tmp
C:\STFC7C.tmp
C:\STFE795.tmp
C:\STFF20D.tmp
C:\STFF829.tmp
c:\windows\AutoRun.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-26 do 2012-12-26 )))))))))))))))))))))))))))))))
.
.
2012-12-26 13:10 . 2012-12-26 13:10 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-12-26 13:10 . 2012-12-26 13:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-25 01:09 . 2012-12-25 01:09 -------- d-----w- c:\users\Shiri\AppData\Local\DDMSettings
2012-12-24 22:48 . 2012-12-24 22:48 -------- d-----w- c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2012-12-24 22:46 . 2012-12-24 22:50 -------- d-----w- c:\users\Shiri\AppData\Roaming\Prison Break
2012-12-23 22:57 . 2012-12-23 22:57 -------- d-----w- C:\found.000
2012-12-23 17:08 . 2012-12-23 17:55 -------- d-----w- c:\users\Shiri\AppData\Local\Darksiders
2012-12-23 17:08 . 2012-12-23 17:08 -------- d-----w- c:\program files (x86)\THQ
2012-12-22 16:52 . 2012-12-22 16:52 151515 ----a-w- c:\windows\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
2012-12-21 14:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 14:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 14:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 14:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-20 20:31 . 2012-12-20 20:31 -------- d-----w- c:\users\Public\Pixologic
2012-12-18 16:42 . 2012-12-26 12:43 -------- d-----w- c:\users\Shiri\AppData\Roaming\AIMP3
2012-12-12 16:00 . 2012-10-04 17:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-12-12 15:50 . 2012-12-12 15:50 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-12-02 18:34 . 2012-12-02 18:34 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-12-02 18:34 . 2012-12-02 18:34 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-01 21:02 . 2012-12-01 21:02 -------- d-----w- c:\programdata\SimCity Societies
2012-11-27 16:33 . 2012-11-27 16:33 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-27 15:43 . 2012-11-27 15:43 -------- d-----w- c:\program files (x86)\LastPass
2012-11-27 15:38 . 2012-11-27 15:46 -------- d-----w- c:\program files (x86)\SecurityXploded
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-26 12:20 . 2011-05-27 15:53 25640 ----a-w- c:\windows\gdrv.sys
2012-12-16 11:16 . 2012-08-06 18:42 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-16 11:16 . 2012-08-06 18:42 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 16:02 . 2011-05-27 15:20 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-02 18:34 . 2012-10-22 11:49 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-12-02 18:34 . 2011-07-04 13:52 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-23 22:42 . 2011-06-11 13:28 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-11-23 22:42 . 2011-05-28 17:25 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-11-23 22:42 . 2011-05-28 17:25 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-11-08 17:24 . 2012-11-23 14:37 9125352 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{42152A76-1FD4-4935-AB61-2AAEF6FA1499}\mpengine.dll
2012-10-26 18:01 . 2012-11-04 20:28 237400 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-10-26 18:00 . 2012-10-26 18:00 131416 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-10-26 17:59 . 2012-11-04 20:28 119640 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-10-26 17:59 . 2012-10-26 17:59 203608 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2012-10-26 17:59 . 2012-10-26 17:59 146264 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-16 08:38 . 2012-11-27 20:08 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-27 20:08 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-27 20:08 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 15:50 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 15:50 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 15:50 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 15:50 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-12 16:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 15:50 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 15:50 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 15:50 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 15:50 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 15:50 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 15:50 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 15:50 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 15:50 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 15:50 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 15:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 15:50 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-09-28 13:37 . 2012-09-28 13:37 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 13:36 . 2012-09-28 13:36 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-28 13:36 . 2012-09-28 13:36 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-28 13:36 . 2012-09-28 13:36 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-28 13:36 . 2012-09-28 13:36 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-28 13:36 . 2012-09-28 13:36 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-28 13:32 . 2012-09-28 13:32 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-09-28 02:23 . 2012-06-11 16:45 5557928 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-09-28 02:21 . 2012-09-28 02:21 10697216 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 70144 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-09-28 02:02 . 2012-09-28 02:02 16082432 ----a-w- c:\windows\system32\aticaldd64.dll
2012-09-28 01:59 . 2012-09-28 01:59 23825920 ----a-w- c:\windows\system32\atio6axx.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-28 01:43 . 2012-06-11 17:24 935424 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-09-28 01:41 . 2011-05-25 03:06 1120768 ----a-w- c:\windows\system32\aticfx64.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-09-28 01:39 . 2012-09-28 01:39 6536192 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:39 . 2012-09-28 01:39 538112 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-09-28 01:36 . 2012-09-28 01:36 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-09-28 01:31 . 2012-09-28 01:31 3127296 ----a-w- c:\windows\system32\atiumd6a.dll
2012-09-28 01:25 . 2012-09-28 01:25 6704640 ----a-w- c:\windows\system32\atiumd64.dll
2012-09-28 01:22 . 2011-05-25 02:49 7167488 ----a-w- c:\windows\system32\atidxx64.dll
2012-09-28 01:22 . 2012-06-11 16:43 2691584 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 595456 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-28 01:13 . 2012-09-28 01:13 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-09-28 01:12 . 2012-09-28 01:12 460288 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-09-28 01:11 . 2011-09-24 01:18 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-09-28 01:11 . 2012-09-28 01:11 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-09-28 01:11 . 2012-09-28 01:11 103424 ----a-w- c:\windows\system32\atiu9p64.dll
2012-09-28 01:10 . 2012-06-11 16:24 82944 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-17 218408]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"ghost"="c:\program files (x86)\GIGABYTE\GHOST(6980)\ghostopen.exe" [2010-02-07 192000]
"Tilt"="c:\program files (x86)\GIGABYTE\GHOST(6980)\Tilt.exe" [2009-06-25 724992]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"QuickTime Task"="d:\programy\Quick time\QTTask.exe" [2012-10-25 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"NPSStartup"=
"QuickTime Task"="d:\programy\Quick time\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;d:\programy\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
R2 SkypeUpdate;Skype Updater;c:\users\Shiri\Desktop\Updater\Updater.exe [2012-11-09 160944]
R3 AODDriver;AODDriver;c:\program files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [2010-03-12 52280]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
R3 atillk64;atillk64;c:\program files (x86)\AMD\System Monitor\atillk64.sys [x]
R3 ATP;Comodo Unite Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 esihdrv;esihdrv;c:\users\Shiri\AppData\Local\Temp\esihdrv.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2012-01-14 25640]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-07-21 1431888]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-07-05 14448]
R3 GGSAFERDriver;GGSAFER Driver;d:\programy\Garena Plus\Room\safedrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2012-02-08 30528]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-05-06 19936]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-05-06 13280]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2009-12-14 16392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\programy\TuneUp\TuneUpUtilitiesDriver64.sys [x]
R3 TunngleService;TunngleService;d:\programy\Tunngle\TnglCtrl.exe [2012-11-14 744856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-27 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys [2011-09-22 311144]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 431464]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-06 283200]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-10-26 237400]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-10-26 119640]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 125296]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-09-07 72280]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-11-20 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-11-20 177152]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-01 535656]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-10-26 131416]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-10-26 146264]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-04-16 10:07 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-27 03:17]
.
2012-12-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-27 03:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2918656]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: soe.com
Trusted Zone: sony.com
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.68.1 8.8.8.8
FF - ProfilePath - c:\users\Shiri\AppData\Roaming\Mozilla\Firefox\Profiles\ugrooo0t.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - ExtSQL: 2012-11-27 16:31; {B17C1C5A-04B1-11DB-9804-B622A1EF5492}; c:\users\Shiri\AppData\Roaming\Mozilla\Firefox\Profiles\ugrooo0t.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PlanetSide 2 - d:\games\PlanetSide 2\Uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3690789325-1913142257-3770156514-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:10,4d,5c,fb,5e,b6,58,41,6b,91,33,71,27,f1,0d,6f,89,a0,15,01,d4,0c,3b,
0c,c3,66,0a,91,42,64,e3,af,b0,7a,3a,20,e5,db,5d,78,4f,9f,86,7e,cb,34,de,74,\
"??"=hex:44,df,bd,07,ab,a6,ab,ad,a5,32,e3,b7,b3,c7,22,3c
.
[HKEY_USERS\S-1-5-21-3690789325-1913142257-3770156514-1000\Software\SecuROM\License information*]
"datasecu"=hex:28,b0,e0,77,c8,68,a7,12,29,df,53,96,61,0b,33,82,d0,ae,e9,e5,54,
ac,61,bd,8a,48,81,87,a9,9f,33,f7,0d,be,06,cb,82,7f,3b,93,c2,49,b7,5f,09,52,\
"rkeysecu"=hex:bf,35,45,2e,d8,94,64,5a,f6,98,81,c6,a9,dd,da,87
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-12-26 14:13:12
ComboFix-quarantined-files.txt 2012-12-26 13:13
ComboFix2.txt 2012-06-10 11:26
ComboFix3.txt 2011-10-03 05:01
ComboFix4.txt 2011-08-21 01:24
.
Před spuštěním: Volných bajtů: 13 051 617 280
Po spuštění: Volných bajtů: 13 173 747 712
.
- - End Of File - - 605FF4E5D9A943B5034AD5ED973E8C5D

siricz · #2 Příspěvek od **siricz** » 27 pro 2012 21:43

Logfile of random's system information tool 1.09 (written by random/random)
Run by Shiri at 2012-12-27 21:25:49
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 14 GB (13%) free of 103 GB
Total RAM: 8190 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:26:02, on 27.12.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Gigabyte\GHOST(6980)\GHOSTOPEN.exe
C:\Program Files (x86)\Gigabyte\GHOST(6980)\Tilt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
D:\Programy\Notepad++\notepad++.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Shiri.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ghost] C:\Program Files (x86)\GIGABYTE\GHOST(6980)\ghostopen.exe
O4 - HKLM\..\Run: [Tilt] C:\Program Files (x86)\GIGABYTE\GHOST(6980)\Tilt.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programy\Quick time\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit (mi-raysat_3dsmax2012_64) - Unknown owner - D:\Programy\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Unknown owner - C:\Users\Shiri\Desktop\Updater\Updater.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - D:\Programy\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11371 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\SysWOW64\XSrvSetup.exe
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"D:\Programy\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe"
"C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files (x86)\Gigabyte\GHOST(6980)\GHOSTOPEN.exe"
"C:\Program Files (x86)\Gigabyte\GHOST(6980)\Tilt.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1496
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/default/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/default/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="4076.0.336871794\2062249806" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/default/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/default/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="4076.1.1805220108\630550604" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/default/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/default/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="4076.2.329707547\989063516" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4076.3.16270910\913265953" --gpu-vendor-id=0x1002 --gpu-device-id=0x6739 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.2.0.0 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/default/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/default/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="4076.4.657881966\225658253" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Shiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.15_0\nplastpass.dll" --lang=cs --channel="4076.5.384221755\1049479840" /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4076.6.128808001\1180214632" --lang=cs --ignored=" --type=renderer " /prefetch:13
"D:\Programy\Teamspeak 3\ts3client_win64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"D:\Programy\Notepad++\notepad++.exe" "C:\ComboFix.txt"
"C:\Program Files\Java\jre7\bin\javaw.exe" -Xms512m -Xmx1024m -jar "C:\Users\Shiri\Desktop\Games\Minecraft.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/default/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/default/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="4076.66.481589935\2022572962" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/default/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/default/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="4076.72.7752807\949666067" /prefetch:3
"C:\Users\Shiri\Desktop\RSITx64.exe"
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey C3A74909-D507-A87B-729F-5E6BF3A138C3 -Reinvoke
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Shiri\AppData\Roaming\Mozilla\Firefox\Profiles\ugrooo0t.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.135 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.0]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.102.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.110.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.118.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=D:\Programy\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.135 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
force_tls-3.0.0-fx.xpi
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
force_tls-3.0.0-fx.xpi
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Shiri\AppData\Roaming\Mozilla\Firefox\Profiles\ugrooo0t.default\extensions\
battlefieldplay4free@ea.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-08-30 75656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-12-02 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-12-02 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2918656]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Programy\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-10 2254768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Privoxy.lnk]
D:\Programy\Privoxy\privoxy.exe [2010-11-14 358912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-09-07 43608]
"UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-02-17 218408]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"ghost"=C:\Program Files (x86)\GIGABYTE\GHOST(6980)\ghostopen.exe [2010-02-07 192000]
"Tilt"=C:\Program Files (x86)\GIGABYTE\GHOST(6980)\Tilt.exe [2009-06-25 724992]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"QuickTime Task"=D:\Programy\Quick time\QTTask.exe [2012-10-25 421888]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-10 2254768]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-06-28 249344]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=95

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-12-27 21:25:49 ----D---- C:\rsit
2012-12-27 21:25:49 ----D---- C:\Program Files\trend micro
2012-12-27 20:50:58 ----SD---- C:\ComboFix
2012-12-27 20:44:26 ----A---- C:\Windows\system32\SETAD51.tmp
2012-12-27 20:44:26 ----A---- C:\Windows\system32\RTNUninst64.dll
2012-12-27 20:44:26 ----A---- C:\Windows\system32\RtNicProp64.dll
2012-12-27 20:42:43 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2012-12-27 20:42:24 ----A---- C:\Windows\system32\drivers\RtVlan620.sys
2012-12-27 20:42:24 ----A---- C:\Windows\system32\drivers\RtTeam60.sys
2012-12-27 20:42:24 ----A---- C:\Windows\system32\drivers\RtNdPt60.sys
2012-12-27 20:36:16 ----D---- C:\Windows\LastGood
2012-12-27 20:35:24 ----D---- C:\Program Files (x86)\Renesas Electronics
2012-12-27 20:34:00 ----A---- C:\Windows\system32\drivers\jraid.sys
2012-12-26 14:13:14 ----D---- C:\Windows\temp
2012-12-26 14:13:13 ----A---- C:\ComboFix.txt
2012-12-26 14:00:44 ----A---- C:\Windows\zip.exe
2012-12-26 14:00:44 ----A---- C:\Windows\SWSC.exe
2012-12-26 14:00:44 ----A---- C:\Windows\SWREG.exe
2012-12-26 14:00:44 ----A---- C:\Windows\sed.exe
2012-12-26 14:00:44 ----A---- C:\Windows\PEV.exe
2012-12-26 14:00:44 ----A---- C:\Windows\NIRCMD.exe
2012-12-26 14:00:44 ----A---- C:\Windows\MBR.exe
2012-12-26 14:00:44 ----A---- C:\Windows\grep.exe
2012-12-24 23:48:07 ----D---- C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2012-12-24 23:46:43 ----D---- C:\Users\Shiri\AppData\Roaming\Prison Break
2012-12-23 23:57:25 ----D---- C:\found.000
2012-12-23 18:08:16 ----D---- C:\Program Files (x86)\THQ
2012-12-22 17:52:59 ----A---- C:\Windows\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
2012-12-22 16:04:55 ----A---- C:\Windows\eReg.dat
2012-12-21 15:00:13 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-21 15:00:13 ----A---- C:\Windows\system32\atmlib.dll
2012-12-21 15:00:12 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-21 15:00:12 ----A---- C:\Windows\system32\atmfd.dll
2012-12-18 17:42:50 ----D---- C:\Users\Shiri\AppData\Roaming\AIMP3
2012-12-12 17:01:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-12-12 17:01:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-12-12 17:01:39 ----A---- C:\Windows\system32\mshtmled.dll
2012-12-12 17:01:38 ----A---- C:\Windows\SYSWOW64\url.dll
2012-12-12 17:01:38 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-12-12 17:01:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-12-12 17:01:38 ----A---- C:\Windows\system32\url.dll
2012-12-12 17:01:38 ----A---- C:\Windows\system32\ieUnatt.exe
2012-12-12 17:01:38 ----A---- C:\Windows\system32\ieui.dll
2012-12-12 17:01:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-12-12 17:01:37 ----A---- C:\Windows\system32\urlmon.dll
2012-12-12 17:01:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-12-12 17:01:36 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-12-12 17:01:36 ----A---- C:\Windows\system32\msfeeds.dll
2012-12-12 17:01:36 ----A---- C:\Windows\system32\jscript9.dll
2012-12-12 17:01:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-12-12 17:01:35 ----A---- C:\Windows\system32\wininet.dll
2012-12-12 17:01:35 ----A---- C:\Windows\system32\jsproxy.dll
2012-12-12 17:01:34 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-12-12 17:01:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-12-12 17:01:34 ----A---- C:\Windows\system32\vbscript.dll
2012-12-12 17:01:34 ----A---- C:\Windows\system32\jscript.dll
2012-12-12 17:01:34 ----A---- C:\Windows\system32\iertutil.dll
2012-12-12 17:01:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-12-12 17:01:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-12-12 17:01:28 ----A---- C:\Windows\system32\mshtml.dll
2012-12-12 17:01:27 ----A---- C:\Windows\system32\ieframe.dll
2012-12-12 17:01:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-12-12 17:00:50 ----A---- C:\Windows\system32\winsrv.dll
2012-12-12 17:00:50 ----A---- C:\Windows\system32\KernelBase.dll
2012-12-12 17:00:50 ----A---- C:\Windows\system32\kernel32.dll
2012-12-12 17:00:50 ----A---- C:\Windows\system32\conhost.exe
2012-12-12 17:00:49 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-12-12 17:00:49 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-12-12 17:00:47 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-12-12 17:00:47 ----A---- C:\Windows\system32\wow64win.dll
2012-12-12 17:00:47 ----A---- C:\Windows\system32\wow64.dll
2012-12-12 17:00:47 ----A---- C:\Windows\system32\ntvdm64.dll
2012-12-12 17:00:44 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-12-12 17:00:44 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-12-12 17:00:44 ----A---- C:\Windows\system32\wow64cpu.dll
2012-12-12 17:00:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 17:00:42 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-12-12 17:00:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 17:00:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-12 17:00:41 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 17:00:41 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-12-12 17:00:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 17:00:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-12 17:00:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 17:00:40 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-12-12 17:00:40 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 17:00:40 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-12-12 17:00:40 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 17:00:40 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 17:00:40 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-12-12 17:00:40 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 17:00:40 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 17:00:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 17:00:39 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 17:00:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 17:00:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 17:00:38 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 17:00:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 17:00:37 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 17:00:37 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 17:00:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 17:00:35 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 17:00:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 17:00:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 17:00:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 17:00:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 17:00:34 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 17:00:34 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 17:00:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-12 17:00:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 17:00:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-12 17:00:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 17:00:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 17:00:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 17:00:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-12 17:00:27 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-12-12 17:00:27 ----A---- C:\Windows\SYSWOW64\user.exe
2012-12-12 17:00:14 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-12-12 17:00:14 ----A---- C:\Windows\system32\tzres.dll
2012-12-12 17:00:05 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2012-12-12 17:00:05 ----A---- C:\Windows\system32\dpnet.dll
2012-12-12 17:00:04 ----A---- C:\Windows\system32\win32k.sys
2012-12-12 16:50:00 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-12-02 19:34:48 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-12-01 22:02:21 ----D---- C:\ProgramData\SimCity Societies

======List of files/folders modified in the last 1 month======

2012-12-27 21:25:49 ----RD---- C:\Program Files
2012-12-27 20:59:38 ----D---- C:\Users\Shiri\AppData\Roaming\TS3Client
2012-12-27 20:51:00 ----AD---- C:\Qoobox
2012-12-27 20:50:50 ----D---- C:\Windows\system32\drivers
2012-12-27 20:45:43 ----D---- C:\Windows\system32\config
2012-12-27 20:45:00 ----D---- C:\Windows\System32
2012-12-27 20:44:53 ----D---- C:\Windows\inf
2012-12-27 20:44:51 ----D---- C:\Windows\system32\catroot
2012-12-27 20:44:50 ----D---- C:\Windows\system32\DriverStore
2012-12-27 20:44:25 ----D---- C:\Program Files (x86)\Realtek
2012-12-27 20:44:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-27 20:36:35 ----SHD---- C:\Windows\Installer
2012-12-27 20:36:18 ----D---- C:\Windows\SysWOW64
2012-12-27 20:36:18 ----D---- C:\Windows\RaidTool
2012-12-27 20:36:16 ----D---- C:\Windows
2012-12-27 20:35:24 ----RD---- C:\Program Files (x86)
2012-12-27 19:07:51 ----D---- C:\Users\Shiri\AppData\Roaming\Skype
2012-12-27 14:41:25 ----D---- C:\Users\Shiri\AppData\Roaming\uTorrent
2012-12-27 14:40:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-26 16:54:49 ----D---- C:\Users\Shiri\AppData\Roaming\.minecraft
2012-12-26 14:10:38 ----A---- C:\Windows\system.ini
2012-12-26 14:10:35 ----D---- C:\Windows\system32\drivers\etc
2012-12-26 14:07:45 ----D---- C:\Windows\SYSWOW64\drivers
2012-12-26 14:07:45 ----D---- C:\Windows\AppPatch
2012-12-26 14:07:44 ----D---- C:\Program Files (x86)\Common Files
2012-12-26 13:43:39 ----D---- C:\Users\Shiri\AppData\Roaming\DAEMON Tools Lite
2012-12-26 13:43:34 ----D---- C:\Windows\Logs
2012-12-26 13:43:34 ----D---- C:\Windows\debug
2012-12-25 18:55:40 ----D---- C:\Windows\rescache
2012-12-25 01:15:31 ----RSD---- C:\Windows\Fonts
2012-12-24 23:47:19 ----RSD---- C:\Windows\assembly
2012-12-23 18:08:18 ----D---- C:\Windows\SYSWOW64\directx
2012-12-23 14:24:04 ----D---- C:\Users\Shiri\AppData\Roaming\.techniclauncher
2012-12-23 11:16:21 ----D---- C:\Program Files (x86)\TeamViewer
2012-12-21 21:28:06 ----D---- C:\Windows\system32\catroot2
2012-12-21 21:27:55 ----D---- C:\Windows\winsxs
2012-12-16 12:16:56 ----D---- C:\Windows\Tasks
2012-12-16 12:16:50 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-12-16 03:46:41 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-12-13 15:05:29 ----D---- C:\Windows\Prefetch
2012-12-12 23:21:53 ----D---- C:\Windows\SYSWOW64\migration
2012-12-12 23:21:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-12-12 23:21:53 ----D---- C:\Windows\system32\cs-CZ
2012-12-12 23:21:53 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-12 23:21:52 ----D---- C:\Windows\system32\migration
2012-12-12 23:21:52 ----D---- C:\Program Files\Internet Explorer
2012-12-12 17:02:53 ----A---- C:\Windows\system32\MRT.exe
2012-12-12 17:02:50 ----D---- C:\ProgramData\Microsoft Help
2012-12-11 19:13:15 ----D---- C:\ProgramData\Media Center Programs
2012-12-05 15:08:20 ----D---- C:\ProgramData\Origin
2012-12-05 15:08:19 ----D---- C:\Users\Shiri\AppData\Roaming\Origin
2012-12-02 19:34:43 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2012-12-02 19:34:43 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-12-02 19:34:43 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-12-02 19:34:43 ----A---- C:\Windows\SYSWOW64\java.exe
2012-12-02 19:34:43 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-12-02 19:34:41 ----D---- C:\Program Files (x86)\Java
2012-12-01 22:02:21 ----D---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie64.sys [2010-06-17 16440]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2011-05-19 120920]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-06 283200]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-10-26 237400]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-10-26 119640]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-06-06 88480]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 125296]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-06-06 46400]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-28 10697216]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-28 460288]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-01-01 25640]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-05-25 253728]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-10-26 131416]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-10-26 146264]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 27136]
S3 AODDriver;AODDriver; \??\C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [2010-03-12 52280]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
S3 atillk64;atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys []
S3 ATP;Comodo Unite Miniport Driver; C:\Windows\system32\DRIVERS\cmdatp.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 esihdrv;esihdrv; \??\C:\Users\Shiri\AppData\Local\Temp\esihdrv.sys []
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2012-01-14 25640]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-07-06 14448]
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Programy\Garena Plus\Room\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-07-06 27760]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2012-02-08 30528]
S3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys []
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys [2011-09-16 32360]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-11-11 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-11-11 172104]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-12-14 16392]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Programy\TuneUp\TuneUpUtilitiesDriver64.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S4 RsFx0105;RsFx0105 Driver; C:\Windows\system32\DRIVERS\RsFx0105.sys [2011-09-22 311144]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-28 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 361984]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R2 JMB36X;JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [2010-09-07 72280]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-04-16 73728]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit; D:\Programy\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2011-09-22 58345832]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-09-21 76888]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2011-09-22 154984]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-27 136176]
S2 SkypeUpdate;Skype Updater; C:\Users\Shiri\Desktop\Updater\Updater.exe []
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 42360]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-07-21 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-27 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-23 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TunngleService;TunngleService; D:\Programy\Tunngle\TnglCtrl.exe [2012-11-14 744856]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-27 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2007-11-07 4466688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 431464]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2011-09-22 255336]

-----------------EOF-----------------

siricz · #3 Příspěvek od **siricz** » 27 pro 2012 22:03

Naughty píše: Udelej test pomoci mbrscanu + tdsskilleru na bootkity - vloz mi sem jejich logy
:

MBRScan:

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 7 Service Pack 1 (64 bit)
PROCESSOR      : AMD64 Family 16 Model 4 Stepping 3, AuthenticAMD
BOOT           : Normal Boot
DATE           : 2012/12/27 (ISO 8601) at 21:51:22
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST3750525AS (CJ54)
BUS_TYPE       : (0x08)  RAID
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : dword aligned
________________________________________________________________________________

Device\Harddisk0\DR0	698.6 Go  [Fixed] ==> 7 MBR Code .

MBR_MD5   : CFF550D2FF0F8753ACC6A5D54CD4977B
MBR_SHA1  : 3CD6CA37A99B9A69F39C8D84EBBF63B066A34E7F

Device\Harddisk0\Partition1	100.0 Mo  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2	100.6 Go  	0x07 NTFS / HPFS
Device\Harddisk0\Partition3	598.0 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x03200000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00BCC000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\mcupdate_AuthenticAMD.dll => Invisible on the disk
ADDRESS : 0x00C32000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00C53000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00CB1000
SIZE    : 768.0 Ko

DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00EFC000
SIZE    : 776.0 Ko

DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00FBE000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE    : 348.0 Ko

DRIVER  : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00E57000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00E60000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00E6A000
SIZE    : 204.0 Ko

DRIVER  : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00E9D000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00EAA000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00EBF000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x00D71000
SIZE    : 368.0 Ko

DRIVER  : C:\Windows\system32\drivers\pciide.sys => Invisible on the disk
ADDRESS : 0x00ED4000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\system32\drivers\PCIIDEX.SYS => Invisible on the disk
ADDRESS : 0x00EDB000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\jraid.sys => Invisible on the disk
ADDRESS : 0x00FCE000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\SCSIPORT.SYS => Invisible on the disk
ADDRESS : 0x00DCD000
SIZE    : 188.0 Ko

DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x00C00000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\drivers\vmbus.sys => Invisible on the disk
ADDRESS : 0x01019000
SIZE    : 240.0 Ko

DRIVER  : C:\Windows\system32\drivers\winhv.sys => Invisible on the disk
ADDRESS : 0x01055000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\drivers\atapi.sys => Invisible on the disk
ADDRESS : 0x01069000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\ataport.SYS => Invisible on the disk
ADDRESS : 0x01072000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x0109C000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x010A7000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x010F3000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x0121D000
SIZE    : 1.64 Mo

DRIVER  : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x01107000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x013C0000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x01165000
SIZE    : 456.0 Ko

DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x013DB000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x013EC000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x01459000
SIZE    : 968.0 Ko

DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x0154B000
SIZE    : 384.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x015AB000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01628000
SIZE    : 2.00 Mo

DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x01829000
SIZE    : 296.0 Ko

DRIVER  : C:\Windows\system32\drivers\vmstorfl.sys => Invisible on the disk
ADDRESS : 0x01873000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x01883000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x018CF000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x018E1000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x0191B000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x0192D000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x01936000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\disk.sys => Invisible on the disk
ADDRESS : 0x01970000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01986000
SIZE    : 192.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\AtiPcie64.sys => Invisible on the disk
ADDRESS : 0x019B6000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\dtsoftbus01.sys => Invisible on the disk
ADDRESS : 0x01400000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x015D5000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x01613000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x0161C000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ehdrv.sys => Invisible on the disk
ADDRESS : 0x011D7000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x01449000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x06A0D000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x06A32000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x06A42000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x06A4B000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x06A54000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x06A5D000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x06A68000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x06A79000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x06A9B000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x06AA8000
SIZE    : 548.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x06B31000
SIZE    : 276.0 Ko

DRIVER  : C:\Windows\system32\drivers\ws2ifsl.sys => Invisible on the disk
ADDRESS : 0x06B76000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x06B81000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x06B8A000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x06BB0000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\serial.sys => Invisible on the disk
ADDRESS : 0x06BBF000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x06BDC000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\VBoxUSBMon.sys => Invisible on the disk
ADDRESS : 0x06C9D000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\VBoxDrv.sys => Invisible on the disk
ADDRESS : 0x06CC1000
SIZE    : 252.0 Ko

DRIVER  : C:\Windows\system32\drivers\termdd.sys => Invisible on the disk
ADDRESS : 0x06D00000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x06D14000
SIZE    : 324.0 Ko

DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x06D65000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x06D71000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x06D7C000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\csc.sys => Invisible on the disk
ADDRESS : 0x06C00000
SIZE    : 524.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x06D8B000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x06DA9000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\AppleCharger.sys => Invisible on the disk
ADDRESS : 0x06DBA000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x06DC2000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\amdppm.sys => Invisible on the disk
ADDRESS : 0x06DE8000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x06C83000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\atikmpag.sys => Invisible on the disk
ADDRESS : 0x06E62000
SIZE    : 472.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\atikmdag.sys => Invisible on the disk
ADDRESS : 0x07268000
SIZE    : 10.54 Mo

DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x07CF1000
SIZE    : 976.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x07200000
SIZE    : 280.0 Ko

DRIVER  : C:\Windows\system32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x06ED8000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x07246000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbfilter.sys => Invisible on the disk
ADDRESS : 0x07248000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbohci.sys => Invisible on the disk
ADDRESS : 0x07257000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x06F2C000
SIZE    : 344.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the disk
ADDRESS : 0x07DE5000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\drivers\1394ohci.sys => Invisible on the disk
ADDRESS : 0x06F82000
SIZE    : 248.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\serenum.sys => Invisible on the disk
ADDRESS : 0x0817F000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\parport.sys => Invisible on the disk
ADDRESS : 0x0818B000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\drivers\i8042prt.sys => Invisible on the disk
ADDRESS : 0x081A8000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
ADDRESS : 0x081C6000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x081D5000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\vcsvad.sys => Invisible on the disk
ADDRESS : 0x081E5000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\portcls.sys => Invisible on the disk
ADDRESS : 0x08000000
SIZE    : 244.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\drmk.sys => Invisible on the disk
ADDRESS : 0x0803D000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ks.sys => Invisible on the disk
ADDRESS : 0x0805F000
SIZE    : 268.0 Ko

DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x080A2000
SIZE    : 24.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x080A8000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x080BE000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x080E2000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x06FC0000
SIZE    : 188.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x06E00000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x06E1B000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x06E3C000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tap0901t.sys => Invisible on the disk
ADDRESS : 0x080EE000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\VBoxNetAdp.sys => Invisible on the disk
ADDRESS : 0x084F2000
SIZE    : 156.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\hamachi.sys => Invisible on the disk
ADDRESS : 0x08519000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdpbus.sys => Invisible on the disk
ADDRESS : 0x08524000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x0852F000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\VBoxNetFlt.sys => Invisible on the disk
ADDRESS : 0x0853E000
SIZE    : 160.0 Ko

DRIVER  : C:\Windows\system32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x08566000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\amdiox64.sys => Invisible on the disk
ADDRESS : 0x08568000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0x0857C000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x085A5000
SIZE    : 360.0 Ko

DRIVER  : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x08400000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\RtHDMIVX.sys => Invisible on the disk
ADDRESS : 0x08415000
SIZE    : 244.0 Ko

DRIVER  : C:\Windows\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x09C04000
SIZE    : 2.76 Mo

DRIVER  : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x09F0B000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x09F2F000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_diskdump.sys => Invisible on the disk
ADDRESS : 0x09F3D000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_JRAID.sys => Invisible on the disk
ADDRESS : 0x09F47000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x09F68000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x00020000
SIZE    : 3.09 Mo

DRIVER  : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x09F7B000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x09F87000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x004E0000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00770000
SIZE    : 156.0 Ko

DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x09F95000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\eamonm.sys => Invisible on the disk
ADDRESS : 0x03888000
SIZE    : 868.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x03961000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x03976000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x07E7C000
SIZE    : 804.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x07F45000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x07F63000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x07F7B000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x07FA8000
SIZE    : 312.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x07E00000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\atksgt.sys => Invisible on the disk
ADDRESS : 0x07E56000
SIZE    : 92.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\epfwwfpr.sys => Invisible on the disk
ADDRESS : 0x0398E000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\lirsgt.sys => Invisible on the disk
ADDRESS : 0x039AF000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x0C41B000
SIZE    : 664.0 Ko

DRIVER  : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x0C4C1000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x0C4CC000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x0C4FD000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x0C50F000
SIZE    : 420.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x08452000
SIZE    : 608.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x0C578000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk
ADDRESS : 0x0C595000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x0C5A3000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
ADDRESS : 0x0C5BC000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\kbdhid.sys => Invisible on the disk
ADDRESS : 0x0C5C9000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\asyncmac.sys => Invisible on the disk
ADDRESS : 0x0C5E6000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nusb3xhc.sys => Invisible on the disk
ADDRESS : 0x039BD000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nusb3hub.sys => Invisible on the disk
ADDRESS : 0x0C400000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\Rt64win7.sys => Invisible on the disk
ADDRESS : 0x0DCD0000
SIZE    : 640.0 Ko

DRIVER  : C:\Windows\system32\Drivers\PROCEXP113.SYS => Invisible on the disk
ADDRESS : 0x0DD70000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x483E0000
SIZE    : 128.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTOUT

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A F5 43 68 25 00 00 80 20   em...c{.õCh%... 
0x000001C0   21 00 07 A3 13 0D 00 08 00 00 00 20 03 00 00 A3   !..£....... ...£
0x000001D0   14 0D 07 EF FF FF 00 28 03 00 B0 49 92 0C 00 EF   ...ï...(..°I...ï
0x000001E0   FF FF 0F EF FF FF B0 71 95 0C A0 DD BE 4A 00 00   ...ï..°q...Ý¾J..
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

siricz · #4 Příspěvek od **siricz** » 27 pro 2012 22:04

a tady TDSS

Kód: Vybrat vše

22:00:16.0143 4324  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:00:16.0277 4324  ============================================================
22:00:16.0277 4324  Current date / time: 2012/12/27 22:00:16.0277
22:00:16.0277 4324  SystemInfo:
22:00:16.0277 4324  
22:00:16.0277 4324  OS Version: 6.1.7601 ServicePack: 1.0
22:00:16.0277 4324  Product type: Workstation
22:00:16.0277 4324  ComputerName: SHIRI-PC
22:00:16.0277 4324  UserName: Shiri
22:00:16.0277 4324  Windows directory: C:\Windows
22:00:16.0277 4324  System windows directory: C:\Windows
22:00:16.0277 4324  Running under WOW64
22:00:16.0277 4324  Processor architecture: Intel x64
22:00:16.0277 4324  Number of processors: 4
22:00:16.0277 4324  Page size: 0x1000
22:00:16.0277 4324  Boot type: Normal boot
22:00:16.0277 4324  ============================================================
22:00:16.0370 4324  BG loaded
22:00:16.0668 4324  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x17A85, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000048
22:00:16.0671 4324  ============================================================
22:00:16.0671 4324  \Device\Harddisk0\DR0:
22:00:16.0672 4324  MBR partitions:
22:00:16.0672 4324  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:00:16.0672 4324  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC9249B0
22:00:16.0682 4324  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC9571EF, BlocksNum 0x4ABEDD61
22:00:16.0682 4324  ============================================================
22:00:16.0713 4324  C: <-> \Device\Harddisk0\DR0\Partition2
22:00:16.0726 4324  D: <-> \Device\Harddisk0\DR0\Partition3
22:00:16.0726 4324  ============================================================
22:00:16.0726 4324  Initialize success
22:00:16.0726 4324  ============================================================
22:00:34.0378 1856  ============================================================
22:00:34.0378 1856  Scan started
22:00:34.0378 1856  Mode: Manual; 
22:00:34.0378 1856  ============================================================
22:00:34.0922 1856  ================ Scan system memory ========================
22:00:34.0922 1856  System memory - ok
22:00:34.0923 1856  ================ Scan services =============================
22:00:35.0077 1856  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:00:35.0081 1856  1394ohci - ok
22:00:35.0113 1856  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:00:35.0117 1856  ACPI - ok
22:00:35.0144 1856  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:00:35.0144 1856  AcpiPmi - ok
22:00:35.0218 1856  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:00:35.0220 1856  AdobeARMservice - ok
22:00:35.0260 1856  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:00:35.0268 1856  adp94xx - ok
22:00:35.0285 1856  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:00:35.0316 1856  adpahci - ok
22:00:35.0320 1856  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:00:35.0322 1856  adpu320 - ok
22:00:35.0360 1856  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:00:35.0361 1856  AeLookupSvc - ok
22:00:35.0425 1856  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
22:00:35.0433 1856  AFD - ok
22:00:35.0458 1856  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:00:35.0460 1856  agp440 - ok
22:00:35.0480 1856  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
22:00:35.0483 1856  ALG - ok
22:00:35.0517 1856  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:00:35.0518 1856  aliide - ok
22:00:35.0577 1856  [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:00:35.0581 1856  AMD External Events Utility - ok
22:00:35.0631 1856  AMD FUEL Service - ok
22:00:35.0657 1856  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
22:00:35.0658 1856  amdide - ok
22:00:35.0673 1856  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
22:00:35.0674 1856  amdiox64 - ok
22:00:35.0704 1856  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:00:35.0739 1856  AmdK8 - ok
22:00:35.0947 1856  [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:00:35.0990 1856  amdkmdag - ok
22:00:36.0023 1856  [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:00:36.0026 1856  amdkmdap - ok
22:00:36.0046 1856  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:00:36.0087 1856  AmdPPM - ok
22:00:36.0139 1856  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:00:36.0142 1856  amdsata - ok
22:00:36.0168 1856  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:00:36.0172 1856  amdsbs - ok
22:00:36.0185 1856  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:00:36.0186 1856  amdxata - ok
22:00:36.0255 1856  [ B934322C68C30DCECA96C0274A51F7B0 ] AODDriver       C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys
22:00:36.0297 1856  AODDriver - ok
22:00:36.0330 1856  [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.01   C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
22:00:36.0332 1856  AODDriver4.01 - ok
22:00:36.0344 1856  [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
22:00:36.0345 1856  AODDriver4.2 - ok
22:00:36.0376 1856  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
22:00:36.0392 1856  AppID - ok
22:00:36.0421 1856  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:00:36.0421 1856  AppIDSvc - ok
22:00:36.0454 1856  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
22:00:36.0460 1856  Appinfo - ok
22:00:36.0492 1856  [ 301AA64F9643BC453D90A66C4C0E7204 ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
22:00:36.0495 1856  AppleCharger - ok
22:00:36.0510 1856  [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
22:00:36.0512 1856  AppleChargerSrv - ok
22:00:36.0558 1856  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:00:36.0562 1856  AppMgmt - ok
22:00:36.0572 1856  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:00:36.0574 1856  arc - ok
22:00:36.0588 1856  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:00:36.0590 1856  arcsas - ok
22:00:36.0671 1856  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:00:36.0672 1856  aspnet_state - ok
22:00:36.0698 1856  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:00:36.0730 1856  AsyncMac - ok
22:00:36.0764 1856  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
22:00:36.0765 1856  atapi - ok
22:00:36.0794 1856  [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:00:36.0802 1856  AtiHDAudioService - ok
22:00:36.0852 1856  atillk64 - ok
22:00:36.0893 1856  [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie64.sys
22:00:36.0896 1856  AtiPcie - ok
22:00:36.0933 1856  [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
22:00:36.0936 1856  atksgt - ok
22:00:36.0952 1856  ATP - ok
22:00:37.0016 1856  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:00:37.0027 1856  AudioEndpointBuilder - ok
22:00:37.0051 1856  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:00:37.0061 1856  AudioSrv - ok
22:00:37.0098 1856  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:00:37.0102 1856  AxInstSV - ok
22:00:37.0149 1856  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:00:37.0156 1856  b06bdrv - ok
22:00:37.0184 1856  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:00:37.0213 1856  b57nd60a - ok
22:00:37.0258 1856  [ 382B151DAFFE4A9CE9DA9F564B66761E ] BCUService      C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
22:00:37.0259 1856  BCUService - ok
22:00:37.0295 1856  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:00:37.0298 1856  BDESVC - ok
22:00:37.0311 1856  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:00:37.0313 1856  Beep - ok
22:00:37.0377 1856  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
22:00:37.0388 1856  BFE - ok
22:00:37.0423 1856  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
22:00:37.0439 1856  BITS - ok
22:00:37.0456 1856  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:00:37.0456 1856  blbdrive - ok
22:00:37.0496 1856  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:00:37.0497 1856  bowser - ok
22:00:37.0509 1856  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:00:37.0512 1856  BrFiltLo - ok
22:00:37.0531 1856  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:00:37.0533 1856  BrFiltUp - ok
22:00:37.0571 1856  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
22:00:37.0573 1856  BridgeMP - ok
22:00:37.0605 1856  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
22:00:37.0608 1856  Browser - ok
22:00:37.0624 1856  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:00:37.0670 1856  Brserid - ok
22:00:37.0686 1856  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:00:37.0719 1856  BrSerWdm - ok
22:00:37.0740 1856  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:00:37.0755 1856  BrUsbMdm - ok
22:00:37.0767 1856  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:00:37.0768 1856  BrUsbSer - ok
22:00:37.0783 1856  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:00:37.0784 1856  BTHMODEM - ok
22:00:37.0790 1856  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
22:00:37.0792 1856  bthserv - ok
22:00:37.0919 1856  catchme - ok
22:00:37.0941 1856  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:00:37.0943 1856  cdfs - ok
22:00:37.0998 1856  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:00:38.0041 1856  cdrom - ok
22:00:38.0075 1856  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:00:38.0078 1856  CertPropSvc - ok
22:00:38.0094 1856  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:00:38.0097 1856  circlass - ok
22:00:38.0128 1856  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
22:00:38.0183 1856  CLFS - ok
22:00:38.0248 1856  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:00:38.0254 1856  clr_optimization_v2.0.50727_32 - ok
22:00:38.0306 1856  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:00:38.0308 1856  clr_optimization_v2.0.50727_64 - ok
22:00:38.0370 1856  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:00:38.0373 1856  clr_optimization_v4.0.30319_32 - ok
22:00:38.0389 1856  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:00:38.0392 1856  clr_optimization_v4.0.30319_64 - ok
22:00:38.0407 1856  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:00:38.0419 1856  CmBatt - ok
22:00:38.0431 1856  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:00:38.0431 1856  cmdide - ok
22:00:38.0486 1856  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
22:00:38.0494 1856  CNG - ok
22:00:38.0506 1856  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:00:38.0506 1856  Compbatt - ok
22:00:38.0530 1856  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:00:38.0531 1856  CompositeBus - ok
22:00:38.0534 1856  COMSysApp - ok
22:00:38.0539 1856  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:00:38.0541 1856  crcdisk - ok
22:00:38.0564 1856  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:00:38.0565 1856  CryptSvc - ok
22:00:38.0606 1856  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
22:00:38.0614 1856  CSC - ok
22:00:38.0652 1856  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
22:00:38.0664 1856  CscService - ok
22:00:38.0693 1856  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:00:38.0697 1856  DcomLaunch - ok
22:00:38.0729 1856  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
22:00:38.0732 1856  defragsvc - ok
22:00:38.0752 1856  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:00:38.0754 1856  DfsC - ok
22:00:38.0779 1856  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:00:38.0786 1856  Dhcp - ok
22:00:38.0805 1856  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
22:00:38.0847 1856  discache - ok
22:00:38.0862 1856  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:00:38.0878 1856  Disk - ok
22:00:38.0905 1856  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:00:38.0907 1856  Dnscache - ok
22:00:38.0956 1856  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:00:38.0962 1856  dot3svc - ok
22:00:38.0983 1856  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
22:00:38.0986 1856  DPS - ok
22:00:39.0012 1856  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:00:39.0013 1856  drmkaud - ok
22:00:39.0058 1856  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:00:39.0065 1856  dtsoftbus01 - ok
22:00:39.0105 1856  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:00:39.0122 1856  DXGKrnl - ok
22:00:39.0148 1856  EagleX64 - ok
22:00:39.0182 1856  [ ACA3FE4F18A945B7BF2618A79F6F670B ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
22:00:39.0183 1856  eamonm - ok
22:00:39.0211 1856  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
22:00:39.0212 1856  EapHost - ok
22:00:39.0298 1856  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:00:39.0320 1856  ebdrv - ok
22:00:39.0343 1856  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
22:00:39.0344 1856  EFS - ok
22:00:39.0371 1856  [ 6672438BDCBFD87250D22112D458294D ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
22:00:39.0416 1856  ehdrv - ok
22:00:39.0465 1856  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:00:39.0475 1856  ehRecvr - ok
22:00:39.0509 1856  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
22:00:39.0510 1856  ehSched - ok
22:00:39.0536 1856  [ DEB2B067745D92FF17A5068DFD2360BC ] EhttpSrv        C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
22:00:39.0538 1856  EhttpSrv - ok
22:00:39.0575 1856  [ 191D8ECCC40F05B52FAC0513F35BA01D ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
22:00:39.0587 1856  ekrn - ok
22:00:39.0625 1856  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:00:39.0633 1856  elxstor - ok
22:00:39.0660 1856  [ 954FADE8E59F159B0A71D0CFCC99A76E ] epfwwfpr        C:\Windows\system32\DRIVERS\epfwwfpr.sys
22:00:39.0663 1856  epfwwfpr - ok
22:00:39.0679 1856  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:00:39.0680 1856  ErrDev - ok
22:00:39.0717 1856  [ B8FA96995726D1FA58476E352C02AD82 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
22:00:39.0718 1856  ES lite Service - ok
22:00:39.0789 1856  esihdrv - ok
22:00:39.0819 1856  [ 84486624268E078255BC7AA47F0960BC ] etdrv           C:\Windows\etdrv.sys
22:00:39.0820 1856  etdrv - ok
22:00:39.0863 1856  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
22:00:39.0870 1856  EventSystem - ok
22:00:39.0896 1856  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
22:00:39.0951 1856  exfat - ok
22:00:39.0962 1856  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:00:39.0963 1856  fastfat - ok
22:00:39.0990 1856  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
22:00:39.0994 1856  Fax - ok
22:00:40.0013 1856  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:00:40.0069 1856  fdc - ok
22:00:40.0073 1856  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:00:40.0074 1856  fdPHost - ok
22:00:40.0078 1856  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:00:40.0079 1856  FDResPub - ok
22:00:40.0091 1856  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:00:40.0102 1856  FileInfo - ok
22:00:40.0105 1856  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:00:40.0105 1856  Filetrace - ok
22:00:40.0165 1856  [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
22:00:40.0179 1856  FLEXnet Licensing Service 64 - ok
22:00:40.0192 1856  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:00:40.0192 1856  flpydisk - ok
22:00:40.0258 1856  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:00:40.0312 1856  FltMgr - ok
22:00:40.0343 1856  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
22:00:40.0350 1856  FontCache - ok
22:00:40.0391 1856  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:00:40.0396 1856  FontCache3.0.0.0 - ok
22:00:40.0406 1856  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:00:40.0446 1856  FsDepends - ok
22:00:40.0473 1856  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:00:40.0478 1856  Fs_Rec - ok
22:00:40.0518 1856  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:00:40.0522 1856  fvevol - ok
22:00:40.0542 1856  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:00:40.0544 1856  gagp30kx - ok
22:00:40.0565 1856  [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv            C:\Windows\gdrv.sys
22:00:40.0566 1856  gdrv - ok
22:00:40.0617 1856  [ 16C2A6BCDDA8952C2035DEC861492A19 ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
22:00:40.0618 1856  ggflt - ok
22:00:40.0713 1856  GGSAFERDriver - ok
22:00:40.0762 1856  [ 6B503DF845EABF3457E49FBBDA26C10E ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
22:00:40.0763 1856  ggsemc - ok
22:00:40.0796 1856  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
22:00:40.0801 1856  gpsvc - ok
22:00:40.0870 1856  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:00:40.0872 1856  gupdate - ok
22:00:40.0885 1856  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:00:40.0887 1856  gupdatem - ok
22:00:40.0920 1856  [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64        C:\Windows\GVTDrv64.sys
22:00:40.0921 1856  GVTDrv64 - ok
22:00:40.0955 1856  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
22:00:40.0956 1856  hamachi - ok
22:00:41.0099 1856  [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
22:00:41.0117 1856  Hamachi2Svc - ok
22:00:41.0147 1856  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:00:41.0147 1856  hcw85cir - ok
22:00:41.0188 1856  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:00:41.0190 1856  HdAudAddService - ok
22:00:41.0205 1856  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:00:41.0206 1856  HDAudBus - ok
22:00:41.0225 1856  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:00:41.0226 1856  HidBatt - ok
22:00:41.0243 1856  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:00:41.0285 1856  HidBth - ok
22:00:41.0299 1856  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:00:41.0329 1856  HidIr - ok
22:00:41.0348 1856  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
22:00:41.0349 1856  hidserv - ok
22:00:41.0378 1856  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:00:41.0379 1856  HidUsb - ok
22:00:41.0421 1856  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:00:41.0424 1856  hkmsvc - ok
22:00:41.0456 1856  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:00:41.0462 1856  HomeGroupListener - ok
22:00:41.0484 1856  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:00:41.0491 1856  HomeGroupProvider - ok
22:00:41.0501 1856  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:00:41.0503 1856  HpSAMD - ok
22:00:41.0570 1856  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:00:41.0581 1856  HTTP - ok
22:00:41.0621 1856  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:00:41.0622 1856  hwpolicy - ok
22:00:41.0637 1856  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:00:41.0639 1856  i8042prt - ok
22:00:41.0682 1856  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:00:41.0689 1856  iaStorV - ok
22:00:41.0758 1856  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:00:41.0759 1856  IDriverT - ok
22:00:41.0797 1856  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:00:41.0809 1856  idsvc - ok
22:00:41.0840 1856  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:00:41.0842 1856  iirsp - ok
22:00:41.0872 1856  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
22:00:41.0887 1856  IKEEXT - ok
22:00:41.0982 1856  [ 718A4008EE5DA174400396B27509EF82 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:00:41.0998 1856  IntcAzAudAddService - ok
22:00:42.0011 1856  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
22:00:42.0012 1856  intelide - ok
22:00:42.0037 1856  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:00:42.0070 1856  intelppm - ok
22:00:42.0105 1856  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:00:42.0107 1856  IPBusEnum - ok
22:00:42.0132 1856  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:00:42.0134 1856  IpFilterDriver - ok
22:00:42.0185 1856  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:00:42.0195 1856  iphlpsvc - ok
22:00:42.0221 1856  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:00:42.0226 1856  IPMIDRV - ok
22:00:42.0249 1856  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:00:42.0283 1856  IPNAT - ok
22:00:42.0297 1856  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:00:42.0298 1856  IRENUM - ok
22:00:42.0314 1856  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:00:42.0315 1856  isapnp - ok
22:00:42.0343 1856  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:00:42.0348 1856  iScsiPrt - ok
22:00:42.0443 1856  [ 0D2DA1C6D8ED85F51E3758EAE22455F2 ] JMB36X          C:\Windows\SysWOW64\XSrvSetup.exe
22:00:42.0447 1856  JMB36X - ok
22:00:42.0478 1856  [ C0D9BA660A41EE8A269EF804E6CD0D7B ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
22:00:42.0481 1856  JRAID - ok
22:00:42.0501 1856  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:00:42.0503 1856  kbdclass - ok
22:00:42.0529 1856  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:00:42.0530 1856  kbdhid - ok
22:00:42.0548 1856  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
22:00:42.0551 1856  KeyIso - ok
22:00:42.0586 1856  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:00:42.0588 1856  KSecDD - ok
22:00:42.0603 1856  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:00:42.0605 1856  KSecPkg - ok
22:00:42.0624 1856  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:00:42.0625 1856  ksthunk - ok
22:00:42.0653 1856  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:00:42.0661 1856  KtmRm - ok
22:00:42.0714 1856  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
22:00:42.0721 1856  LanmanServer - ok
22:00:42.0758 1856  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:00:42.0765 1856  LanmanWorkstation - ok
22:00:42.0848 1856  [ 4B142775DAD98274C58F3B5893376C20 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
22:00:42.0848 1856  LightScribeService - ok
22:00:42.0882 1856  [ 955982BF4421B77722196552B62E8DC2 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
22:00:42.0926 1856  lirsgt - ok
22:00:42.0950 1856  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:00:42.0967 1856  lltdio - ok
22:00:42.0991 1856  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:00:42.0993 1856  lltdsvc - ok
22:00:43.0008 1856  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:00:43.0010 1856  lmhosts - ok
22:00:43.0017 1856  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:00:43.0033 1856  LSI_FC - ok
22:00:43.0038 1856  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:00:43.0054 1856  LSI_SAS - ok
22:00:43.0058 1856  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:00:43.0058 1856  LSI_SAS2 - ok
22:00:43.0074 1856  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:00:43.0074 1856  LSI_SCSI - ok
22:00:43.0093 1856  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:00:43.0093 1856  luafv - ok
22:00:43.0133 1856  [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus       C:\Windows\system32\DRIVERS\MarvinBus64.sys
22:00:43.0138 1856  MarvinBus - ok
22:00:43.0189 1856  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:00:43.0193 1856  Mcx2Svc - ok
22:00:43.0202 1856  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:00:43.0252 1856  megasas - ok
22:00:43.0260 1856  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:00:43.0262 1856  MegaSR - ok
22:00:43.0386 1856  [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2012_64 D:\Programy\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
22:00:43.0388 1856  mi-raysat_3dsmax2012_64 - ok
22:00:43.0398 1856  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
22:00:43.0402 1856  MMCSS - ok
22:00:43.0422 1856  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
22:00:43.0424 1856  Modem - ok
22:00:43.0451 1856  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:00:43.0452 1856  monitor - ok
22:00:43.0489 1856  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:00:43.0491 1856  mouclass - ok
22:00:43.0503 1856  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:00:43.0506 1856  mouhid - ok
22:00:43.0546 1856  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:00:43.0574 1856  mountmgr - ok
22:00:43.0614 1856  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:00:43.0615 1856  MozillaMaintenance - ok
22:00:43.0653 1856  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:00:43.0656 1856  mpio - ok
22:00:43.0666 1856  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:00:43.0694 1856  mpsdrv - ok
22:00:43.0738 1856  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:00:43.0744 1856  MpsSvc - ok
22:00:43.0765 1856  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:00:43.0766 1856  MRxDAV - ok
22:00:43.0790 1856  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:00:43.0791 1856  mrxsmb - ok
22:00:43.0823 1856  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:00:43.0828 1856  mrxsmb10 - ok
22:00:43.0840 1856  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:00:43.0843 1856  mrxsmb20 - ok
22:00:43.0852 1856  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:00:43.0854 1856  msahci - ok
22:00:43.0867 1856  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:00:43.0868 1856  msdsm - ok
22:00:43.0880 1856  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
22:00:43.0882 1856  MSDTC - ok
22:00:43.0890 1856  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:00:43.0891 1856  Msfs - ok
22:00:43.0905 1856  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:00:43.0906 1856  mshidkmdf - ok
22:00:43.0918 1856  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:00:43.0919 1856  msisadrv - ok
22:00:43.0947 1856  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:00:43.0949 1856  MSiSCSI - ok
22:00:43.0952 1856  msiserver - ok
22:00:43.0975 1856  MSI_MSIBIOS_010507 - ok
22:00:43.0996 1856  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:00:43.0998 1856  MSKSSRV - ok
22:00:44.0006 1856  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:00:44.0007 1856  MSPCLOCK - ok
22:00:44.0018 1856  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:00:44.0018 1856  MSPQM - ok
22:00:44.0041 1856  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:00:44.0044 1856  MsRPC - ok
22:00:44.0050 1856  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:00:44.0051 1856  mssmbios - ok
22:00:44.0117 1856  MSSQL$SQLEXPRESS - ok
22:00:44.0181 1856  [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
22:00:44.0185 1856  MSSQLServerADHelper100 - ok
22:00:44.0202 1856  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:00:44.0204 1856  MSTEE - ok
22:00:44.0355 1856  [ 0F4DD44765A7D23E0CD9965EE900558F ] msvsmon90       C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
22:00:44.0393 1856  msvsmon90 - ok
22:00:44.0405 1856  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:00:44.0406 1856  MTConfig - ok
22:00:44.0409 1856  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:00:44.0409 1856  Mup - ok
22:00:44.0440 1856  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
22:00:44.0444 1856  napagent - ok
22:00:44.0476 1856  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:00:44.0478 1856  NativeWifiP - ok
22:00:44.0511 1856  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:00:44.0525 1856  NDIS - ok
22:00:44.0541 1856  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:00:44.0542 1856  NdisCap - ok
22:00:44.0556 1856  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:00:44.0556 1856  NdisTapi - ok
22:00:44.0582 1856  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:00:44.0584 1856  Ndisuio - ok
22:00:44.0614 1856  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:00:44.0616 1856  NdisWan - ok
22:00:44.0638 1856  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:00:44.0691 1856  NDProxy - ok
22:00:44.0704 1856  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:00:44.0721 1856  NetBIOS - ok
22:00:44.0753 1856  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:00:44.0770 1856  NetBT - ok
22:00:44.0779 1856  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
22:00:44.0780 1856  Netlogon - ok
22:00:44.0830 1856  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
22:00:44.0839 1856  Netman - ok
22:00:44.0906 1856  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:00:44.0909 1856  NetMsmqActivator - ok
22:00:44.0939 1856  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:00:44.0942 1856  NetPipeActivator - ok
22:00:44.0960 1856  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
22:00:44.0971 1856  netprofm - ok
22:00:44.0978 1856  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:00:44.0979 1856  NetTcpActivator - ok
22:00:44.0983 1856  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:00:44.0984 1856  NetTcpPortSharing - ok
22:00:44.0998 1856  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:00:44.0998 1856  nfrd960 - ok
22:00:45.0047 1856  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:00:45.0054 1856  NlaSvc - ok
22:00:45.0063 1856  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:00:45.0065 1856  Npfs - ok
22:00:45.0082 1856  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
22:00:45.0086 1856  nsi - ok
22:00:45.0094 1856  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:00:45.0110 1856  nsiproxy - ok
22:00:45.0189 1856  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:00:45.0213 1856  Ntfs - ok
22:00:45.0225 1856  NTIOLib_1_0_4 - ok
22:00:45.0245 1856  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
22:00:45.0245 1856  Null - ok
22:00:45.0278 1856  [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
22:00:45.0280 1856  nusb3hub - ok
22:00:45.0313 1856  [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
22:00:45.0317 1856  nusb3xhc - ok
22:00:45.0363 1856  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:00:45.0399 1856  nvraid - ok
22:00:45.0416 1856  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:00:45.0418 1856  nvstor - ok
22:00:45.0439 1856  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:00:45.0440 1856  nv_agp - ok
22:00:45.0543 1856  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:00:45.0549 1856  odserv - ok
22:00:45.0579 1856  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:00:45.0580 1856  ohci1394 - ok
22:00:45.0612 1856  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:00:45.0615 1856  ose - ok
22:00:45.0662 1856  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:00:45.0667 1856  p2pimsvc - ok
22:00:45.0703 1856  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:00:45.0713 1856  p2psvc - ok
22:00:45.0740 1856  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:00:45.0756 1856  Parport - ok
22:00:45.0791 1856  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:00:45.0793 1856  partmgr - ok
22:00:45.0805 1856  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:00:45.0811 1856  PcaSvc - ok
22:00:45.0829 1856  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
22:00:45.0832 1856  pci - ok
22:00:45.0841 1856  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
22:00:45.0878 1856  pciide - ok
22:00:45.0896 1856  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:00:45.0898 1856  pcmcia - ok
22:00:45.0902 1856  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:00:45.0903 1856  pcw - ok
22:00:45.0975 1856  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:00:45.0988 1856  PEAUTH - ok
22:00:46.0139 1856  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:00:46.0145 1856  PeerDistSvc - ok
22:00:46.0212 1856  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:00:46.0216 1856  PerfHost - ok
22:00:46.0291 1856  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
22:00:46.0303 1856  pla - ok
22:00:46.0351 1856  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:00:46.0355 1856  PlugPlay - ok
22:00:46.0378 1856  PnkBstrA - ok
22:00:46.0413 1856  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:00:46.0416 1856  PNRPAutoReg - ok
22:00:46.0534 1856  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:00:46.0536 1856  PNRPsvc - ok
22:00:46.0616 1856  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:00:46.0619 1856  PolicyAgent - ok
22:00:46.0643 1856  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
22:00:46.0645 1856  Power - ok
22:00:46.0672 1856  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:00:46.0702 1856  PptpMiniport - ok
22:00:46.0734 1856  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:00:46.0734 1856  Processor - ok
22:00:46.0868 1856  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:00:46.0870 1856  ProfSvc - ok
22:00:46.0902 1856  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:00:46.0903 1856  ProtectedStorage - ok
22:00:46.0998 1856  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:00:46.0999 1856  Psched - ok
22:00:47.0072 1856  [ DA3964D8FB8798DC741ABACA9ED1B99D ] pwdrvio         C:\Windows\system32\pwdrvio.sys
22:00:47.0084 1856  pwdrvio - ok
22:00:47.0181 1856  [ A55ED5A63D0178A41EA05AC50A60F89A ] pwdspio         C:\Windows\system32\pwdspio.sys
22:00:47.0183 1856  pwdspio - ok
22:00:47.0468 1856  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:00:47.0474 1856  ql2300 - ok
22:00:47.0523 1856  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:00:47.0523 1856  ql40xx - ok
22:00:47.0615 1856  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
22:00:47.0617 1856  QWAVE - ok
22:00:47.0624 1856  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:00:47.0625 1856  QWAVEdrv - ok
22:00:47.0647 1856  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:00:47.0657 1856  RasAcd - ok
22:00:48.0075 1856  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:00:48.0076 1856  RasAgileVpn - ok
22:00:48.0128 1856  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
22:00:48.0130 1856  RasAuto - ok
22:00:48.0152 1856  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:00:48.0173 1856  Rasl2tp - ok
22:00:48.0208 1856  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
22:00:48.0211 1856  RasMan - ok
22:00:48.0239 1856  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:00:48.0240 1856  RasPppoe - ok
22:00:48.0257 1856  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:00:48.0268 1856  RasSstp - ok
22:00:48.0309 1856  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:00:48.0310 1856  rdbss - ok
22:00:48.0319 1856  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:00:48.0320 1856  rdpbus - ok
22:00:48.0333 1856  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:00:48.0334 1856  RDPCDD - ok
22:00:48.0361 1856  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:00:48.0381 1856  RDPDR - ok
22:00:48.0385 1856  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:00:48.0386 1856  RDPENCDD - ok
22:00:48.0414 1856  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:00:48.0415 1856  RDPREFMP - ok
22:00:48.0435 1856  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:00:48.0436 1856  RDPWD - ok
22:00:48.0455 1856  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:00:48.0463 1856  rdyboost - ok
22:00:48.0504 1856  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:00:48.0505 1856  RemoteAccess - ok
22:00:48.0515 1856  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:00:48.0517 1856  RemoteRegistry - ok
22:00:48.0524 1856  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:00:48.0526 1856  RpcEptMapper - ok
22:00:48.0537 1856  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
22:00:48.0538 1856  RpcLocator - ok
22:00:48.0566 1856  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
22:00:48.0569 1856  RpcSs - ok
22:00:48.0612 1856  [ C9FE05A63C500ABE3AFA5786504C4D36 ] RsFx0105        C:\Windows\system32\DRIVERS\RsFx0105.sys
22:00:48.0613 1856  RsFx0105 - ok
22:00:48.0618 1856  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:00:48.0628 1856  rspndr - ok
22:00:48.0660 1856  [ 116D03E901246AC7AF006121E1E22842 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
22:00:48.0661 1856  RTHDMIAzAudService - ok
22:00:48.0700 1856  [ 7F4F11527AF5A7E4526CB6A146B3E40C ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:00:48.0703 1856  RTL8167 - ok
22:00:48.0738 1856  [ 2B38C905492F36FE42B59DA52D6B4EB7 ] RtNdPt60        C:\Windows\system32\DRIVERS\RtNdPt60.sys
22:00:48.0738 1856  RtNdPt60 - ok
22:00:48.0749 1856  [ 8DF706A5A12A4832A3291A1FF26A7CC1 ] RTTEAMPT        C:\Windows\system32\DRIVERS\RtTeam60.sys
22:00:48.0762 1856  RTTEAMPT - ok
22:00:48.0775 1856  [ ED0624ED83121E1BC141F49B1316CAA0 ] RTVLANPT        C:\Windows\system32\DRIVERS\RtVlan620.sys
22:00:48.0776 1856  RTVLANPT - ok
22:00:48.0792 1856  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:00:48.0792 1856  s3cap - ok
22:00:48.0808 1856  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
22:00:48.0809 1856  SamSs - ok
22:00:48.0835 1856  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:00:48.0835 1856  sbp2port - ok
22:00:48.0848 1856  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:00:48.0856 1856  SCardSvr - ok
22:00:48.0896 1856  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:00:48.0898 1856  scfilter - ok
22:00:48.0942 1856  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
22:00:48.0963 1856  Schedule - ok
22:00:48.0989 1856  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:00:48.0990 1856  SCPolicySvc - ok
22:00:49.0018 1856  [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
22:00:49.0020 1856  ScreamBAudioSvc - ok
22:00:49.0061 1856  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:00:49.0068 1856  SDRSVC - ok
22:00:49.0097 1856  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:00:49.0097 1856  secdrv - ok
22:00:49.0136 1856  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
22:00:49.0140 1856  seclogon - ok
22:00:49.0149 1856  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
22:00:49.0154 1856  SENS - ok
22:00:49.0168 1856  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:00:49.0174 1856  SensrSvc - ok
22:00:49.0195 1856  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:00:49.0195 1856  Serenum - ok
22:00:49.0200 1856  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:00:49.0201 1856  Serial - ok
22:00:49.0216 1856  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:00:49.0217 1856  sermouse - ok
22:00:49.0248 1856  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:00:49.0251 1856  SessionEnv - ok
22:00:49.0263 1856  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:00:49.0264 1856  sffdisk - ok
22:00:49.0273 1856  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:00:49.0288 1856  sffp_mmc - ok
22:00:49.0308 1856  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:00:49.0309 1856  sffp_sd - ok
22:00:49.0330 1856  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:00:49.0331 1856  sfloppy - ok
22:00:49.0365 1856  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:00:49.0373 1856  SharedAccess - ok
22:00:49.0416 1856  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:00:49.0426 1856  ShellHWDetection - ok
22:00:49.0439 1856  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:00:49.0441 1856  SiSRaid2 - ok
22:00:49.0450 1856  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:00:49.0452 1856  SiSRaid4 - ok
22:00:49.0556 1856  SkypeUpdate - ok
22:00:49.0577 1856  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:00:49.0582 1856  Smb - ok
22:00:49.0600 1856  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:00:49.0604 1856  SNMPTRAP - ok
22:00:49.0663 1856  [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
22:00:49.0666 1856  Sony PC Companion - ok
22:00:49.0703 1856  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
22:00:49.0706 1856  speedfan - ok
22:00:49.0731 1856  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:00:49.0732 1856  spldr - ok
22:00:49.0790 1856  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
22:00:49.0801 1856  Spooler - ok
22:00:49.0902 1856  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
22:00:49.0924 1856  sppsvc - ok
22:00:49.0954 1856  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:00:49.0959 1856  sppuinotify - ok
22:00:50.0097 1856  [ 45E65FB17A4CD5FACBD3CA16C8334C82 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
22:00:50.0103 1856  SQLAgent$SQLEXPRESS - ok
22:00:50.0159 1856  [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:00:50.0164 1856  SQLBrowser - ok
22:00:50.0203 1856  [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:00:50.0206 1856  SQLWriter - ok
22:00:50.0250 1856  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:00:50.0258 1856  srv - ok
22:00:50.0317 1856  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:00:50.0352 1856  srv2 - ok
22:00:50.0388 1856  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:00:50.0389 1856  srvnet - ok
22:00:50.0415 1856  [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
22:00:50.0417 1856  sscdbus - ok
22:00:50.0439 1856  [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
22:00:50.0439 1856  sscdmdfl - ok
22:00:50.0491 1856  [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
22:00:50.0492 1856  sscdmdm - ok
22:00:50.0527 1856  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:00:50.0534 1856  SSDPSRV - ok
22:00:50.0544 1856  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:00:50.0550 1856  SstpSvc - ok
22:00:50.0565 1856  StarOpen - ok
22:00:50.0584 1856  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:00:50.0584 1856  stexstor - ok
22:00:50.0636 1856  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
22:00:50.0648 1856  stisvc - ok
22:00:50.0701 1856  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:00:50.0703 1856  storflt - ok
22:00:50.0743 1856  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
22:00:50.0747 1856  StorSvc - ok
22:00:50.0756 1856  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:00:50.0757 1856  storvsc - ok
22:00:50.0766 1856  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:00:50.0767 1856  swenum - ok
22:00:50.0885 1856  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:00:50.0893 1856  SwitchBoard - ok
22:00:50.0933 1856  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
22:00:50.0946 1856  swprv - ok
22:00:51.0006 1856  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
22:00:51.0017 1856  SysMain - ok
22:00:51.0047 1856  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:00:51.0049 1856  TabletInputService - ok
22:00:51.0077 1856  [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
22:00:51.0078 1856  tap0901t - ok
22:00:51.0128 1856  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:00:51.0136 1856  TapiSrv - ok
22:00:51.0146 1856  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
22:00:51.0153 1856  TBS - ok
22:00:51.0221 1856  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:00:51.0232 1856  Tcpip - ok
22:00:51.0278 1856  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:00:51.0286 1856  TCPIP6 - ok
22:00:51.0304 1856  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:00:51.0304 1856  tcpipreg - ok
22:00:51.0332 1856  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:00:51.0332 1856  TDPIPE - ok
22:00:51.0361 1856  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:00:51.0362 1856  TDTCP - ok
22:00:51.0392 1856  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:00:51.0395 1856  tdx - ok
22:00:51.0421 1856  [ 8DF706A5A12A4832A3291A1FF26A7CC1 ] TEAM            C:\Windows\system32\DRIVERS\RtTeam60.sys
22:00:51.0422 1856  TEAM - ok
22:00:51.0552 1856  [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
22:00:51.0573 1856  TeamViewer8 - ok
22:00:51.0605 1856  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:00:51.0607 1856  TermDD - ok
22:00:51.0640 1856  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
22:00:51.0653 1856  TermService - ok
22:00:51.0710 1856  [ CE4B6956E4E12492715A53076E58761F ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys
22:00:51.0711 1856  TFsExDisk - ok
22:00:51.0757 1856  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
22:00:51.0763 1856  Themes - ok
22:00:51.0806 1856  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:00:51.0810 1856  THREADORDER - ok
22:00:51.0823 1856  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
22:00:51.0829 1856  TrkWks - ok
22:00:51.0914 1856  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:00:51.0918 1856  TrustedInstaller - ok
22:00:51.0952 1856  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:00:51.0953 1856  tssecsrv - ok
22:00:51.0970 1856  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:00:52.0015 1856  TsUsbFlt - ok
22:00:52.0018 1856  TuneUpUtilitiesDrv - ok
22:00:52.0062 1856  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:00:52.0078 1856  tunnel - ok
22:00:52.0236 1856  [ 0D8E46C7CBB2728ACCC54619A68FBB7B ] TunngleService  D:\Programy\Tunngle\TnglCtrl.exe
22:00:52.0239 1856  TunngleService - ok
22:00:52.0275 1856  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:00:52.0286 1856  uagp35 - ok
22:00:52.0328 1856  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:00:52.0330 1856  udfs - ok
22:00:52.0370 1856  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:00:52.0371 1856  UI0Detect - ok
22:00:52.0428 1856  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:00:52.0428 1856  uliagpkx - ok
22:00:52.0607 1856  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
22:00:52.0607 1856  umbus - ok
22:00:52.0640 1856  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:00:52.0640 1856  UmPass - ok
22:00:52.0670 1856  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
22:00:52.0672 1856  UmRdpService - ok
22:00:52.0702 1856  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
22:00:52.0705 1856  upnphost - ok
22:00:52.0851 1856  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:00:52.0852 1856  usbaudio - ok
22:00:52.0898 1856  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:00:52.0899 1856  usbccgp - ok
22:00:52.0946 1856  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:00:52.0949 1856  usbcir - ok
22:00:52.0990 1856  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:00:52.0992 1856  usbehci - ok
22:00:53.0058 1856  [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
22:00:53.0060 1856  usbfilter - ok
22:00:53.0160 1856  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:00:53.0162 1856  usbhub - ok
22:00:53.0188 1856  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
22:00:53.0188 1856  usbohci - ok
22:00:53.0237 1856  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:00:53.0237 1856  usbprint - ok
22:00:53.0251 1856  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:00:53.0252 1856  USBSTOR - ok
22:00:53.0280 1856  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:00:53.0281 1856  usbuhci - ok
22:00:53.0347 1856  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
22:00:53.0348 1856  usbvideo - ok
22:00:53.0383 1856  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
22:00:53.0386 1856  UxSms - ok
22:00:53.0404 1856  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
22:00:53.0405 1856  VaultSvc - ok
22:00:53.0474 1856  [ 72EC34F9999A5A48CFD43F5E6BD779E4 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
22:00:53.0476 1856  VBoxDrv - ok
22:00:53.0580 1856  [ A2FE818D7F930C51ADA37C04DBCB015D ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:00:53.0581 1856  VBoxNetAdp - ok
22:00:53.0644 1856  [ CD37A9264C404E48BCE162D37B117B45 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
22:00:53.0647 1856  VBoxNetFlt - ok
22:00:54.0441 1856  [ F649B3D30C6F40B04BDCCD0D11A43481 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
22:00:54.0441 1856  VBoxUSBMon - ok
22:00:54.0554 1856  [ 3A4B01C2BDB07DFEF29B0B369487503A ] VCSVADHWSer     C:\Windows\system32\DRIVERS\vcsvad.sys
22:00:54.0555 1856  VCSVADHWSer - ok
22:00:54.0594 1856  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:00:54.0595 1856  vdrvroot - ok
22:00:54.0663 1856  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
22:00:54.0675 1856  vds - ok
22:00:54.0708 1856  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:00:54.0710 1856  vga - ok
22:00:54.0729 1856  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:00:54.0761 1856  VgaSave - ok
22:00:54.0797 1856  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:00:54.0799 1856  vhdmp - ok
22:00:54.0816 1856  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:00:54.0816 1856  viaide - ok
22:00:54.0857 1856  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:00:54.0858 1856  vmbus - ok
22:00:54.0878 1856  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:00:54.0878 1856  VMBusHID - ok
22:00:54.0900 1856  VMnetAdapter - ok
22:00:54.0917 1856  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:00:54.0918 1856  volmgr - ok
22:00:54.0965 1856  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:00:54.0967 1856  volmgrx - ok
22:00:55.0004 1856  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:00:55.0005 1856  volsnap - ok
22:00:55.0033 1856  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:00:55.0044 1856  vsmraid - ok
22:00:55.0100 1856  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
22:00:55.0108 1856  VSS - ok
22:00:55.0112 1856  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:00:55.0112 1856  vwifibus - ok
22:00:55.0153 1856  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
22:00:55.0163 1856  W32Time - ok
22:00:55.0196 1856  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:00:55.0196 1856  WacomPen - ok
22:00:55.0207 1856  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:00:55.0208 1856  WANARP - ok
22:00:55.0212 1856  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:00:55.0213 1856  Wanarpv6 - ok
22:00:55.0315 1856  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:00:55.0323 1856  WatAdminSvc - ok
22:00:55.0386 1856  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
22:00:55.0396 1856  wbengine - ok
22:00:55.0431 1856  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:00:55.0433 1856  WbioSrvc - ok
22:00:55.0499 1856  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:00:55.0509 1856  wcncsvc - ok
22:00:55.0524 1856  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:00:55.0531 1856  WcsPlugInService - ok
22:00:55.0537 1856  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:00:55.0538 1856  Wd - ok
22:00:55.0605 1856  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:00:55.0617 1856  Wdf01000 - ok
22:00:55.0627 1856  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:00:55.0630 1856  WdiServiceHost - ok
22:00:55.0634 1856  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:00:55.0636 1856  WdiSystemHost - ok
22:00:55.0655 1856  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
22:00:55.0658 1856  WebClient - ok
22:00:55.0685 1856  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:00:55.0687 1856  Wecsvc - ok
22:00:55.0709 1856  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:00:55.0710 1856  wercplsupport - ok
22:00:55.0715 1856  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:00:55.0716 1856  WerSvc - ok
22:00:55.0729 1856  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:00:55.0739 1856  WfpLwf - ok
22:00:55.0751 1856  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:00:55.0751 1856  WIMMount - ok
22:00:55.0807 1856  WinDefend - ok
22:00:55.0811 1856  WinHttpAutoProxySvc - ok
22:00:55.0943 1856  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:00:55.0944 1856  Winmgmt - ok
22:00:56.0104 1856  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
22:00:56.0118 1856  WinRM - ok
22:00:56.0176 1856  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:00:56.0187 1856  WinUsb - ok
22:00:56.0246 1856  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:00:56.0252 1856  Wlansvc - ok
22:00:56.0422 1856  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:00:56.0442 1856  wlidsvc - ok
22:00:56.0611 1856  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:00:56.0611 1856  WmiAcpi - ok
22:00:56.0644 1856  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:00:56.0645 1856  wmiApSrv - ok
22:00:56.0691 1856  WMPNetworkSvc - ok
22:00:56.0718 1856  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:00:56.0724 1856  WPCSvc - ok
22:00:56.0769 1856  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:00:56.0776 1856  WPDBusEnum - ok
22:00:56.0803 1856  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:00:56.0804 1856  ws2ifsl - ok
22:00:56.0851 1856  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
22:00:56.0854 1856  wscsvc - ok
22:00:56.0857 1856  WSearch - ok
22:00:57.0042 1856  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:00:57.0071 1856  wuauserv - ok
22:00:57.0134 1856  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:00:57.0134 1856  WudfPf - ok
22:00:57.0226 1856  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:00:57.0228 1856  WUDFRd - ok
22:00:57.0271 1856  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:00:57.0274 1856  wudfsvc - ok
22:00:57.0330 1856  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:00:57.0339 1856  WwanSvc - ok
22:00:57.0379 1856  ================ Scan global ===============================
22:00:57.0432 1856  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:00:57.0521 1856  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
22:00:57.0546 1856  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
22:00:57.0593 1856  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:00:57.0637 1856  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:00:57.0645 1856  [Global] - ok
22:00:57.0646 1856  ================ Scan MBR ==================================
22:00:57.0654 1856  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:00:58.0734 1856  \Device\Harddisk0\DR0 - ok
22:00:58.0734 1856  ================ Scan VBR ==================================
22:00:58.0751 1856  [ A011E405CA7F215435F18711662D6E99 ] \Device\Harddisk0\DR0\Partition1
22:00:58.0772 1856  \Device\Harddisk0\DR0\Partition1 - ok
22:00:58.0796 1856  [ D709AA9E2FFAFE7C8BD1B42F35F2BE2C ] \Device\Harddisk0\DR0\Partition2
22:00:58.0815 1856  \Device\Harddisk0\DR0\Partition2 - ok
22:00:58.0834 1856  [ A326D49B2A8936820FCF5D0085448ACE ] \Device\Harddisk0\DR0\Partition3
22:00:58.0846 1856  \Device\Harddisk0\DR0\Partition3 - ok
22:00:58.0847 1856  ============================================================
22:00:58.0847 1856  Scan finished
22:00:58.0847 1856  ============================================================
22:00:58.0853 2932  Detected object count: 0
22:00:58.0853 2932  Actual detected object count: 0

pingy od 11ms-20ms , občas výpadek....

siricz · #5 Příspěvek od **siricz** » 27 pro 2012 22:20

vypadek jen ojediněle cca 1x za 15-20 pingnutí... chvíli bez výpadku a pak o5

VIRY.CZ

Kontrola logu z Combofixu + případná pomoc

Kontrola logu z Combofixu + případná pomoc

Re: Kontrola logu z Combofixu + případná pomoc

Re: Kontrola logu z Combofixu + případná pomoc

Re: Kontrola logu z Combofixu + případná pomoc

Re: Kontrola logu z Combofixu + případná pomoc