Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Rootkit

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Rootkit

#1 Příspěvek od BattleMaster33 »

Dobrý den,
mám podezření (tedy téměř jistotu), že mám v počítači rootkit. Bohužel nevím, jak s ním bojovat. Používám antivir F-Secure, který ho při běžné kontrole neodhalí. Občas mi však při spouštění počítače naskočí hláška, že byl nalezen nebezpečný kód v hlavním zaváděcím zařízení (MBRx80 tuším) a že zdrojem je Rootkit.MBR.Mebroot.B. Zatím jsem zkoušel jeden antirootkit, ale ten mi nepomohl. Mohli byste mi prosím poradit, jak mám nejvhodněji postupovat, abych se toho hajzlí** zbavil? Dostal jsem radu, že bych mohl nechat systém nabootovat z CD, na kterém je distribuce Linuxu a Kaspersy A-V, který by se s tím měl umět poprat. Děkuji za každou radu! :)
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#2 Příspěvek od BattleMaster33 »

Tuším, že šlo o Malwarebytes, výpis z logu jsem nepořídil.
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#3 Příspěvek od BattleMaster33 »

Při kontrole jsem nechal puštěný chrome a počítač mi úplně zamrzl...jdu to zkusit znovu. Jo a mám ještě jeden problém...při spuštění chromu mi antivir hlásí, že byl nalezen vir a odstraňuje se, poté mi to nahlásí, že vir byl odstraněn, ale k dokončení čištění je třeba restartovat počítač --> restartuju, spustím chrom a děje se to samé...nevíte co s tím?
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#4 Příspěvek od BattleMaster33 »

Jo, vím, že to jede nad OS a proto je to na to krátký. Opět jsem zkusil dát "report" a počítač opět zamrzl. Mám to zkoušet dál, nebo mám něco udělat jinak?
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#5 Příspěvek od BattleMaster33 »

Podařilo se:

RogueKiller V8.4.3 [Feb 1 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Vláďa [Práva správce]
Mód : Kontrola -- Datum : 02/01/2013 16:04:45
| ARK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[47] : unknown @ 0x805C75F6 -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB4148CD6)
SSDT[48] : unknown @ 0x805C7540 -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB4148CF0)
SSDT[53] : NtCreateThread @ 0x805C73DE -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB4147E8C)
SSDT[97] : NtLoadDriver @ 0x80579714 -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB41481BC)
SSDT[108] : NtMapViewOfSection @ 0x805A762E -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB4147BCC)
SSDT[125] : NtOpenSection @ 0x8059F8B6 -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB41485EE)
SSDT[192] : NtRenameKey @ 0x8061A7A8 -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB414988C)
SSDT[240] : NtSetSystemInformation @ 0x8060697A -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB414843E)
SSDT[253] : NtSuspendProcess @ 0x805CAF28 -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB4147A4C)
SSDT[254] : NtSuspendThread @ 0x805CAD9A -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB4147EC0)
SSDT[255] : NtSystemDebugControl @ 0x8060ECD0 -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB4148042)
SSDT[257] : NtTerminateProcess @ 0x805C86EA -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB41479A6)
SSDT[258] : NtTerminateThread @ 0x805C88E4 -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB4147B06)
SSDT[277] : NtWriteVirtualMemory @ 0x805A99CE -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB4147F86)
S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (\??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys @ 0xB414A646)

¤¤¤ Nákaza : Root.MBR ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST3320620AS +++++
--- User ---
[MBR] ad195511f23cc4f8590b39c039ac1e6c
[BSP] c362fe2232ac389af5f3681b69939f01 : Whistler/Sinowal MBR Code!
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305242 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_02012013_02d1604.txt >>
RKreport[1]_S_02012013_02d1604.txt
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#6 Příspěvek od BattleMaster33 »

Tak tady to je: (omlouvám se, že píšu až dnes, včera jsem už nebyl na PC)

12:32:12.0781 5472 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:32:13.0484 5472 ============================================================
12:32:13.0484 5472 Current date / time: 2013/02/02 12:32:13.0484
12:32:13.0484 5472 SystemInfo:
12:32:13.0484 5472
12:32:13.0484 5472 OS Version: 5.1.2600 ServicePack: 3.0
12:32:13.0484 5472 Product type: Workstation
12:32:13.0484 5472 ComputerName: KOCIANOVI
12:32:13.0484 5472 UserName: Vláďa
12:32:13.0484 5472 Windows directory: C:\WINDOWS
12:32:13.0484 5472 System windows directory: C:\WINDOWS
12:32:13.0484 5472 Processor architecture: Intel x86
12:32:13.0484 5472 Number of processors: 1
12:32:13.0484 5472 Page size: 0x1000
12:32:13.0484 5472 Boot type: Normal boot
12:32:13.0484 5472 ============================================================
12:32:13.0843 5472 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:32:13.0843 5472 ============================================================
12:32:13.0843 5472 \Device\Harddisk0\DR0:
12:32:13.0859 5472 MBR partitions:
12:32:13.0859 5472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
12:32:13.0859 5472 ============================================================
12:32:13.0875 5472 C: <-> \Device\Harddisk0\DR0\Partition1
12:32:13.0875 5472 ============================================================
12:32:13.0875 5472 Initialize success
12:32:13.0875 5472 ============================================================
12:32:50.0968 0800 ============================================================
12:32:50.0968 0800 Scan started
12:32:50.0968 0800 Mode: Manual; SigCheck; TDLFS;
12:32:50.0968 0800 ============================================================
12:32:51.0078 0800 ================ Scan system memory ========================
12:32:53.0000 0800 System memory - ok
12:32:53.0015 0800 ================ Scan services =============================
12:32:53.0109 0800 0zx_fqi6i.sys - ok
12:32:53.0109 0800 Abiosdsk - ok
12:32:53.0109 0800 abp480n5 - ok
12:32:53.0171 0800 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:32:53.0546 0800 ACPI - ok
12:32:53.0562 0800 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
12:32:53.0703 0800 ACPIEC - ok
12:32:53.0703 0800 adpu160m - ok
12:32:53.0750 0800 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
12:32:53.0937 0800 aec - ok
12:32:53.0968 0800 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:32:54.0171 0800 AFD - ok
12:32:54.0187 0800 Aha154x - ok
12:32:54.0187 0800 aic78u2 - ok
12:32:54.0187 0800 aic78xx - ok
12:32:54.0218 0800 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:32:54.0375 0800 Alerter - ok
12:32:54.0390 0800 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
12:32:54.0562 0800 ALG - ok
12:32:54.0562 0800 AliIde - ok
12:32:54.0593 0800 [ FCFFA85CFD4BF7A4711012847048DCA3 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
12:32:54.0671 0800 AmdK8 - ok
12:32:54.0671 0800 amsint - ok
12:32:54.0687 0800 AppMgmt - ok
12:32:54.0703 0800 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:32:54.0859 0800 Arp1394 - ok
12:32:54.0890 0800 [ 23020385D34E35DFC2D6503FA67D3FFC ] AsAudioDevice_351 C:\WINDOWS\system32\drivers\AsAudioDevice_351.sys
12:32:54.0921 0800 AsAudioDevice_351 ( UnsignedFile.Multi.Generic ) - warning
12:32:54.0921 0800 AsAudioDevice_351 - detected UnsignedFile.Multi.Generic (1)
12:32:54.0921 0800 asc - ok
12:32:54.0937 0800 asc3350p - ok
12:32:54.0937 0800 asc3550 - ok
12:32:55.0046 0800 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:32:55.0140 0800 aspnet_state - ok
12:32:55.0171 0800 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:32:55.0296 0800 AsyncMac - ok
12:32:55.0312 0800 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:32:55.0578 0800 atapi - ok
12:32:55.0593 0800 Atdisk - ok
12:32:55.0640 0800 [ 3C4B9850A2631C2263507400D029057B ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
12:32:55.0781 0800 atksgt - ok
12:32:55.0843 0800 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:32:55.0984 0800 Atmarpc - ok
12:32:56.0015 0800 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:32:56.0171 0800 AudioSrv - ok
12:32:56.0234 0800 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:32:56.0375 0800 audstub - ok
12:32:56.0421 0800 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:32:56.0625 0800 Beep - ok
12:32:56.0671 0800 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
12:32:56.0890 0800 BITS - ok
12:32:56.0921 0800 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
12:32:56.0984 0800 Browser - ok
12:32:57.0015 0800 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:32:57.0187 0800 cbidf2k - ok
12:32:57.0234 0800 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:32:57.0265 0800 CCDECODE - ok
12:32:57.0265 0800 cd20xrnt - ok
12:32:57.0296 0800 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:32:57.0546 0800 Cdaudio - ok
12:32:57.0593 0800 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:32:57.0718 0800 Cdfs - ok
12:32:57.0750 0800 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:32:57.0906 0800 Cdrom - ok
12:32:57.0906 0800 Changer - ok
12:32:57.0937 0800 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:32:58.0078 0800 CiSvc - ok
12:32:58.0093 0800 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:32:58.0328 0800 ClipSrv - ok
12:32:58.0359 0800 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:32:58.0453 0800 clr_optimization_v2.0.50727_32 - ok
12:32:58.0484 0800 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:32:58.0531 0800 clr_optimization_v4.0.30319_32 - ok
12:32:58.0546 0800 CmdIde - ok
12:32:58.0546 0800 COMSysApp - ok
12:32:58.0562 0800 Cpqarray - ok
12:32:58.0593 0800 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:32:58.0734 0800 CryptSvc - ok
12:32:58.0734 0800 dac2w2k - ok
12:32:58.0750 0800 dac960nt - ok
12:32:58.0781 0800 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:32:58.0906 0800 DcomLaunch - ok
12:32:58.0953 0800 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:32:59.0109 0800 Dhcp - ok
12:32:59.0125 0800 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:32:59.0281 0800 Disk - ok
12:32:59.0296 0800 dmadmin - ok
12:32:59.0328 0800 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:32:59.0546 0800 dmboot - ok
12:32:59.0578 0800 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:32:59.0750 0800 dmio - ok
12:32:59.0765 0800 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:32:59.0968 0800 dmload - ok
12:33:00.0000 0800 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
12:33:00.0156 0800 dmserver - ok
12:33:00.0187 0800 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:33:00.0359 0800 DMusic - ok
12:33:00.0390 0800 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:33:00.0453 0800 Dnscache - ok
12:33:00.0484 0800 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
12:33:00.0671 0800 Dot3svc - ok
12:33:00.0671 0800 dpti2o - ok
12:33:00.0703 0800 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:33:00.0828 0800 drmkaud - ok
12:33:00.0828 0800 EagleNT - ok
12:33:00.0843 0800 EagleXNt - ok
12:33:00.0859 0800 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:33:01.0000 0800 EapHost - ok
12:33:01.0031 0800 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:33:01.0171 0800 ERSvc - ok
12:33:01.0203 0800 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
12:33:01.0296 0800 Eventlog - ok
12:33:01.0328 0800 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
12:33:01.0437 0800 EventSystem - ok
12:33:01.0625 0800 [ 7CE0422451C4B05A14B642680F525C69 ] F-Secure Gatekeeper C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys
12:33:01.0703 0800 F-Secure Gatekeeper - ok
12:33:01.0718 0800 [ A9BE66E05254B20DF82E0F7CDDECA7DD ] F-Secure Gatekeeper Handler Starter C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
12:33:01.0796 0800 F-Secure Gatekeeper Handler Starter - ok
12:33:01.0890 0800 [ F5ACA65237C7511D5803CDC5E7003D75 ] F-Secure HIPS C:\Program Files\F-Secure\HIPS\drivers\fshs.sys
12:33:01.0937 0800 F-Secure HIPS - ok
12:33:01.0968 0800 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:33:02.0156 0800 Fastfat - ok
12:33:02.0187 0800 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:33:02.0296 0800 FastUserSwitchingCompatibility - ok
12:33:02.0328 0800 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
12:33:02.0484 0800 Fdc - ok
12:33:02.0531 0800 [ B73EC688C29F81F9DA0FCF63682B3ECB ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
12:33:02.0562 0800 FilterService - ok
12:33:02.0578 0800 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:33:02.0718 0800 Fips - ok
12:33:02.0765 0800 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:33:02.0906 0800 Flpydisk - ok
12:33:02.0937 0800 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:33:03.0078 0800 FltMgr - ok
12:33:03.0156 0800 [ FACECF3F75BAF3775A879D1168402270 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:33:03.0187 0800 FontCache3.0.0.0 - ok
12:33:03.0203 0800 [ 18DA737DD5122A475DA4948ED4643675 ] fsbts C:\WINDOWS\system32\Drivers\fsbts.sys
12:33:03.0265 0800 fsbts - ok
12:33:03.0343 0800 [ 8E0BF7478CC3BAED48282ADBC97ADAFB ] FSDFWD C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
12:33:03.0484 0800 FSDFWD - ok
12:33:03.0500 0800 [ ACA3910A53A057B8C3A6EBF4EF788C7C ] FSFW C:\WINDOWS\system32\drivers\fsdfw.sys
12:33:03.0562 0800 FSFW - ok
12:33:03.0640 0800 [ 392E85687A902239C01BADDF212B1A36 ] FSMA C:\Program Files\F-Secure\Common\FSMA32.EXE
12:33:03.0734 0800 FSMA - ok
12:33:03.0796 0800 [ 42AEF6A385354ACA65FC210CE7CE4D7C ] FSORSPClient C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
12:33:03.0843 0800 FSORSPClient - ok
12:33:03.0875 0800 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:33:04.0015 0800 Fs_Rec - ok
12:33:04.0062 0800 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:33:04.0250 0800 Ftdisk - ok
12:33:04.0250 0800 GMSIPCI - ok
12:33:04.0281 0800 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:33:04.0421 0800 Gpc - ok
12:33:04.0531 0800 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:33:04.0687 0800 gupdate - ok
12:33:04.0718 0800 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:33:04.0796 0800 gupdatem - ok
12:33:04.0875 0800 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:33:04.0968 0800 gusvc - ok
12:33:04.0984 0800 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
12:33:05.0031 0800 hamachi - ok
12:33:05.0140 0800 [ 616399E27A55C97AE859230EB13984D8 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
12:33:05.0328 0800 Hamachi2Svc - ok
12:33:05.0359 0800 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:33:05.0562 0800 HDAudBus - ok
12:33:05.0625 0800 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:33:05.0734 0800 helpsvc - ok
12:33:05.0750 0800 HidServ - ok
12:33:05.0781 0800 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:33:05.0906 0800 HidUsb - ok
12:33:05.0937 0800 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
12:33:06.0078 0800 hkmsvc - ok
12:33:06.0078 0800 hpn - ok
12:33:06.0093 0800 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
12:33:06.0171 0800 HTCAND32 - ok
12:33:06.0203 0800 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
12:33:06.0234 0800 htcnprot - ok
12:33:06.0281 0800 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:33:06.0421 0800 HTTP - ok
12:33:06.0453 0800 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:33:06.0578 0800 HTTPFilter - ok
12:33:06.0578 0800 i2omgmt - ok
12:33:06.0593 0800 i2omp - ok
12:33:06.0625 0800 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:33:06.0750 0800 i8042prt - ok
12:33:06.0843 0800 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:33:06.0984 0800 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:33:06.0984 0800 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:33:07.0046 0800 [ EA7267505149B3A10DF32506A4E4E412 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:33:07.0171 0800 idsvc ( UnsignedFile.Multi.Generic ) - warning
12:33:07.0171 0800 idsvc - detected UnsignedFile.Multi.Generic (1)
12:33:07.0203 0800 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:33:07.0406 0800 Imapi - ok
12:33:07.0453 0800 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
12:33:07.0703 0800 ImapiService - ok
12:33:07.0734 0800 [ B87FC7C71632240DAC8F4D20E9CE8377 ] InCDfs C:\WINDOWS\system32\drivers\InCDfs.sys
12:33:07.0796 0800 InCDfs ( UnsignedFile.Multi.Generic ) - warning
12:33:07.0796 0800 InCDfs - detected UnsignedFile.Multi.Generic (1)
12:33:07.0812 0800 [ 2E878405128EC98886EB9C2216AC7BD6 ] InCDPass C:\WINDOWS\system32\DRIVERS\InCDPass.sys
12:33:07.0859 0800 InCDPass ( UnsignedFile.Multi.Generic ) - warning
12:33:07.0859 0800 InCDPass - detected UnsignedFile.Multi.Generic (1)
12:33:07.0875 0800 [ DDF078917A42F105385D7EB6DEBB3433 ] InCDrec C:\WINDOWS\system32\drivers\InCDrec.sys
12:33:07.0906 0800 InCDrec ( UnsignedFile.Multi.Generic ) - warning
12:33:07.0921 0800 InCDrec - detected UnsignedFile.Multi.Generic (1)
12:33:07.0921 0800 [ 7F352360E947AD2CD4BA60DE27B1A299 ] incdrm C:\WINDOWS\system32\drivers\incdrm.sys
12:33:07.0953 0800 incdrm ( UnsignedFile.Multi.Generic ) - warning
12:33:07.0953 0800 incdrm - detected UnsignedFile.Multi.Generic (1)
12:33:08.0000 0800 [ E9372A17C22FC4E5C9FD8798A97775FC ] InCDsrv C:\Program Files\Ahead\InCD\InCDsrv.exe
12:33:08.0140 0800 InCDsrv ( UnsignedFile.Multi.Generic ) - warning
12:33:08.0140 0800 InCDsrv - detected UnsignedFile.Multi.Generic (1)
12:33:08.0156 0800 ini910u - ok
12:33:08.0296 0800 [ 001AACA6ED0E6B00FC5B8FAF74977E81 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:33:08.0703 0800 IntcAzAudAddService - ok
12:33:08.0718 0800 IntelIde - ok
12:33:08.0750 0800 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
12:33:08.0875 0800 Ip6Fw - ok
12:33:08.0906 0800 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:33:09.0046 0800 IpFilterDriver - ok
12:33:09.0062 0800 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:33:09.0203 0800 IpInIp - ok
12:33:09.0250 0800 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:33:09.0453 0800 IpNat - ok
12:33:09.0484 0800 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:33:09.0734 0800 IPSec - ok
12:33:09.0765 0800 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
12:33:09.0906 0800 irda - ok
12:33:09.0921 0800 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:33:10.0078 0800 IRENUM - ok
12:33:10.0109 0800 [ 8024EA8C5B2D2A4D201F418B0AADB804 ] Irmon C:\WINDOWS\System32\irmon.dll
12:33:10.0250 0800 Irmon - ok
12:33:10.0281 0800 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
12:33:10.0343 0800 irsir - ok
12:33:10.0375 0800 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:33:10.0515 0800 isapnp - ok
12:33:10.0625 0800 [ 77AC10DB097DFD0CD3071465B644D0AB ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
12:33:10.0734 0800 JavaQuickStarterService - ok
12:33:10.0781 0800 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:33:10.0906 0800 Kbdclass - ok
12:33:10.0937 0800 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:33:11.0125 0800 kmixer - ok
12:33:11.0156 0800 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:33:11.0218 0800 KSecDD - ok
12:33:11.0250 0800 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
12:33:11.0312 0800 lanmanserver - ok
12:33:11.0359 0800 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:33:11.0531 0800 lanmanworkstation - ok
12:33:11.0531 0800 lbrtfdc - ok
12:33:11.0609 0800 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:33:11.0656 0800 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
12:33:11.0656 0800 LightScribeService - detected UnsignedFile.Multi.Generic (1)
12:33:11.0687 0800 [ 4127E8B6DDB4090E815C1F8852C277D3 ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
12:33:11.0734 0800 lirsgt - ok
12:33:11.0765 0800 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:33:11.0906 0800 LmHosts - ok
12:33:11.0937 0800 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
12:33:12.0000 0800 LVPr2Mon - ok
12:33:12.0031 0800 [ 2333057542C91AE8228BDCCC2E5F2632 ] LVPrcSrv C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
12:33:12.0125 0800 LVPrcSrv - ok
12:33:12.0156 0800 [ A1857FBB9B4930EEB2FD92386C45C529 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
12:33:12.0265 0800 LVRS - ok
12:33:12.0312 0800 [ 5F987FC1AAD215EC2C60CF07719B1CCE ] LVUSBSta C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys
12:33:12.0343 0800 LVUSBSta - ok
12:33:12.0484 0800 [ 3703406AF0726BADD24C5E552493E5B1 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
12:33:12.0781 0800 LVUVC - ok
12:33:12.0812 0800 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\WINDOWS\system32\DRIVERS\mcdbus.sys
12:33:12.0875 0800 mcdbus ( UnsignedFile.Multi.Generic ) - warning
12:33:12.0875 0800 mcdbus - detected UnsignedFile.Multi.Generic (1)
12:33:12.0906 0800 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:33:13.0031 0800 Messenger - ok
12:33:13.0109 0800 Microsoft SharePoint Workspace Audit Service - ok
12:33:13.0140 0800 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:33:13.0296 0800 mnmdd - ok
12:33:13.0328 0800 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:33:13.0500 0800 mnmsrvc - ok
12:33:13.0546 0800 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:33:13.0687 0800 Modem - ok
12:33:13.0718 0800 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:33:13.0875 0800 Mouclass - ok
12:33:13.0890 0800 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:33:14.0078 0800 mouhid - ok
12:33:14.0093 0800 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:33:14.0250 0800 MountMgr - ok
12:33:14.0250 0800 mraid35x - ok
12:33:14.0250 0800 MREMP50 - ok
12:33:14.0265 0800 MREMP50a64 - ok
12:33:14.0265 0800 MREMPR5 - ok
12:33:14.0265 0800 MRENDIS5 - ok
12:33:14.0281 0800 MRESP50 - ok
12:33:14.0281 0800 MRESP50a64 - ok
12:33:14.0312 0800 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:33:14.0484 0800 MRxDAV - ok
12:33:14.0515 0800 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:33:14.0765 0800 MRxSmb - ok
12:33:14.0812 0800 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
12:33:15.0031 0800 MSDTC - ok
12:33:15.0062 0800 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:33:15.0203 0800 Msfs - ok
12:33:15.0203 0800 MSIServer - ok
12:33:15.0250 0800 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:33:15.0390 0800 MSKSSRV - ok
12:33:15.0421 0800 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:33:15.0546 0800 MSPCLOCK - ok
12:33:15.0578 0800 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:33:15.0703 0800 MSPQM - ok
12:33:15.0734 0800 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:33:15.0875 0800 mssmbios - ok
12:33:15.0890 0800 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:33:15.0953 0800 MSTEE - ok
12:33:15.0984 0800 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:33:16.0046 0800 Mup - ok
12:33:16.0078 0800 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:33:16.0140 0800 NABTSFEC - ok
12:33:16.0156 0800 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
12:33:16.0328 0800 napagent - ok
12:33:16.0359 0800 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:33:16.0531 0800 NDIS - ok
12:33:16.0578 0800 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:33:16.0609 0800 NdisIP - ok
12:33:16.0640 0800 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:33:16.0671 0800 NdisTapi - ok
12:33:16.0703 0800 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:33:16.0843 0800 Ndisuio - ok
12:33:16.0843 0800 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:33:16.0984 0800 NdisWan - ok
12:33:17.0015 0800 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:33:17.0093 0800 NDProxy - ok
12:33:17.0125 0800 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:33:17.0281 0800 NetBIOS - ok
12:33:17.0312 0800 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:33:17.0562 0800 NetBT - ok
12:33:17.0609 0800 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
12:33:17.0828 0800 NetDDE - ok
12:33:17.0843 0800 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:33:17.0968 0800 NetDDEdsdm - ok
12:33:18.0000 0800 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:33:18.0156 0800 Netlogon - ok
12:33:18.0203 0800 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
12:33:18.0343 0800 Netman - ok
12:33:18.0390 0800 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:33:18.0437 0800 NetTcpPortSharing - ok
12:33:18.0468 0800 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:33:18.0609 0800 NIC1394 - ok
12:33:18.0640 0800 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
12:33:18.0750 0800 Nla - ok
12:33:18.0765 0800 [ 4A8A2AA0706B659175169DECF198E9D7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
12:33:18.0859 0800 nmwcd - ok
12:33:18.0875 0800 [ FD3E61831095AC62E6840D986B5A2016 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
12:33:18.0953 0800 nmwcdc - ok
12:33:18.0984 0800 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:33:19.0125 0800 Npfs - ok
12:33:19.0156 0800 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:33:19.0406 0800 Ntfs - ok
12:33:19.0437 0800 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:33:19.0546 0800 NtLmSsp - ok
12:33:19.0578 0800 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:33:19.0796 0800 NtmsSvc - ok
12:33:19.0828 0800 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:33:19.0984 0800 Null - ok
12:33:20.0125 0800 [ BA1B732C1A70CFEA0C1B64F2850BF44F ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:33:20.0500 0800 nv - ok
12:33:20.0546 0800 [ C03E15101F6D9E82CD9B0E7D715F5DE3 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
12:33:20.0578 0800 nvata - ok
12:33:20.0609 0800 [ CC34564BCA235EBAD8B308D871EFA2DF ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
12:33:20.0671 0800 NVENETFD - ok
12:33:20.0703 0800 [ 46FDB8D07DD4FC81093B0ACB243A525D ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
12:33:20.0781 0800 nvnetbus - ok
12:33:20.0796 0800 [ 0FEBE37DB6650FAA5965C00545009D1D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
12:33:20.0937 0800 NVSvc - ok
12:33:20.0968 0800 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:33:21.0187 0800 NwlnkFlt - ok
12:33:21.0203 0800 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:33:21.0421 0800 NwlnkFwd - ok
12:33:21.0500 0800 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:33:21.0671 0800 odserv - ok
12:33:21.0703 0800 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:33:21.0843 0800 ohci1394 - ok
12:33:21.0890 0800 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:33:21.0968 0800 ose - ok
12:33:22.0171 0800 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:33:22.0640 0800 osppsvc - ok
12:33:22.0671 0800 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
12:33:22.0859 0800 Parport - ok
12:33:22.0890 0800 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:33:23.0015 0800 PartMgr - ok
12:33:23.0031 0800 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:33:23.0203 0800 ParVdm - ok
12:33:23.0234 0800 [ 68139940B5AC84AFFB7EB1B713BE66E7 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
12:33:23.0296 0800 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
12:33:23.0296 0800 PassThru Service - detected UnsignedFile.Multi.Generic (1)
12:33:23.0312 0800 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:33:23.0406 0800 pccsmcfd - ok
12:33:23.0421 0800 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:33:23.0593 0800 PCI - ok
12:33:23.0609 0800 PCIDump - ok
12:33:23.0625 0800 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:33:23.0796 0800 PCIIde - ok
12:33:23.0812 0800 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
12:33:23.0953 0800 Pcmcia - ok
12:33:23.0953 0800 PDCOMP - ok
12:33:23.0968 0800 PDFRAME - ok
12:33:23.0968 0800 PDRELI - ok
12:33:23.0968 0800 PDRFRAME - ok
12:33:23.0984 0800 perc2 - ok
12:33:23.0984 0800 perc2hib - ok
12:33:24.0031 0800 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
12:33:24.0078 0800 PlugPlay - ok
12:33:24.0093 0800 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:33:24.0218 0800 PolicyAgent - ok
12:33:24.0250 0800 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:33:24.0390 0800 PptpMiniport - ok
12:33:24.0421 0800 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
12:33:24.0578 0800 Processor - ok
12:33:24.0593 0800 [ 18D9789A4664BF417EEA944D2776091A ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
12:33:24.0671 0800 prodrv06 ( UnsignedFile.Multi.Generic ) - warning
12:33:24.0671 0800 prodrv06 - detected UnsignedFile.Multi.Generic (1)
12:33:24.0703 0800 [ 8CC9671A7ED2902E747EE0892E1C8575 ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
12:33:24.0812 0800 prohlp02 ( UnsignedFile.Multi.Generic ) - warning
12:33:24.0812 0800 prohlp02 - detected UnsignedFile.Multi.Generic (1)
12:33:24.0828 0800 [ 960BCE3ED38761B446AABAC06C76BADF ] prosync1 C:\WINDOWS\system32\drivers\prosync1.sys
12:33:24.0921 0800 prosync1 ( UnsignedFile.Multi.Generic ) - warning
12:33:24.0921 0800 prosync1 - detected UnsignedFile.Multi.Generic (1)
12:33:24.0953 0800 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:33:25.0156 0800 ProtectedStorage - ok
12:33:25.0187 0800 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:33:25.0359 0800 PSched - ok
12:33:25.0375 0800 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:33:25.0703 0800 Ptilink - ok
12:33:25.0703 0800 ql1080 - ok
12:33:25.0703 0800 Ql10wnt - ok
12:33:25.0718 0800 ql12160 - ok
12:33:25.0718 0800 ql1240 - ok
12:33:25.0750 0800 ql1280 - ok
12:33:25.0781 0800 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:33:26.0000 0800 RasAcd - ok
12:33:26.0031 0800 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:33:26.0171 0800 RasAuto - ok
12:33:26.0203 0800 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
12:33:26.0281 0800 Rasirda - ok
12:33:26.0281 0800 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:33:26.0421 0800 Rasl2tp - ok
12:33:26.0468 0800 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:33:26.0625 0800 RasMan - ok
12:33:26.0640 0800 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:33:26.0781 0800 RasPppoe - ok
12:33:26.0796 0800 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:33:26.0984 0800 Raspti - ok
12:33:27.0015 0800 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:33:27.0187 0800 Rdbss - ok
12:33:27.0234 0800 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:33:27.0390 0800 RDPCDD - ok
12:33:27.0437 0800 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:33:27.0531 0800 RDPWD - ok
12:33:27.0562 0800 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:33:27.0828 0800 RDSessMgr - ok
12:33:27.0875 0800 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:33:28.0000 0800 redbook - ok
12:33:28.0031 0800 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:33:28.0156 0800 RemoteAccess - ok
12:33:28.0187 0800 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
12:33:28.0343 0800 ROOTMODEM - ok
12:33:28.0375 0800 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
12:33:28.0531 0800 RpcLocator - ok
12:33:28.0578 0800 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:33:28.0656 0800 RpcSs - ok
12:33:28.0671 0800 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:33:28.0968 0800 RSVP - ok
12:33:29.0000 0800 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
12:33:29.0109 0800 rtl8139 - ok
12:33:29.0125 0800 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
12:33:29.0250 0800 SamSs - ok
12:33:29.0281 0800 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:33:29.0546 0800 SCardSvr - ok
12:33:29.0578 0800 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:33:29.0812 0800 Schedule - ok
12:33:29.0859 0800 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:33:30.0015 0800 Secdrv - ok
12:33:30.0031 0800 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
12:33:30.0156 0800 seclogon - ok
12:33:30.0187 0800 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
12:33:30.0328 0800 SENS - ok
12:33:30.0343 0800 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
12:33:30.0468 0800 serenum - ok
12:33:30.0500 0800 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
12:33:30.0625 0800 Serial - ok
12:33:30.0718 0800 [ 77FAA749C34193F003F666D2E368A1F8 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:33:30.0921 0800 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
12:33:30.0921 0800 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
12:33:30.0968 0800 [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
12:33:31.0031 0800 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
12:33:31.0031 0800 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
12:33:31.0046 0800 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
12:33:31.0062 0800 sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
12:33:31.0062 0800 sfhlp01 - detected UnsignedFile.Multi.Generic (1)
12:33:31.0078 0800 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
12:33:31.0093 0800 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
12:33:31.0093 0800 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
12:33:31.0125 0800 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
12:33:31.0250 0800 Sfloppy - ok
12:33:31.0265 0800 [ 6120E41228A3718D8376437FE135DD4D ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
12:33:31.0312 0800 sfsync02 ( UnsignedFile.Multi.Generic ) - warning
12:33:31.0312 0800 sfsync02 - detected UnsignedFile.Multi.Generic (1)
12:33:31.0328 0800 [ D5A7E09D2C6A702809E49190D52ADC9F ] sfvfs02 C:\WINDOWS\system32\drivers\sfvfs02.sys
12:33:31.0343 0800 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
12:33:31.0343 0800 sfvfs02 - detected UnsignedFile.Multi.Generic (1)
12:33:31.0390 0800 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:33:31.0562 0800 SharedAccess - ok
12:33:31.0593 0800 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:33:31.0656 0800 ShellHWDetection - ok
12:33:31.0656 0800 Simbad - ok
12:33:31.0703 0800 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:33:31.0734 0800 SLIP - ok
12:33:31.0765 0800 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
12:33:31.0921 0800 SONYPVU1 - ok
12:33:31.0921 0800 Sparrow - ok
12:33:31.0953 0800 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:33:32.0109 0800 splitter - ok
12:33:32.0156 0800 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:33:32.0218 0800 Spooler - ok
12:33:32.0281 0800 [ 0C1DAD75274CB6E31F053CE3E08BF9C3 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
12:33:32.0281 0800 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 0C1DAD75274CB6E31F053CE3E08BF9C3
12:33:32.0281 0800 sptd ( LockedFile.Multi.Generic ) - warning
12:33:32.0281 0800 sptd - detected LockedFile.Multi.Generic (1)
12:33:32.0296 0800 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:33:32.0437 0800 sr - ok
12:33:32.0468 0800 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
12:33:32.0656 0800 srservice - ok
12:33:32.0703 0800 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:33:32.0812 0800 Srv - ok
12:33:32.0843 0800 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:33:32.0984 0800 SSDPSRV - ok
12:33:32.0984 0800 StarWindServiceAE - ok
12:33:33.0015 0800 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:33:33.0250 0800 stisvc - ok
12:33:33.0296 0800 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:33:33.0359 0800 streamip - ok
12:33:33.0359 0800 stwlfbus - ok
12:33:33.0406 0800 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:33:33.0531 0800 swenum - ok
12:33:33.0546 0800 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:33:33.0687 0800 swmidi - ok
12:33:33.0687 0800 SwPrv - ok
12:33:33.0703 0800 symc810 - ok
12:33:33.0703 0800 symc8xx - ok
12:33:33.0718 0800 sym_hi - ok
12:33:33.0718 0800 sym_u3 - ok
12:33:33.0734 0800 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:33:33.0859 0800 sysaudio - ok
12:33:33.0906 0800 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:33:34.0109 0800 SysmonLog - ok
12:33:34.0140 0800 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:33:34.0421 0800 TapiSrv - ok
12:33:34.0468 0800 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:33:34.0703 0800 Tcpip - ok
12:33:34.0734 0800 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:33:34.0859 0800 TDPIPE - ok
12:33:34.0890 0800 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:33:35.0000 0800 TDTCP - ok
12:33:35.0031 0800 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:33:35.0171 0800 TermDD - ok
12:33:35.0218 0800 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
12:33:35.0437 0800 TermService - ok
12:33:35.0468 0800 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
12:33:35.0546 0800 Themes - ok
12:33:35.0562 0800 TosIde - ok
12:33:35.0578 0800 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:33:35.0703 0800 TrkWks - ok
12:33:35.0718 0800 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:33:35.0843 0800 Udfs - ok
12:33:35.0859 0800 ultra - ok
12:33:35.0906 0800 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:33:36.0140 0800 Update - ok
12:33:36.0156 0800 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
12:33:36.0328 0800 upnphost - ok
12:33:36.0343 0800 [ 587E643A4E2FFD9A00F114B057CEB773 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
12:33:36.0437 0800 upperdev - ok
12:33:36.0468 0800 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
12:33:36.0593 0800 UPS - ok
12:33:36.0625 0800 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
12:33:36.0750 0800 usbaudio - ok
12:33:36.0781 0800 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:33:36.0921 0800 usbccgp - ok
12:33:36.0953 0800 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:33:37.0062 0800 usbehci - ok
12:33:37.0093 0800 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:33:37.0234 0800 usbhub - ok
12:33:37.0250 0800 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
12:33:37.0359 0800 usbohci - ok
12:33:37.0390 0800 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
12:33:37.0531 0800 usbser - ok
12:33:37.0546 0800 [ FCA6A196D47CB972A0E4ADC0DB9CD17C ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
12:33:37.0625 0800 UsbserFilt - ok
12:33:37.0656 0800 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:33:37.0781 0800 USBSTOR - ok
12:33:37.0812 0800 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
12:33:37.0937 0800 usbvideo - ok
12:33:37.0953 0800 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
12:33:38.0078 0800 usb_rndisx - ok
12:33:38.0078 0800 VClone - ok
12:33:38.0109 0800 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:33:38.0234 0800 VgaSave - ok
12:33:38.0234 0800 ViaIde - ok
12:33:38.0265 0800 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:33:38.0406 0800 VolSnap - ok
12:33:38.0453 0800 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
12:33:38.0765 0800 VSS - ok
12:33:38.0796 0800 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
12:33:38.0953 0800 W32Time - ok
12:33:38.0984 0800 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:33:39.0109 0800 Wanarp - ok
12:33:39.0156 0800 [ 4769596D7CC0F5FA447D2BABC239672A ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
12:33:39.0312 0800 Wdf01000 - ok
12:33:39.0328 0800 WDICA - ok
12:33:39.0359 0800 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:33:39.0484 0800 wdmaud - ok
12:33:39.0531 0800 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:33:39.0687 0800 WebClient - ok
12:33:39.0765 0800 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:33:39.0937 0800 winmgmt - ok
12:33:39.0968 0800 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:33:40.0031 0800 WmdmPmSN - ok
12:33:40.0078 0800 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:33:40.0218 0800 WmiApSrv - ok
12:33:40.0312 0800 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
12:33:40.0437 0800 WMPNetworkSvc - ok
12:33:40.0453 0800 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:33:40.0500 0800 WpdUsb - ok
12:33:40.0609 0800 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:33:40.0796 0800 WPFFontCache_v0400 - ok
12:33:40.0843 0800 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:33:41.0000 0800 wscsvc - ok
12:33:41.0046 0800 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:33:41.0062 0800 WSTCODEC - ok
12:33:41.0078 0800 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:33:41.0203 0800 wuauserv - ok
12:33:41.0234 0800 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:33:41.0265 0800 WudfPf - ok
12:33:41.0296 0800 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:33:41.0359 0800 WudfRd - ok
12:33:41.0390 0800 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:33:41.0421 0800 WudfSvc - ok
12:33:41.0468 0800 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:33:41.0656 0800 WZCSVC - ok
12:33:41.0671 0800 xcpip - ok
12:33:41.0687 0800 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:33:41.0843 0800 xmlprov - ok
12:33:41.0843 0800 xpsec - ok
12:33:41.0875 0800 ================ Scan global ===============================
12:33:41.0921 0800 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
12:33:41.0968 0800 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
12:33:42.0000 0800 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
12:33:42.0015 0800 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
12:33:42.0015 0800 [Global] - ok
12:33:42.0015 0800 ================ Scan MBR ==================================
12:33:42.0046 0800 [ 2EE71BF0EED0EA80EA06D295A1A50104 ] \Device\Harddisk0\DR0
12:33:42.0046 0800 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
12:33:42.0046 0800 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
12:33:42.0109 0800 ================ Scan VBR ==================================
12:33:42.0109 0800 [ C4A233AA4DA20B2AB098DC15AD0C7379 ] \Device\Harddisk0\DR0\Partition1
12:33:42.0109 0800 \Device\Harddisk0\DR0\Partition1 - ok
12:33:42.0109 0800 ============================================================
12:33:42.0109 0800 Scan finished
12:33:42.0109 0800 ============================================================
12:33:42.0218 5400 Detected object count: 22
12:33:42.0218 5400 Actual detected object count: 22
12:34:40.0093 5400 AsAudioDevice_351 ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0093 5400 AsAudioDevice_351 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0093 5400 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0093 5400 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0093 5400 idsvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0093 5400 idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0093 5400 InCDfs ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0093 5400 InCDfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0109 5400 InCDPass ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0109 5400 InCDPass ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0109 5400 InCDrec ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0109 5400 InCDrec ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0109 5400 incdrm ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0109 5400 incdrm ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0109 5400 InCDsrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0109 5400 InCDsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0109 5400 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0109 5400 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0109 5400 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0109 5400 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0109 5400 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0125 5400 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0125 5400 prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0125 5400 prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0125 5400 prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0125 5400 prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0125 5400 prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0125 5400 prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0125 5400 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0125 5400 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0125 5400 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0125 5400 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0125 5400 sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0125 5400 sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0125 5400 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0125 5400 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0125 5400 sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0125 5400 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0125 5400 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
12:34:40.0125 5400 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:34:40.0125 5400 sptd ( LockedFile.Multi.Generic ) - skipped by user
12:34:40.0125 5400 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
12:34:40.0125 5400 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - skipped by user
12:34:40.0125 5400 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Skip
12:34:53.0734 5856 Deinitialize success
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#7 Příspěvek od BattleMaster33 »

Provedl jsem léčbu a restart (proběhl normálně), když jsem se ale přihlásil na uživatelský účet, tak nevidím nic, kromě příkazového řádku a dotazu zda chci pustit exe soubor s názvem přibližně DCAF3E09-EBBD-47AE-801F-809534040F7C.exe, který pochází z C:\DOCUME~1\VLA~1\LOCALS~1\Temp
Jako vydavatel je uveden Kaspersky Lab
Mám tento soubor spustit?
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#8 Příspěvek od BattleMaster33 »

Stornoval jsem to a naběhla mi normálně plocha. Teď už píšu z počítače z chromu a naběhl normálně, bez jakékoliv odezvy antiviru, tak to vypadá nadějně :) vkládám log z čištění a log po čištění:

Log z čištění:
19:12:03.0859 5396 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:12:05.0671 5396 ============================================================
19:12:05.0671 5396 Current date / time: 2013/02/02 19:12:05.0671
19:12:05.0671 5396 SystemInfo:
19:12:05.0671 5396
19:12:05.0671 5396 OS Version: 5.1.2600 ServicePack: 3.0
19:12:05.0671 5396 Product type: Workstation
19:12:05.0671 5396 ComputerName: KOCIANOVI
19:12:05.0671 5396 UserName: Vláďa
19:12:05.0671 5396 Windows directory: C:\WINDOWS
19:12:05.0671 5396 System windows directory: C:\WINDOWS
19:12:05.0671 5396 Processor architecture: Intel x86
19:12:05.0671 5396 Number of processors: 1
19:12:05.0671 5396 Page size: 0x1000
19:12:05.0671 5396 Boot type: Normal boot
19:12:05.0671 5396 ============================================================
19:13:22.0000 5396 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:13:22.0046 5396 ============================================================
19:13:22.0046 5396 \Device\Harddisk0\DR0:
19:13:22.0046 5396 MBR partitions:
19:13:22.0046 5396 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
19:13:22.0046 5396 ============================================================
19:13:22.0109 5396 C: <-> \Device\Harddisk0\DR0\Partition1
19:13:22.0109 5396 ============================================================
19:13:22.0109 5396 Initialize success
19:13:22.0109 5396 ============================================================
19:13:31.0796 6000 ============================================================
19:13:31.0796 6000 Scan started
19:13:31.0796 6000 Mode: Manual; SigCheck; TDLFS;
19:13:31.0796 6000 ============================================================
19:13:31.0875 6000 ================ Scan system memory ========================
19:13:34.0437 6000 System memory - ok
19:13:34.0437 6000 ================ Scan services =============================
19:13:34.0546 6000 0zx_fqi6i.sys - ok
19:13:34.0546 6000 Abiosdsk - ok
19:13:34.0546 6000 abp480n5 - ok
19:13:34.0593 6000 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:13:35.0109 6000 ACPI - ok
19:13:35.0140 6000 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:13:35.0609 6000 ACPIEC - ok
19:13:35.0609 6000 adpu160m - ok
19:13:35.0671 6000 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:13:35.0890 6000 aec - ok
19:13:35.0937 6000 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:13:36.0187 6000 AFD - ok
19:13:36.0187 6000 Aha154x - ok
19:13:36.0203 6000 aic78u2 - ok
19:13:36.0203 6000 aic78xx - ok
19:13:36.0234 6000 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:13:36.0546 6000 Alerter - ok
19:13:36.0578 6000 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
19:13:36.0859 6000 ALG - ok
19:13:36.0859 6000 AliIde - ok
19:13:36.0890 6000 [ FCFFA85CFD4BF7A4711012847048DCA3 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
19:13:37.0000 6000 AmdK8 - ok
19:13:37.0000 6000 amsint - ok
19:13:37.0015 6000 AppMgmt - ok
19:13:37.0031 6000 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:13:37.0187 6000 Arp1394 - ok
19:13:37.0218 6000 [ 23020385D34E35DFC2D6503FA67D3FFC ] AsAudioDevice_351 C:\WINDOWS\system32\drivers\AsAudioDevice_351.sys
19:13:37.0328 6000 AsAudioDevice_351 ( UnsignedFile.Multi.Generic ) - warning
19:13:37.0328 6000 AsAudioDevice_351 - detected UnsignedFile.Multi.Generic (1)
19:13:37.0343 6000 asc - ok
19:13:37.0343 6000 asc3350p - ok
19:13:37.0359 6000 asc3550 - ok
19:13:37.0468 6000 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:13:37.0625 6000 aspnet_state - ok
19:13:37.0656 6000 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:13:37.0937 6000 AsyncMac - ok
19:13:37.0984 6000 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:13:38.0328 6000 atapi - ok
19:13:38.0328 6000 Atdisk - ok
19:13:38.0375 6000 [ 3C4B9850A2631C2263507400D029057B ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
19:13:38.0593 6000 atksgt - ok
19:13:38.0625 6000 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:13:38.0796 6000 Atmarpc - ok
19:13:38.0843 6000 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:13:39.0031 6000 AudioSrv - ok
19:13:39.0062 6000 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:13:39.0234 6000 audstub - ok
19:13:39.0281 6000 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:13:39.0515 6000 Beep - ok
19:13:39.0562 6000 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
19:13:39.0750 6000 BITS - ok
19:13:39.0781 6000 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
19:13:39.0906 6000 Browser - ok
19:13:39.0937 6000 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:13:40.0093 6000 cbidf2k - ok
19:13:40.0125 6000 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:13:40.0187 6000 CCDECODE - ok
19:13:40.0203 6000 cd20xrnt - ok
19:13:40.0234 6000 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:13:40.0500 6000 Cdaudio - ok
19:13:40.0546 6000 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:13:40.0734 6000 Cdfs - ok
19:13:40.0750 6000 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:13:40.0953 6000 Cdrom - ok
19:13:40.0953 6000 Changer - ok
19:13:41.0000 6000 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:13:41.0140 6000 CiSvc - ok
19:13:41.0171 6000 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:13:41.0328 6000 ClipSrv - ok
19:13:41.0359 6000 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:13:41.0500 6000 clr_optimization_v2.0.50727_32 - ok
19:13:41.0546 6000 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:13:41.0593 6000 clr_optimization_v4.0.30319_32 - ok
19:13:41.0593 6000 CmdIde - ok
19:13:41.0609 6000 COMSysApp - ok
19:13:41.0625 6000 Cpqarray - ok
19:13:41.0656 6000 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:13:41.0812 6000 CryptSvc - ok
19:13:41.0828 6000 dac2w2k - ok
19:13:41.0828 6000 dac960nt - ok
19:13:41.0859 6000 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:13:42.0015 6000 DcomLaunch - ok
19:13:42.0046 6000 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:13:42.0203 6000 Dhcp - ok
19:13:42.0250 6000 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:13:42.0390 6000 Disk - ok
19:13:42.0390 6000 dmadmin - ok
19:13:42.0437 6000 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:13:42.0687 6000 dmboot - ok
19:13:42.0718 6000 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:13:42.0906 6000 dmio - ok
19:13:42.0937 6000 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:13:43.0125 6000 dmload - ok
19:13:43.0156 6000 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:13:43.0312 6000 dmserver - ok
19:13:43.0359 6000 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:13:43.0531 6000 DMusic - ok
19:13:43.0562 6000 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:13:43.0609 6000 Dnscache - ok
19:13:43.0656 6000 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:13:43.0859 6000 Dot3svc - ok
19:13:43.0859 6000 dpti2o - ok
19:13:43.0890 6000 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:13:44.0031 6000 drmkaud - ok
19:13:44.0046 6000 EagleNT - ok
19:13:44.0046 6000 EagleXNt - ok
19:13:44.0078 6000 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:13:44.0234 6000 EapHost - ok
19:13:44.0265 6000 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:13:44.0421 6000 ERSvc - ok
19:13:44.0468 6000 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
19:13:44.0546 6000 Eventlog - ok
19:13:44.0578 6000 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
19:13:44.0671 6000 EventSystem - ok
19:13:44.0859 6000 [ 7CE0422451C4B05A14B642680F525C69 ] F-Secure Gatekeeper C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys
19:13:44.0937 6000 F-Secure Gatekeeper - ok
19:13:44.0953 6000 [ A9BE66E05254B20DF82E0F7CDDECA7DD ] F-Secure Gatekeeper Handler Starter C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
19:13:45.0046 6000 F-Secure Gatekeeper Handler Starter - ok
19:13:45.0109 6000 [ F5ACA65237C7511D5803CDC5E7003D75 ] F-Secure HIPS C:\Program Files\F-Secure\HIPS\drivers\fshs.sys
19:13:45.0156 6000 F-Secure HIPS - ok
19:13:45.0203 6000 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:13:45.0375 6000 Fastfat - ok
19:13:45.0406 6000 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:13:45.0500 6000 FastUserSwitchingCompatibility - ok
19:13:45.0515 6000 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:13:45.0656 6000 Fdc - ok
19:13:45.0687 6000 [ B73EC688C29F81F9DA0FCF63682B3ECB ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
19:13:45.0765 6000 FilterService - ok
19:13:45.0781 6000 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:13:45.0921 6000 Fips - ok
19:13:45.0968 6000 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:13:46.0140 6000 Flpydisk - ok
19:13:46.0171 6000 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:13:46.0328 6000 FltMgr - ok
19:13:46.0406 6000 [ FACECF3F75BAF3775A879D1168402270 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:13:46.0453 6000 FontCache3.0.0.0 - ok
19:13:46.0468 6000 [ 18DA737DD5122A475DA4948ED4643675 ] fsbts C:\WINDOWS\system32\Drivers\fsbts.sys
19:13:46.0515 6000 fsbts - ok
19:13:46.0593 6000 [ 8E0BF7478CC3BAED48282ADBC97ADAFB ] FSDFWD C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
19:13:46.0734 6000 FSDFWD - ok
19:13:46.0750 6000 [ ACA3910A53A057B8C3A6EBF4EF788C7C ] FSFW C:\WINDOWS\system32\drivers\fsdfw.sys
19:13:46.0812 6000 FSFW - ok
19:13:46.0875 6000 [ 392E85687A902239C01BADDF212B1A36 ] FSMA C:\Program Files\F-Secure\Common\FSMA32.EXE
19:13:46.0968 6000 FSMA - ok
19:13:47.0031 6000 [ 42AEF6A385354ACA65FC210CE7CE4D7C ] FSORSPClient C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
19:13:47.0078 6000 FSORSPClient - ok
19:13:47.0109 6000 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:13:47.0296 6000 Fs_Rec - ok
19:13:47.0328 6000 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:13:47.0515 6000 Ftdisk - ok
19:13:47.0515 6000 GMSIPCI - ok
19:13:47.0546 6000 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:13:47.0703 6000 Gpc - ok
19:13:47.0796 6000 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:13:47.0937 6000 gupdate - ok
19:13:47.0953 6000 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:13:48.0046 6000 gupdatem - ok
19:13:48.0078 6000 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:13:48.0187 6000 gusvc - ok
19:13:48.0218 6000 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
19:13:48.0265 6000 hamachi - ok
19:13:48.0343 6000 [ 616399E27A55C97AE859230EB13984D8 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
19:13:48.0531 6000 Hamachi2Svc - ok
19:13:48.0562 6000 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:13:48.0750 6000 HDAudBus - ok
19:13:48.0812 6000 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:13:48.0921 6000 helpsvc - ok
19:13:48.0937 6000 HidServ - ok
19:13:48.0953 6000 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:13:49.0093 6000 HidUsb - ok
19:13:49.0125 6000 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:13:49.0281 6000 hkmsvc - ok
19:13:49.0281 6000 hpn - ok
19:13:49.0312 6000 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
19:13:49.0359 6000 HTCAND32 - ok
19:13:49.0390 6000 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
19:13:49.0562 6000 htcnprot - ok
19:13:49.0625 6000 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:13:49.0734 6000 HTTP - ok
19:13:49.0750 6000 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:13:49.0875 6000 HTTPFilter - ok
19:13:49.0875 6000 i2omgmt - ok
19:13:49.0890 6000 i2omp - ok
19:13:49.0921 6000 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:13:50.0062 6000 i8042prt - ok
19:13:50.0140 6000 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:13:50.0296 6000 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:13:50.0296 6000 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:13:50.0359 6000 [ EA7267505149B3A10DF32506A4E4E412 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:13:50.0500 6000 idsvc ( UnsignedFile.Multi.Generic ) - warning
19:13:50.0500 6000 idsvc - detected UnsignedFile.Multi.Generic (1)
19:13:50.0531 6000 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:13:50.0718 6000 Imapi - ok
19:13:50.0765 6000 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:13:51.0015 6000 ImapiService - ok
19:13:51.0046 6000 [ B87FC7C71632240DAC8F4D20E9CE8377 ] InCDfs C:\WINDOWS\system32\drivers\InCDfs.sys
19:13:51.0109 6000 InCDfs ( UnsignedFile.Multi.Generic ) - warning
19:13:51.0109 6000 InCDfs - detected UnsignedFile.Multi.Generic (1)
19:13:51.0140 6000 [ 2E878405128EC98886EB9C2216AC7BD6 ] InCDPass C:\WINDOWS\system32\DRIVERS\InCDPass.sys
19:13:51.0187 6000 InCDPass ( UnsignedFile.Multi.Generic ) - warning
19:13:51.0187 6000 InCDPass - detected UnsignedFile.Multi.Generic (1)
19:13:51.0218 6000 [ DDF078917A42F105385D7EB6DEBB3433 ] InCDrec C:\WINDOWS\system32\drivers\InCDrec.sys
19:13:51.0265 6000 InCDrec ( UnsignedFile.Multi.Generic ) - warning
19:13:51.0265 6000 InCDrec - detected UnsignedFile.Multi.Generic (1)
19:13:51.0296 6000 [ 7F352360E947AD2CD4BA60DE27B1A299 ] incdrm C:\WINDOWS\system32\drivers\incdrm.sys
19:13:51.0343 6000 incdrm ( UnsignedFile.Multi.Generic ) - warning
19:13:51.0343 6000 incdrm - detected UnsignedFile.Multi.Generic (1)
19:13:51.0406 6000 [ E9372A17C22FC4E5C9FD8798A97775FC ] InCDsrv C:\Program Files\Ahead\InCD\InCDsrv.exe
19:13:51.0546 6000 InCDsrv ( UnsignedFile.Multi.Generic ) - warning
19:13:51.0546 6000 InCDsrv - detected UnsignedFile.Multi.Generic (1)
19:13:51.0562 6000 ini910u - ok
19:13:51.0687 6000 [ 001AACA6ED0E6B00FC5B8FAF74977E81 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:13:52.0031 6000 IntcAzAudAddService - ok
19:13:52.0046 6000 IntelIde - ok
19:13:52.0078 6000 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:13:52.0203 6000 Ip6Fw - ok
19:13:52.0250 6000 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:13:52.0421 6000 IpFilterDriver - ok
19:13:52.0437 6000 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:13:52.0562 6000 IpInIp - ok
19:13:52.0593 6000 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:13:52.0781 6000 IpNat - ok
19:13:52.0828 6000 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:13:53.0062 6000 IPSec - ok
19:13:53.0093 6000 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
19:13:53.0234 6000 irda - ok
19:13:53.0265 6000 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:13:53.0390 6000 IRENUM - ok
19:13:53.0437 6000 [ 8024EA8C5B2D2A4D201F418B0AADB804 ] Irmon C:\WINDOWS\System32\irmon.dll
19:13:53.0578 6000 Irmon - ok
19:13:53.0609 6000 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
19:13:53.0687 6000 irsir - ok
19:13:53.0718 6000 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:13:53.0843 6000 isapnp - ok
19:13:53.0953 6000 [ 77AC10DB097DFD0CD3071465B644D0AB ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
19:13:54.0046 6000 JavaQuickStarterService - ok
19:13:54.0109 6000 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:13:54.0234 6000 Kbdclass - ok
19:13:54.0265 6000 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:13:54.0453 6000 kmixer - ok
19:13:54.0484 6000 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:13:54.0562 6000 KSecDD - ok
19:13:54.0593 6000 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:13:54.0671 6000 lanmanserver - ok
19:13:54.0703 6000 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:13:54.0812 6000 lanmanworkstation - ok
19:13:54.0828 6000 lbrtfdc - ok
19:13:54.0890 6000 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:13:54.0937 6000 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:13:54.0937 6000 LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:13:54.0968 6000 [ 4127E8B6DDB4090E815C1F8852C277D3 ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
19:13:55.0015 6000 lirsgt - ok
19:13:55.0046 6000 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:13:55.0187 6000 LmHosts - ok
19:13:55.0218 6000 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
19:13:55.0250 6000 LVPr2Mon - ok
19:13:55.0296 6000 [ 2333057542C91AE8228BDCCC2E5F2632 ] LVPrcSrv C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
19:13:55.0390 6000 LVPrcSrv - ok
19:13:55.0421 6000 [ A1857FBB9B4930EEB2FD92386C45C529 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
19:13:55.0531 6000 LVRS - ok
19:13:55.0562 6000 [ 5F987FC1AAD215EC2C60CF07719B1CCE ] LVUSBSta C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys
19:13:55.0609 6000 LVUSBSta - ok
19:13:55.0734 6000 [ 3703406AF0726BADD24C5E552493E5B1 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
19:13:56.0015 6000 LVUVC - ok
19:13:56.0031 6000 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\WINDOWS\system32\DRIVERS\mcdbus.sys
19:13:56.0078 6000 mcdbus ( UnsignedFile.Multi.Generic ) - warning
19:13:56.0078 6000 mcdbus - detected UnsignedFile.Multi.Generic (1)
19:13:56.0109 6000 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:13:56.0234 6000 Messenger - ok
19:13:56.0312 6000 Microsoft SharePoint Workspace Audit Service - ok
19:13:56.0343 6000 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:13:56.0484 6000 mnmdd - ok
19:13:56.0531 6000 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:13:56.0718 6000 mnmsrvc - ok
19:13:56.0781 6000 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:13:56.0937 6000 Modem - ok
19:13:56.0968 6000 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:13:57.0109 6000 Mouclass - ok
19:13:57.0140 6000 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:13:57.0296 6000 mouhid - ok
19:13:57.0312 6000 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:13:57.0453 6000 MountMgr - ok
19:13:57.0468 6000 mraid35x - ok
19:13:57.0468 6000 MREMP50 - ok
19:13:57.0468 6000 MREMP50a64 - ok
19:13:57.0484 6000 MREMPR5 - ok
19:13:57.0484 6000 MRENDIS5 - ok
19:13:57.0484 6000 MRESP50 - ok
19:13:57.0500 6000 MRESP50a64 - ok
19:13:57.0515 6000 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:13:57.0734 6000 MRxDAV - ok
19:13:57.0765 6000 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:13:58.0015 6000 MRxSmb - ok
19:13:58.0062 6000 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:13:58.0265 6000 MSDTC - ok
19:13:58.0281 6000 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:13:58.0437 6000 Msfs - ok
19:13:58.0453 6000 MSIServer - ok
19:13:58.0484 6000 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:13:58.0656 6000 MSKSSRV - ok
19:13:58.0687 6000 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:13:58.0828 6000 MSPCLOCK - ok
19:13:58.0843 6000 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:13:58.0968 6000 MSPQM - ok
19:13:59.0000 6000 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:13:59.0156 6000 mssmbios - ok
19:13:59.0171 6000 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:13:59.0250 6000 MSTEE - ok
19:13:59.0296 6000 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:13:59.0375 6000 Mup - ok
19:13:59.0406 6000 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:13:59.0468 6000 NABTSFEC - ok
19:13:59.0500 6000 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:13:59.0687 6000 napagent - ok
19:13:59.0734 6000 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:13:59.0937 6000 NDIS - ok
19:13:59.0984 6000 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:14:00.0046 6000 NdisIP - ok
19:14:00.0078 6000 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:14:00.0125 6000 NdisTapi - ok
19:14:00.0140 6000 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:14:00.0296 6000 Ndisuio - ok
19:14:00.0312 6000 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:14:00.0453 6000 NdisWan - ok
19:14:00.0453 6000 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:14:00.0515 6000 NDProxy - ok
19:14:00.0562 6000 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:14:00.0734 6000 NetBIOS - ok
19:14:00.0765 6000 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:14:01.0015 6000 NetBT - ok
19:14:01.0046 6000 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
19:14:01.0250 6000 NetDDE - ok
19:14:01.0265 6000 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:14:01.0406 6000 NetDDEdsdm - ok
19:14:01.0437 6000 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:14:01.0593 6000 Netlogon - ok
19:14:01.0640 6000 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
19:14:01.0781 6000 Netman - ok
19:14:01.0828 6000 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:14:01.0921 6000 NetTcpPortSharing - ok
19:14:01.0937 6000 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:14:02.0078 6000 NIC1394 - ok
19:14:02.0125 6000 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
19:14:02.0234 6000 Nla - ok
19:14:02.0250 6000 [ 4A8A2AA0706B659175169DECF198E9D7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
19:14:02.0328 6000 nmwcd - ok
19:14:02.0343 6000 [ FD3E61831095AC62E6840D986B5A2016 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
19:14:02.0421 6000 nmwcdc - ok
19:14:02.0468 6000 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:14:02.0609 6000 Npfs - ok
19:14:02.0640 6000 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:14:02.0937 6000 Ntfs - ok
19:14:02.0968 6000 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:14:03.0109 6000 NtLmSsp - ok
19:14:03.0140 6000 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:14:03.0375 6000 NtmsSvc - ok
19:14:03.0406 6000 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:14:03.0625 6000 Null - ok
19:14:03.0765 6000 [ BA1B732C1A70CFEA0C1B64F2850BF44F ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:14:04.0203 6000 nv - ok
19:14:04.0234 6000 [ C03E15101F6D9E82CD9B0E7D715F5DE3 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
19:14:04.0281 6000 nvata - ok
19:14:04.0312 6000 [ CC34564BCA235EBAD8B308D871EFA2DF ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
19:14:04.0375 6000 NVENETFD - ok
19:14:04.0421 6000 [ 46FDB8D07DD4FC81093B0ACB243A525D ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
19:14:04.0484 6000 nvnetbus - ok
19:14:04.0515 6000 [ 0FEBE37DB6650FAA5965C00545009D1D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:14:04.0609 6000 NVSvc - ok
19:14:04.0640 6000 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:14:04.0828 6000 NwlnkFlt - ok
19:14:04.0843 6000 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:14:05.0046 6000 NwlnkFwd - ok
19:14:05.0140 6000 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:14:05.0296 6000 odserv - ok
19:14:05.0328 6000 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:14:06.0062 6000 ohci1394 - ok
19:14:06.0125 6000 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:14:06.0250 6000 ose - ok
19:14:06.0453 6000 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:14:06.0890 6000 osppsvc - ok
19:14:06.0921 6000 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:14:07.0109 6000 Parport - ok
19:14:07.0156 6000 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:14:07.0265 6000 PartMgr - ok
19:14:07.0296 6000 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:14:07.0468 6000 ParVdm - ok
19:14:07.0515 6000 [ 68139940B5AC84AFFB7EB1B713BE66E7 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
19:14:07.0546 6000 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
19:14:07.0546 6000 PassThru Service - detected UnsignedFile.Multi.Generic (1)
19:14:07.0562 6000 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
19:14:07.0609 6000 pccsmcfd - ok
19:14:07.0656 6000 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:14:07.0781 6000 PCI - ok
19:14:07.0781 6000 PCIDump - ok
19:14:07.0812 6000 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:14:07.0953 6000 PCIIde - ok
19:14:07.0968 6000 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:14:08.0140 6000 Pcmcia - ok
19:14:08.0156 6000 PDCOMP - ok
19:14:08.0156 6000 PDFRAME - ok
19:14:08.0156 6000 PDRELI - ok
19:14:08.0171 6000 PDRFRAME - ok
19:14:08.0171 6000 perc2 - ok
19:14:08.0187 6000 perc2hib - ok
19:14:08.0234 6000 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
19:14:08.0281 6000 PlugPlay - ok
19:14:08.0281 6000 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:14:08.0406 6000 PolicyAgent - ok
19:14:08.0437 6000 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:14:08.0578 6000 PptpMiniport - ok
19:14:08.0609 6000 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:14:08.0718 6000 Processor - ok
19:14:08.0734 6000 [ 18D9789A4664BF417EEA944D2776091A ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
19:14:08.0781 6000 prodrv06 ( UnsignedFile.Multi.Generic ) - warning
19:14:08.0781 6000 prodrv06 - detected UnsignedFile.Multi.Generic (1)
19:14:08.0812 6000 [ 8CC9671A7ED2902E747EE0892E1C8575 ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
19:14:08.0906 6000 prohlp02 ( UnsignedFile.Multi.Generic ) - warning
19:14:08.0906 6000 prohlp02 - detected UnsignedFile.Multi.Generic (1)
19:14:08.0921 6000 [ 960BCE3ED38761B446AABAC06C76BADF ] prosync1 C:\WINDOWS\system32\drivers\prosync1.sys
19:14:08.0937 6000 prosync1 ( UnsignedFile.Multi.Generic ) - warning
19:14:08.0937 6000 prosync1 - detected UnsignedFile.Multi.Generic (1)
19:14:08.0968 6000 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:14:09.0093 6000 ProtectedStorage - ok
19:14:09.0109 6000 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:14:09.0265 6000 PSched - ok
19:14:09.0281 6000 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:14:09.0453 6000 Ptilink - ok
19:14:09.0453 6000 ql1080 - ok
19:14:09.0468 6000 Ql10wnt - ok
19:14:09.0468 6000 ql12160 - ok
19:14:09.0484 6000 ql1240 - ok
19:14:09.0484 6000 ql1280 - ok
19:14:09.0515 6000 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:14:09.0703 6000 RasAcd - ok
19:14:09.0750 6000 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:14:09.0890 6000 RasAuto - ok
19:14:09.0921 6000 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
19:14:10.0000 6000 Rasirda - ok
19:14:10.0015 6000 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:14:10.0203 6000 Rasl2tp - ok
19:14:10.0234 6000 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:14:10.0421 6000 RasMan - ok
19:14:10.0437 6000 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:14:10.0562 6000 RasPppoe - ok
19:14:10.0562 6000 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:14:10.0765 6000 Raspti - ok
19:14:10.0781 6000 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:14:10.0984 6000 Rdbss - ok
19:14:11.0015 6000 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:14:11.0203 6000 RDPCDD - ok
19:14:11.0250 6000 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:14:11.0312 6000 RDPWD - ok
19:14:11.0359 6000 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:14:11.0625 6000 RDSessMgr - ok
19:14:11.0671 6000 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:14:11.0812 6000 redbook - ok
19:14:11.0828 6000 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:14:11.0984 6000 RemoteAccess - ok
19:14:12.0015 6000 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
19:14:12.0171 6000 ROOTMODEM - ok
19:14:12.0203 6000 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:14:12.0343 6000 RpcLocator - ok
19:14:12.0390 6000 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:14:12.0484 6000 RpcSs - ok
19:14:12.0500 6000 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:14:12.0765 6000 RSVP - ok
19:14:12.0796 6000 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:14:12.0921 6000 rtl8139 - ok
19:14:12.0953 6000 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
19:14:13.0078 6000 SamSs - ok
19:14:13.0093 6000 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:14:13.0375 6000 SCardSvr - ok
19:14:13.0421 6000 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:14:13.0593 6000 Schedule - ok
19:14:13.0625 6000 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:14:13.0765 6000 Secdrv - ok
19:14:13.0796 6000 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:14:13.0906 6000 seclogon - ok
19:14:13.0921 6000 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
19:14:14.0093 6000 SENS - ok
19:14:14.0125 6000 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:14:14.0296 6000 serenum - ok
19:14:14.0312 6000 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:14:14.0468 6000 Serial - ok
19:14:14.0546 6000 [ 77FAA749C34193F003F666D2E368A1F8 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
19:14:14.0687 6000 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
19:14:14.0687 6000 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
19:14:14.0734 6000 [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
19:14:14.0781 6000 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
19:14:14.0781 6000 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
19:14:14.0796 6000 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
19:14:14.0828 6000 sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
19:14:14.0828 6000 sfhlp01 - detected UnsignedFile.Multi.Generic (1)
19:14:14.0843 6000 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
19:14:14.0875 6000 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
19:14:14.0875 6000 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
19:14:14.0906 6000 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:14:15.0015 6000 Sfloppy - ok
19:14:15.0031 6000 [ 6120E41228A3718D8376437FE135DD4D ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
19:14:15.0062 6000 sfsync02 ( UnsignedFile.Multi.Generic ) - warning
19:14:15.0062 6000 sfsync02 - detected UnsignedFile.Multi.Generic (1)
19:14:15.0078 6000 [ D5A7E09D2C6A702809E49190D52ADC9F ] sfvfs02 C:\WINDOWS\system32\drivers\sfvfs02.sys
19:14:15.0109 6000 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
19:14:15.0109 6000 sfvfs02 - detected UnsignedFile.Multi.Generic (1)
19:14:15.0156 6000 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:14:15.0359 6000 SharedAccess - ok
19:14:15.0375 6000 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:14:15.0453 6000 ShellHWDetection - ok
19:14:15.0468 6000 Simbad - ok
19:14:15.0500 6000 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:14:15.0562 6000 SLIP - ok
19:14:15.0593 6000 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
19:14:15.0750 6000 SONYPVU1 - ok
19:14:15.0750 6000 Sparrow - ok
19:14:15.0781 6000 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:14:15.0921 6000 splitter - ok
19:14:15.0953 6000 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:14:16.0015 6000 Spooler - ok
19:14:16.0062 6000 [ 0C1DAD75274CB6E31F053CE3E08BF9C3 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
19:14:16.0062 6000 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 0C1DAD75274CB6E31F053CE3E08BF9C3
19:14:16.0062 6000 sptd ( LockedFile.Multi.Generic ) - warning
19:14:16.0062 6000 sptd - detected LockedFile.Multi.Generic (1)
19:14:16.0078 6000 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:14:16.0234 6000 sr - ok
19:14:16.0281 6000 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
19:14:16.0531 6000 srservice - ok
19:14:16.0578 6000 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:14:16.0671 6000 Srv - ok
19:14:16.0703 6000 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:14:16.0828 6000 SSDPSRV - ok
19:14:16.0843 6000 StarWindServiceAE - ok
19:14:16.0875 6000 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:14:17.0031 6000 stisvc - ok
19:14:17.0078 6000 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:14:17.0140 6000 streamip - ok
19:14:17.0140 6000 stwlfbus - ok
19:14:17.0171 6000 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:14:17.0312 6000 swenum - ok
19:14:17.0328 6000 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:14:17.0484 6000 swmidi - ok
19:14:17.0500 6000 SwPrv - ok
19:14:17.0515 6000 symc810 - ok
19:14:17.0515 6000 symc8xx - ok
19:14:17.0515 6000 sym_hi - ok
19:14:17.0531 6000 sym_u3 - ok
19:14:17.0546 6000 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:14:17.0687 6000 sysaudio - ok
19:14:17.0718 6000 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:14:17.0937 6000 SysmonLog - ok
19:14:17.0968 6000 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:14:18.0140 6000 TapiSrv - ok
19:14:18.0187 6000 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:14:18.0343 6000 Tcpip - ok
19:14:18.0375 6000 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:14:18.0515 6000 TDPIPE - ok
19:14:18.0562 6000 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:14:18.0718 6000 TDTCP - ok
19:14:18.0734 6000 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:14:18.0875 6000 TermDD - ok
19:14:18.0953 6000 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
19:14:19.0140 6000 TermService - ok
19:14:19.0156 6000 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:14:19.0234 6000 Themes - ok
19:14:19.0234 6000 TosIde - ok
19:14:19.0265 6000 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:14:19.0375 6000 TrkWks - ok
19:14:19.0390 6000 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:14:19.0578 6000 Udfs - ok
19:14:19.0578 6000 ultra - ok
19:14:19.0609 6000 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:14:19.0843 6000 Update - ok
19:14:19.0875 6000 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
19:14:20.0031 6000 upnphost - ok
19:14:20.0062 6000 [ 587E643A4E2FFD9A00F114B057CEB773 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
19:14:20.0156 6000 upperdev - ok
19:14:20.0203 6000 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
19:14:20.0312 6000 UPS - ok
19:14:20.0343 6000 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:14:20.0484 6000 usbaudio - ok
19:14:20.0500 6000 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:14:20.0703 6000 usbccgp - ok
19:14:20.0718 6000 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:14:20.0859 6000 usbehci - ok
19:14:20.0890 6000 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:14:21.0031 6000 usbhub - ok
19:14:21.0062 6000 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:14:21.0187 6000 usbohci - ok
19:14:21.0218 6000 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
19:14:21.0343 6000 usbser - ok
19:14:21.0359 6000 [ FCA6A196D47CB972A0E4ADC0DB9CD17C ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
19:14:21.0437 6000 UsbserFilt - ok
19:14:21.0453 6000 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:14:21.0578 6000 USBSTOR - ok
19:14:21.0609 6000 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
19:14:21.0765 6000 usbvideo - ok
19:14:21.0781 6000 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
19:14:21.0906 6000 usb_rndisx - ok
19:14:21.0906 6000 VClone - ok
19:14:21.0937 6000 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:14:22.0046 6000 VgaSave - ok
19:14:22.0062 6000 ViaIde - ok
19:14:22.0078 6000 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:14:22.0218 6000 VolSnap - ok
19:14:22.0265 6000 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
19:14:22.0546 6000 VSS - ok
19:14:22.0578 6000 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
19:14:22.0718 6000 W32Time - ok
19:14:22.0750 6000 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:14:22.0875 6000 Wanarp - ok
19:14:22.0906 6000 [ 4769596D7CC0F5FA447D2BABC239672A ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
19:14:23.0062 6000 Wdf01000 - ok
19:14:23.0062 6000 WDICA - ok
19:14:23.0093 6000 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:14:23.0234 6000 wdmaud - ok
19:14:23.0265 6000 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:14:23.0390 6000 WebClient - ok
19:14:23.0468 6000 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:14:23.0625 6000 winmgmt - ok
19:14:23.0656 6000 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:14:23.0718 6000 WmdmPmSN - ok
19:14:23.0750 6000 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:14:23.0921 6000 WmiApSrv - ok
19:14:24.0015 6000 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:14:24.0156 6000 WMPNetworkSvc - ok
19:14:24.0171 6000 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:14:24.0218 6000 WpdUsb - ok
19:14:24.0328 6000 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:14:24.0500 6000 WPFFontCache_v0400 - ok
19:14:24.0546 6000 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:14:24.0718 6000 wscsvc - ok
19:14:24.0750 6000 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:14:24.0781 6000 WSTCODEC - ok
19:14:24.0781 6000 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:14:24.0921 6000 wuauserv - ok
19:14:24.0953 6000 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:14:25.0000 6000 WudfPf - ok
19:14:25.0031 6000 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:14:25.0078 6000 WudfRd - ok
19:14:25.0109 6000 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:14:25.0140 6000 WudfSvc - ok
19:14:25.0187 6000 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:14:25.0375 6000 WZCSVC - ok
19:14:25.0390 6000 xcpip - ok
19:14:25.0421 6000 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:14:25.0546 6000 xmlprov - ok
19:14:25.0546 6000 xpsec - ok
19:14:25.0578 6000 ================ Scan global ===============================
19:14:25.0625 6000 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
19:14:25.0640 6000 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
19:14:25.0656 6000 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
19:14:25.0687 6000 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
19:14:25.0687 6000 [Global] - ok
19:14:25.0703 6000 ================ Scan MBR ==================================
19:14:25.0718 6000 [ 2EE71BF0EED0EA80EA06D295A1A50104 ] \Device\Harddisk0\DR0
19:14:25.0718 6000 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
19:14:25.0718 6000 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
19:14:25.0781 6000 ================ Scan VBR ==================================
19:14:25.0781 6000 [ C4A233AA4DA20B2AB098DC15AD0C7379 ] \Device\Harddisk0\DR0\Partition1
19:14:25.0781 6000 \Device\Harddisk0\DR0\Partition1 - ok
19:14:25.0781 6000 ============================================================
19:14:25.0781 6000 Scan finished
19:14:25.0781 6000 ============================================================
19:14:25.0890 5992 Detected object count: 22
19:14:25.0890 5992 Actual detected object count: 22
19:15:34.0375 5992 AsAudioDevice_351 ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0375 5992 AsAudioDevice_351 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0375 5992 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0375 5992 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0375 5992 idsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0375 5992 idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0375 5992 InCDfs ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0375 5992 InCDfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0375 5992 InCDPass ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0375 5992 InCDPass ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0375 5992 InCDrec ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0375 5992 InCDrec ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0375 5992 incdrm ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0375 5992 incdrm ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0375 5992 InCDsrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0375 5992 InCDsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0375 5992 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0375 5992 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0375 5992 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0375 5992 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0390 5992 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0390 5992 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0390 5992 prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0390 5992 prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0390 5992 prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0390 5992 prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0390 5992 prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0390 5992 prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0390 5992 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0390 5992 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0390 5992 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0390 5992 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0390 5992 sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0390 5992 sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0390 5992 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0390 5992 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0390 5992 sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0390 5992 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0390 5992 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
19:15:34.0390 5992 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:15:34.0390 5992 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:15:34.0390 5992 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:15:34.0593 5992 \Device\Harddisk0\DR0\# - copied to quarantine
19:15:34.0593 5992 \Device\Harddisk0\DR0 - copied to quarantine
19:15:34.0609 5992 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
19:15:34.0625 5992 \Device\Harddisk0\DR0 - ok
19:15:34.0625 5992 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
19:15:43.0765 5392 Deinitialize success
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#9 Příspěvek od BattleMaster33 »

Po čištění:
19:44:07.0312 2420 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:44:07.0593 2420 ============================================================
19:44:07.0593 2420 Current date / time: 2013/02/02 19:44:07.0593
19:44:07.0593 2420 SystemInfo:
19:44:07.0593 2420
19:44:07.0593 2420 OS Version: 5.1.2600 ServicePack: 3.0
19:44:07.0593 2420 Product type: Workstation
19:44:07.0593 2420 ComputerName: KOCIANOVI
19:44:07.0593 2420 UserName: Vláďa
19:44:07.0593 2420 Windows directory: C:\WINDOWS
19:44:07.0593 2420 System windows directory: C:\WINDOWS
19:44:07.0593 2420 Processor architecture: Intel x86
19:44:07.0593 2420 Number of processors: 1
19:44:07.0593 2420 Page size: 0x1000
19:44:07.0593 2420 Boot type: Normal boot
19:44:07.0593 2420 ============================================================
19:44:07.0796 2420 BG loaded
19:44:08.0031 2420 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:44:08.0046 2420 ============================================================
19:44:08.0046 2420 \Device\Harddisk0\DR0:
19:44:08.0046 2420 MBR partitions:
19:44:08.0046 2420 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
19:44:08.0046 2420 ============================================================
19:44:08.0062 2420 C: <-> \Device\Harddisk0\DR0\Partition1
19:44:08.0078 2420 ============================================================
19:44:08.0078 2420 Initialize success
19:44:08.0078 2420 ============================================================
19:44:12.0984 3072 ============================================================
19:44:12.0984 3072 Scan started
19:44:12.0984 3072 Mode: Manual; SigCheck; TDLFS;
19:44:12.0984 3072 ============================================================
19:44:13.0078 3072 ================ Scan system memory ========================
19:44:15.0203 3072 System memory - ok
19:44:15.0203 3072 ================ Scan services =============================
19:44:15.0390 3072 0zx_fqi6i.sys - ok
19:44:15.0390 3072 Abiosdsk - ok
19:44:15.0406 3072 abp480n5 - ok
19:44:15.0468 3072 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:44:16.0812 3072 ACPI - ok
19:44:16.0843 3072 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:44:17.0031 3072 ACPIEC - ok
19:44:17.0031 3072 adpu160m - ok
19:44:17.0078 3072 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:44:17.0250 3072 aec - ok
19:44:17.0281 3072 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:44:17.0484 3072 AFD - ok
19:44:17.0500 3072 Aha154x - ok
19:44:17.0500 3072 aic78u2 - ok
19:44:17.0515 3072 aic78xx - ok
19:44:17.0562 3072 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:44:17.0703 3072 Alerter - ok
19:44:17.0734 3072 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
19:44:17.0921 3072 ALG - ok
19:44:17.0921 3072 AliIde - ok
19:44:17.0953 3072 [ FCFFA85CFD4BF7A4711012847048DCA3 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
19:44:18.0078 3072 AmdK8 - ok
19:44:18.0078 3072 amsint - ok
19:44:18.0078 3072 AppMgmt - ok
19:44:18.0109 3072 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:44:18.0265 3072 Arp1394 - ok
19:44:18.0296 3072 [ 23020385D34E35DFC2D6503FA67D3FFC ] AsAudioDevice_351 C:\WINDOWS\system32\drivers\AsAudioDevice_351.sys
19:44:18.0375 3072 AsAudioDevice_351 ( UnsignedFile.Multi.Generic ) - warning
19:44:18.0375 3072 AsAudioDevice_351 - detected UnsignedFile.Multi.Generic (1)
19:44:18.0375 3072 asc - ok
19:44:18.0390 3072 asc3350p - ok
19:44:18.0390 3072 asc3550 - ok
19:44:18.0515 3072 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:44:18.0625 3072 aspnet_state - ok
19:44:18.0656 3072 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:44:18.0781 3072 AsyncMac - ok
19:44:18.0812 3072 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:44:19.0046 3072 atapi - ok
19:44:19.0062 3072 Atdisk - ok
19:44:19.0093 3072 [ 3C4B9850A2631C2263507400D029057B ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
19:44:19.0281 3072 atksgt - ok
19:44:19.0296 3072 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:44:19.0453 3072 Atmarpc - ok
19:44:19.0500 3072 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:44:19.0656 3072 AudioSrv - ok
19:44:19.0703 3072 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:44:19.0875 3072 audstub - ok
19:44:19.0921 3072 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:44:20.0140 3072 Beep - ok
19:44:20.0187 3072 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
19:44:20.0375 3072 BITS - ok
19:44:20.0406 3072 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
19:44:20.0546 3072 Browser - ok
19:44:20.0578 3072 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:44:20.0750 3072 cbidf2k - ok
19:44:20.0781 3072 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:44:20.0843 3072 CCDECODE - ok
19:44:20.0859 3072 cd20xrnt - ok
19:44:20.0890 3072 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:44:21.0156 3072 Cdaudio - ok
19:44:21.0187 3072 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:44:21.0343 3072 Cdfs - ok
19:44:21.0375 3072 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:44:21.0531 3072 Cdrom - ok
19:44:21.0546 3072 Changer - ok
19:44:21.0578 3072 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:44:21.0734 3072 CiSvc - ok
19:44:21.0765 3072 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:44:21.0937 3072 ClipSrv - ok
19:44:21.0984 3072 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:44:22.0156 3072 clr_optimization_v2.0.50727_32 - ok
19:44:22.0187 3072 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:44:22.0265 3072 clr_optimization_v4.0.30319_32 - ok
19:44:22.0281 3072 CmdIde - ok
19:44:22.0281 3072 COMSysApp - ok
19:44:22.0296 3072 Cpqarray - ok
19:44:22.0328 3072 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:44:22.0468 3072 CryptSvc - ok
19:44:22.0484 3072 dac2w2k - ok
19:44:22.0484 3072 dac960nt - ok
19:44:22.0531 3072 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:44:22.0671 3072 DcomLaunch - ok
19:44:22.0718 3072 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:44:22.0875 3072 Dhcp - ok
19:44:22.0890 3072 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:44:23.0031 3072 Disk - ok
19:44:23.0031 3072 dmadmin - ok
19:44:23.0078 3072 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:44:23.0296 3072 dmboot - ok
19:44:23.0328 3072 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:44:23.0500 3072 dmio - ok
19:44:23.0515 3072 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:44:23.0734 3072 dmload - ok
19:44:23.0781 3072 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:44:23.0921 3072 dmserver - ok
19:44:23.0937 3072 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:44:24.0093 3072 DMusic - ok
19:44:24.0125 3072 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:44:24.0203 3072 Dnscache - ok
19:44:24.0234 3072 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:44:24.0453 3072 Dot3svc - ok
19:44:24.0453 3072 dpti2o - ok
19:44:24.0468 3072 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:44:24.0609 3072 drmkaud - ok
19:44:24.0609 3072 EagleNT - ok
19:44:24.0625 3072 EagleXNt - ok
19:44:24.0640 3072 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:44:24.0765 3072 EapHost - ok
19:44:24.0796 3072 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:44:24.0968 3072 ERSvc - ok
19:44:25.0015 3072 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
19:44:25.0093 3072 Eventlog - ok
19:44:25.0156 3072 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
19:44:25.0281 3072 EventSystem - ok
19:44:25.0453 3072 [ 7CE0422451C4B05A14B642680F525C69 ] F-Secure Gatekeeper C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys
19:44:25.0546 3072 F-Secure Gatekeeper - ok
19:44:25.0562 3072 [ A9BE66E05254B20DF82E0F7CDDECA7DD ] F-Secure Gatekeeper Handler Starter C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
19:44:25.0640 3072 F-Secure Gatekeeper Handler Starter - ok
19:44:25.0687 3072 [ F5ACA65237C7511D5803CDC5E7003D75 ] F-Secure HIPS C:\Program Files\F-Secure\HIPS\drivers\fshs.sys
19:44:25.0718 3072 F-Secure HIPS - ok
19:44:25.0765 3072 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:44:25.0937 3072 Fastfat - ok
19:44:25.0968 3072 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:44:26.0078 3072 FastUserSwitchingCompatibility - ok
19:44:26.0093 3072 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:44:26.0218 3072 Fdc - ok
19:44:26.0250 3072 [ B73EC688C29F81F9DA0FCF63682B3ECB ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
19:44:26.0296 3072 FilterService - ok
19:44:26.0328 3072 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:44:26.0453 3072 Fips - ok
19:44:26.0500 3072 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:44:26.0656 3072 Flpydisk - ok
19:44:26.0687 3072 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:44:26.0812 3072 FltMgr - ok
19:44:26.0890 3072 [ FACECF3F75BAF3775A879D1168402270 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:44:26.0968 3072 FontCache3.0.0.0 - ok
19:44:26.0984 3072 [ 18DA737DD5122A475DA4948ED4643675 ] fsbts C:\WINDOWS\system32\Drivers\fsbts.sys
19:44:27.0031 3072 fsbts - ok
19:44:27.0109 3072 [ 8E0BF7478CC3BAED48282ADBC97ADAFB ] FSDFWD C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
19:44:27.0250 3072 FSDFWD - ok
19:44:27.0265 3072 [ ACA3910A53A057B8C3A6EBF4EF788C7C ] FSFW C:\WINDOWS\system32\drivers\fsdfw.sys
19:44:27.0312 3072 FSFW - ok
19:44:27.0390 3072 [ 392E85687A902239C01BADDF212B1A36 ] FSMA C:\Program Files\F-Secure\Common\FSMA32.EXE
19:44:27.0468 3072 FSMA - ok
19:44:27.0546 3072 [ 42AEF6A385354ACA65FC210CE7CE4D7C ] FSORSPClient C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
19:44:27.0578 3072 FSORSPClient - ok
19:44:27.0609 3072 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:44:27.0765 3072 Fs_Rec - ok
19:44:27.0812 3072 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:44:27.0968 3072 Ftdisk - ok
19:44:27.0968 3072 GMSIPCI - ok
19:44:28.0000 3072 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:44:28.0156 3072 Gpc - ok
19:44:28.0265 3072 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:44:28.0406 3072 gupdate - ok
19:44:28.0437 3072 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:44:28.0500 3072 gupdatem - ok
19:44:28.0546 3072 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:44:28.0656 3072 gusvc - ok
19:44:28.0687 3072 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
19:44:28.0718 3072 hamachi - ok
19:44:28.0812 3072 [ 616399E27A55C97AE859230EB13984D8 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
19:44:29.0015 3072 Hamachi2Svc - ok
19:44:29.0046 3072 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:44:29.0234 3072 HDAudBus - ok
19:44:29.0296 3072 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:44:29.0421 3072 helpsvc - ok
19:44:29.0421 3072 HidServ - ok
19:44:29.0437 3072 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:44:29.0578 3072 HidUsb - ok
19:44:29.0609 3072 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:44:29.0750 3072 hkmsvc - ok
19:44:29.0750 3072 hpn - ok
19:44:29.0765 3072 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
19:44:29.0859 3072 HTCAND32 - ok
19:44:29.0906 3072 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
19:44:29.0968 3072 htcnprot - ok
19:44:30.0015 3072 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:44:30.0156 3072 HTTP - ok
19:44:30.0187 3072 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:44:30.0312 3072 HTTPFilter - ok
19:44:30.0328 3072 i2omgmt - ok
19:44:30.0328 3072 i2omp - ok
19:44:30.0359 3072 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:44:30.0500 3072 i8042prt - ok
19:44:30.0593 3072 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:44:30.0750 3072 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:44:30.0750 3072 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:44:30.0812 3072 [ EA7267505149B3A10DF32506A4E4E412 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:44:30.0953 3072 idsvc ( UnsignedFile.Multi.Generic ) - warning
19:44:30.0953 3072 idsvc - detected UnsignedFile.Multi.Generic (1)
19:44:30.0984 3072 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:44:31.0203 3072 Imapi - ok
19:44:31.0250 3072 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:44:31.0468 3072 ImapiService - ok
19:44:31.0515 3072 [ B87FC7C71632240DAC8F4D20E9CE8377 ] InCDfs C:\WINDOWS\system32\drivers\InCDfs.sys
19:44:31.0562 3072 InCDfs ( UnsignedFile.Multi.Generic ) - warning
19:44:31.0562 3072 InCDfs - detected UnsignedFile.Multi.Generic (1)
19:44:31.0593 3072 [ 2E878405128EC98886EB9C2216AC7BD6 ] InCDPass C:\WINDOWS\system32\DRIVERS\InCDPass.sys
19:44:31.0625 3072 InCDPass ( UnsignedFile.Multi.Generic ) - warning
19:44:31.0625 3072 InCDPass - detected UnsignedFile.Multi.Generic (1)
19:44:31.0656 3072 [ DDF078917A42F105385D7EB6DEBB3433 ] InCDrec C:\WINDOWS\system32\drivers\InCDrec.sys
19:44:31.0703 3072 InCDrec ( UnsignedFile.Multi.Generic ) - warning
19:44:31.0703 3072 InCDrec - detected UnsignedFile.Multi.Generic (1)
19:44:31.0703 3072 [ 7F352360E947AD2CD4BA60DE27B1A299 ] incdrm C:\WINDOWS\system32\drivers\incdrm.sys
19:44:31.0750 3072 incdrm ( UnsignedFile.Multi.Generic ) - warning
19:44:31.0750 3072 incdrm - detected UnsignedFile.Multi.Generic (1)
19:44:31.0812 3072 [ E9372A17C22FC4E5C9FD8798A97775FC ] InCDsrv C:\Program Files\Ahead\InCD\InCDsrv.exe
19:44:31.0937 3072 InCDsrv ( UnsignedFile.Multi.Generic ) - warning
19:44:31.0937 3072 InCDsrv - detected UnsignedFile.Multi.Generic (1)
19:44:31.0953 3072 ini910u - ok
19:44:32.0093 3072 [ 001AACA6ED0E6B00FC5B8FAF74977E81 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:44:32.0437 3072 IntcAzAudAddService - ok
19:44:32.0453 3072 IntelIde - ok
19:44:32.0484 3072 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:44:32.0640 3072 Ip6Fw - ok
19:44:32.0671 3072 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:44:32.0828 3072 IpFilterDriver - ok
19:44:32.0859 3072 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:44:33.0031 3072 IpInIp - ok
19:44:33.0046 3072 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:44:33.0234 3072 IpNat - ok
19:44:33.0281 3072 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:44:33.0515 3072 IPSec - ok
19:44:33.0546 3072 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
19:44:33.0718 3072 irda - ok
19:44:33.0734 3072 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:44:33.0875 3072 IRENUM - ok
19:44:33.0906 3072 [ 8024EA8C5B2D2A4D201F418B0AADB804 ] Irmon C:\WINDOWS\System32\irmon.dll
19:44:34.0062 3072 Irmon - ok
19:44:34.0078 3072 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
19:44:34.0140 3072 irsir - ok
19:44:34.0171 3072 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:44:34.0296 3072 isapnp - ok
19:44:34.0406 3072 [ 77AC10DB097DFD0CD3071465B644D0AB ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
19:44:34.0500 3072 JavaQuickStarterService - ok
19:44:34.0562 3072 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:44:34.0687 3072 Kbdclass - ok
19:44:34.0718 3072 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:44:34.0906 3072 kmixer - ok
19:44:34.0953 3072 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:44:35.0031 3072 KSecDD - ok
19:44:35.0093 3072 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:44:35.0171 3072 lanmanserver - ok
19:44:35.0203 3072 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:44:35.0312 3072 lanmanworkstation - ok
19:44:35.0328 3072 lbrtfdc - ok
19:44:35.0390 3072 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:44:35.0453 3072 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:44:35.0453 3072 LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:44:35.0484 3072 [ 4127E8B6DDB4090E815C1F8852C277D3 ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
19:44:35.0515 3072 lirsgt - ok
19:44:35.0562 3072 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:44:35.0703 3072 LmHosts - ok
19:44:35.0765 3072 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
19:44:35.0812 3072 LVPr2Mon - ok
19:44:35.0843 3072 [ 2333057542C91AE8228BDCCC2E5F2632 ] LVPrcSrv C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
19:44:35.0937 3072 LVPrcSrv - ok
19:44:35.0984 3072 [ A1857FBB9B4930EEB2FD92386C45C529 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
19:44:36.0093 3072 LVRS - ok
19:44:36.0125 3072 [ 5F987FC1AAD215EC2C60CF07719B1CCE ] LVUSBSta C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys
19:44:36.0156 3072 LVUSBSta - ok
19:44:36.0281 3072 [ 3703406AF0726BADD24C5E552493E5B1 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
19:44:36.0562 3072 LVUVC - ok
19:44:36.0593 3072 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\WINDOWS\system32\DRIVERS\mcdbus.sys
19:44:36.0640 3072 mcdbus ( UnsignedFile.Multi.Generic ) - warning
19:44:36.0640 3072 mcdbus - detected UnsignedFile.Multi.Generic (1)
19:44:36.0671 3072 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:44:36.0812 3072 Messenger - ok
19:44:36.0890 3072 Microsoft SharePoint Workspace Audit Service - ok
19:44:36.0921 3072 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:44:37.0062 3072 mnmdd - ok
19:44:37.0093 3072 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:44:37.0265 3072 mnmsrvc - ok
19:44:37.0312 3072 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:44:37.0468 3072 Modem - ok
19:44:37.0484 3072 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:44:37.0640 3072 Mouclass - ok
19:44:37.0656 3072 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:44:37.0796 3072 mouhid - ok
19:44:37.0828 3072 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:44:37.0984 3072 MountMgr - ok
19:44:37.0984 3072 mraid35x - ok
19:44:37.0984 3072 MREMP50 - ok
19:44:38.0000 3072 MREMP50a64 - ok
19:44:38.0000 3072 MREMPR5 - ok
19:44:38.0015 3072 MRENDIS5 - ok
19:44:38.0015 3072 MRESP50 - ok
19:44:38.0015 3072 MRESP50a64 - ok
19:44:38.0046 3072 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:44:38.0234 3072 MRxDAV - ok
19:44:38.0250 3072 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:44:38.0531 3072 MRxSmb - ok
19:44:38.0578 3072 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:44:38.0781 3072 MSDTC - ok
19:44:38.0812 3072 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:44:38.0968 3072 Msfs - ok
19:44:38.0968 3072 MSIServer - ok
19:44:39.0000 3072 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:44:39.0156 3072 MSKSSRV - ok
19:44:39.0187 3072 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:44:39.0312 3072 MSPCLOCK - ok
19:44:39.0343 3072 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:44:39.0453 3072 MSPQM - ok
19:44:39.0484 3072 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:44:39.0625 3072 mssmbios - ok
19:44:39.0671 3072 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:44:39.0718 3072 MSTEE - ok
19:44:39.0750 3072 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:44:39.0859 3072 Mup - ok
19:44:39.0890 3072 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:44:39.0953 3072 NABTSFEC - ok
19:44:39.0984 3072 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:44:40.0203 3072 napagent - ok
19:44:40.0234 3072 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:44:40.0437 3072 NDIS - ok
19:44:40.0468 3072 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:44:40.0531 3072 NdisIP - ok
19:44:40.0562 3072 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:44:40.0640 3072 NdisTapi - ok
19:44:40.0671 3072 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:44:40.0781 3072 Ndisuio - ok
19:44:40.0796 3072 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:44:40.0921 3072 NdisWan - ok
19:44:40.0937 3072 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:44:41.0015 3072 NDProxy - ok
19:44:41.0046 3072 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:44:41.0171 3072 NetBIOS - ok
19:44:41.0203 3072 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:44:41.0437 3072 NetBT - ok
19:44:41.0468 3072 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
19:44:41.0687 3072 NetDDE - ok
19:44:41.0703 3072 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:44:41.0843 3072 NetDDEdsdm - ok
19:44:41.0875 3072 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:44:42.0000 3072 Netlogon - ok
19:44:42.0031 3072 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
19:44:42.0171 3072 Netman - ok
19:44:42.0218 3072 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:44:42.0281 3072 NetTcpPortSharing - ok
19:44:42.0312 3072 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:44:42.0437 3072 NIC1394 - ok
19:44:42.0484 3072 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
19:44:42.0578 3072 Nla - ok
19:44:42.0593 3072 [ 4A8A2AA0706B659175169DECF198E9D7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
19:44:42.0750 3072 nmwcd - ok
19:44:42.0765 3072 [ FD3E61831095AC62E6840D986B5A2016 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
19:44:42.0843 3072 nmwcdc - ok
19:44:42.0875 3072 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:44:43.0015 3072 Npfs - ok
19:44:43.0046 3072 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:44:43.0296 3072 Ntfs - ok
19:44:43.0328 3072 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:44:43.0437 3072 NtLmSsp - ok
19:44:43.0484 3072 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:44:43.0796 3072 NtmsSvc - ok
19:44:43.0843 3072 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:44:44.0015 3072 Null - ok
19:44:44.0140 3072 [ BA1B732C1A70CFEA0C1B64F2850BF44F ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:44:44.0562 3072 nv - ok
19:44:44.0609 3072 [ C03E15101F6D9E82CD9B0E7D715F5DE3 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
19:44:44.0640 3072 nvata - ok
19:44:44.0687 3072 [ CC34564BCA235EBAD8B308D871EFA2DF ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
19:44:44.0781 3072 NVENETFD - ok
19:44:44.0812 3072 [ 46FDB8D07DD4FC81093B0ACB243A525D ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
19:44:44.0875 3072 nvnetbus - ok
19:44:44.0906 3072 [ 0FEBE37DB6650FAA5965C00545009D1D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:44:45.0031 3072 NVSvc - ok
19:44:45.0062 3072 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:44:45.0234 3072 NwlnkFlt - ok
19:44:45.0250 3072 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:44:45.0421 3072 NwlnkFwd - ok
19:44:45.0515 3072 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:44:45.0687 3072 odserv - ok
19:44:45.0734 3072 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:44:45.0890 3072 ohci1394 - ok
19:44:45.0937 3072 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:44:46.0015 3072 ose - ok
19:44:46.0203 3072 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:44:46.0718 3072 osppsvc - ok
19:44:46.0750 3072 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:44:46.0921 3072 Parport - ok
19:44:46.0937 3072 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:44:47.0078 3072 PartMgr - ok
19:44:47.0093 3072 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:44:47.0250 3072 ParVdm - ok
19:44:47.0281 3072 [ 68139940B5AC84AFFB7EB1B713BE66E7 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
19:44:47.0312 3072 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
19:44:47.0312 3072 PassThru Service - detected UnsignedFile.Multi.Generic (1)
19:44:47.0328 3072 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
19:44:47.0375 3072 pccsmcfd - ok
19:44:47.0390 3072 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:44:47.0546 3072 PCI - ok
19:44:47.0562 3072 PCIDump - ok
19:44:47.0578 3072 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:44:47.0718 3072 PCIIde - ok
19:44:47.0750 3072 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:44:47.0875 3072 Pcmcia - ok
19:44:47.0875 3072 PDCOMP - ok
19:44:47.0890 3072 PDFRAME - ok
19:44:47.0890 3072 PDRELI - ok
19:44:47.0906 3072 PDRFRAME - ok
19:44:47.0906 3072 perc2 - ok
19:44:47.0921 3072 perc2hib - ok
19:44:47.0968 3072 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
19:44:48.0015 3072 PlugPlay - ok
19:44:48.0015 3072 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:44:48.0140 3072 PolicyAgent - ok
19:44:48.0171 3072 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:44:48.0296 3072 PptpMiniport - ok
19:44:48.0312 3072 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:44:48.0437 3072 Processor - ok
19:44:48.0453 3072 [ 18D9789A4664BF417EEA944D2776091A ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
19:44:48.0500 3072 prodrv06 ( UnsignedFile.Multi.Generic ) - warning
19:44:48.0500 3072 prodrv06 - detected UnsignedFile.Multi.Generic (1)
19:44:48.0531 3072 [ 8CC9671A7ED2902E747EE0892E1C8575 ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
19:44:48.0609 3072 prohlp02 ( UnsignedFile.Multi.Generic ) - warning
19:44:48.0609 3072 prohlp02 - detected UnsignedFile.Multi.Generic (1)
19:44:48.0640 3072 [ 960BCE3ED38761B446AABAC06C76BADF ] prosync1 C:\WINDOWS\system32\drivers\prosync1.sys
19:44:48.0656 3072 prosync1 ( UnsignedFile.Multi.Generic ) - warning
19:44:48.0656 3072 prosync1 - detected UnsignedFile.Multi.Generic (1)
19:44:48.0687 3072 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:44:48.0796 3072 ProtectedStorage - ok
19:44:48.0828 3072 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:44:48.0937 3072 PSched - ok
19:44:48.0968 3072 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:44:49.0109 3072 Ptilink - ok
19:44:49.0125 3072 ql1080 - ok
19:44:49.0125 3072 Ql10wnt - ok
19:44:49.0140 3072 ql12160 - ok
19:44:49.0140 3072 ql1240 - ok
19:44:49.0156 3072 ql1280 - ok
19:44:49.0171 3072 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:44:49.0343 3072 RasAcd - ok
19:44:49.0375 3072 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:44:49.0500 3072 RasAuto - ok
19:44:49.0531 3072 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
19:44:49.0609 3072 Rasirda - ok
19:44:49.0609 3072 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:44:49.0750 3072 Rasl2tp - ok
19:44:49.0781 3072 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:44:49.0953 3072 RasMan - ok
19:44:49.0953 3072 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:44:50.0062 3072 RasPppoe - ok
19:44:50.0078 3072 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:44:50.0265 3072 Raspti - ok
19:44:50.0281 3072 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:44:50.0453 3072 Rdbss - ok
19:44:50.0484 3072 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:44:50.0640 3072 RDPCDD - ok
19:44:50.0687 3072 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:44:50.0796 3072 RDPWD - ok
19:44:50.0828 3072 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:44:51.0093 3072 RDSessMgr - ok
19:44:51.0140 3072 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:44:51.0265 3072 redbook - ok
19:44:51.0328 3072 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:44:51.0453 3072 RemoteAccess - ok
19:44:51.0484 3072 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
19:44:51.0640 3072 ROOTMODEM - ok
19:44:51.0671 3072 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:44:51.0812 3072 RpcLocator - ok
19:44:51.0843 3072 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:44:51.0953 3072 RpcSs - ok
19:44:51.0968 3072 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:44:52.0234 3072 RSVP - ok
19:44:52.0265 3072 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:44:52.0359 3072 rtl8139 - ok
19:44:52.0390 3072 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
19:44:52.0500 3072 SamSs - ok
19:44:52.0531 3072 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:44:52.0781 3072 SCardSvr - ok
19:44:52.0812 3072 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:44:52.0968 3072 Schedule - ok
19:44:53.0015 3072 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:44:53.0140 3072 Secdrv - ok
19:44:53.0156 3072 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:44:53.0281 3072 seclogon - ok
19:44:53.0296 3072 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
19:44:53.0437 3072 SENS - ok
19:44:53.0453 3072 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:44:53.0593 3072 serenum - ok
19:44:53.0609 3072 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:44:53.0750 3072 Serial - ok
19:44:53.0828 3072 [ 77FAA749C34193F003F666D2E368A1F8 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
19:44:53.0968 3072 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
19:44:53.0968 3072 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
19:44:54.0046 3072 [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
19:44:54.0078 3072 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
19:44:54.0078 3072 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
19:44:54.0125 3072 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
19:44:54.0140 3072 sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
19:44:54.0140 3072 sfhlp01 - detected UnsignedFile.Multi.Generic (1)
19:44:54.0156 3072 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
19:44:54.0171 3072 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
19:44:54.0171 3072 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
19:44:54.0203 3072 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:44:54.0312 3072 Sfloppy - ok
19:44:54.0328 3072 [ 6120E41228A3718D8376437FE135DD4D ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
19:44:54.0359 3072 sfsync02 ( UnsignedFile.Multi.Generic ) - warning
19:44:54.0359 3072 sfsync02 - detected UnsignedFile.Multi.Generic (1)
19:44:54.0359 3072 [ D5A7E09D2C6A702809E49190D52ADC9F ] sfvfs02 C:\WINDOWS\system32\drivers\sfvfs02.sys
19:44:54.0390 3072 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
19:44:54.0390 3072 sfvfs02 - detected UnsignedFile.Multi.Generic (1)
19:44:54.0437 3072 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:44:54.0593 3072 SharedAccess - ok
19:44:54.0625 3072 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:44:54.0703 3072 ShellHWDetection - ok
19:44:54.0718 3072 Simbad - ok
19:44:54.0750 3072 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:44:54.0796 3072 SLIP - ok
19:44:54.0828 3072 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
19:44:54.0968 3072 SONYPVU1 - ok
19:44:54.0984 3072 Sparrow - ok
19:44:55.0015 3072 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:44:55.0125 3072 splitter - ok
19:44:55.0171 3072 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:44:55.0281 3072 Spooler - ok
19:44:55.0343 3072 [ 0C1DAD75274CB6E31F053CE3E08BF9C3 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
19:44:55.0343 3072 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 0C1DAD75274CB6E31F053CE3E08BF9C3
19:44:55.0343 3072 sptd ( LockedFile.Multi.Generic ) - warning
19:44:55.0343 3072 sptd - detected LockedFile.Multi.Generic (1)
19:44:55.0359 3072 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:44:55.0484 3072 sr - ok
19:44:55.0531 3072 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
19:44:55.0734 3072 srservice - ok
19:44:55.0781 3072 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:44:55.0875 3072 Srv - ok
19:44:55.0921 3072 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:44:56.0046 3072 SSDPSRV - ok
19:44:56.0046 3072 StarWindServiceAE - ok
19:44:56.0078 3072 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:44:56.0250 3072 stisvc - ok
19:44:56.0296 3072 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:44:56.0328 3072 streamip - ok
19:44:56.0343 3072 stwlfbus - ok
19:44:56.0375 3072 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:44:56.0500 3072 swenum - ok
19:44:56.0531 3072 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:44:56.0671 3072 swmidi - ok
19:44:56.0671 3072 SwPrv - ok
19:44:56.0687 3072 symc810 - ok
19:44:56.0687 3072 symc8xx - ok
19:44:56.0687 3072 sym_hi - ok
19:44:56.0703 3072 sym_u3 - ok
19:44:56.0718 3072 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:44:56.0843 3072 sysaudio - ok
19:44:56.0890 3072 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:44:57.0093 3072 SysmonLog - ok
19:44:57.0125 3072 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:44:57.0281 3072 TapiSrv - ok
19:44:57.0328 3072 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:44:57.0500 3072 Tcpip - ok
19:44:57.0531 3072 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:44:57.0640 3072 TDPIPE - ok
19:44:57.0671 3072 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:44:57.0796 3072 TDTCP - ok
19:44:57.0812 3072 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:44:57.0953 3072 TermDD - ok
19:44:58.0031 3072 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
19:44:58.0203 3072 TermService - ok
19:44:58.0234 3072 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:44:58.0296 3072 Themes - ok
19:44:58.0312 3072 TosIde - ok
19:44:58.0328 3072 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:44:58.0453 3072 TrkWks - ok
19:44:58.0468 3072 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:44:58.0625 3072 Udfs - ok
19:44:58.0640 3072 ultra - ok
19:44:58.0671 3072 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:44:58.0875 3072 Update - ok
19:44:58.0906 3072 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
19:44:59.0078 3072 upnphost - ok
19:44:59.0093 3072 [ 587E643A4E2FFD9A00F114B057CEB773 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
19:44:59.0171 3072 upperdev - ok
19:44:59.0218 3072 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
19:44:59.0328 3072 UPS - ok
19:44:59.0359 3072 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:44:59.0500 3072 usbaudio - ok
19:44:59.0515 3072 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:44:59.0656 3072 usbccgp - ok
19:44:59.0671 3072 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:44:59.0796 3072 usbehci - ok
19:44:59.0828 3072 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:44:59.0968 3072 usbhub - ok
19:44:59.0984 3072 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:45:00.0093 3072 usbohci - ok
19:45:00.0125 3072 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
19:45:00.0234 3072 usbser - ok
19:45:00.0250 3072 [ FCA6A196D47CB972A0E4ADC0DB9CD17C ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
19:45:00.0328 3072 UsbserFilt - ok
19:45:00.0359 3072 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:45:00.0484 3072 USBSTOR - ok
19:45:00.0515 3072 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
19:45:00.0640 3072 usbvideo - ok
19:45:00.0671 3072 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
19:45:00.0781 3072 usb_rndisx - ok
19:45:00.0796 3072 VClone - ok
19:45:00.0812 3072 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:45:00.0953 3072 VgaSave - ok
19:45:00.0953 3072 ViaIde - ok
19:45:00.0984 3072 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:45:01.0156 3072 VolSnap - ok
19:45:01.0187 3072 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
19:45:01.0484 3072 VSS - ok
19:45:01.0515 3072 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
19:45:01.0671 3072 W32Time - ok
19:45:01.0718 3072 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:45:01.0843 3072 Wanarp - ok
19:45:01.0890 3072 [ 4769596D7CC0F5FA447D2BABC239672A ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
19:45:02.0046 3072 Wdf01000 - ok
19:45:02.0062 3072 WDICA - ok
19:45:02.0078 3072 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:45:02.0218 3072 wdmaud - ok
19:45:02.0250 3072 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:45:02.0390 3072 WebClient - ok
19:45:02.0468 3072 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:45:02.0625 3072 winmgmt - ok
19:45:02.0671 3072 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:45:02.0812 3072 WmdmPmSN - ok
19:45:02.0859 3072 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:45:03.0015 3072 WmiApSrv - ok
19:45:03.0109 3072 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:45:03.0281 3072 WMPNetworkSvc - ok
19:45:03.0312 3072 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:45:03.0359 3072 WpdUsb - ok
19:45:03.0468 3072 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:45:03.0687 3072 WPFFontCache_v0400 - ok
19:45:03.0734 3072 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:45:03.0875 3072 wscsvc - ok
19:45:03.0906 3072 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:45:03.0953 3072 WSTCODEC - ok
19:45:03.0953 3072 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:45:04.0078 3072 wuauserv - ok
19:45:04.0109 3072 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:45:04.0171 3072 WudfPf - ok
19:45:04.0203 3072 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:45:04.0265 3072 WudfRd - ok
19:45:04.0281 3072 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:45:04.0312 3072 WudfSvc - ok
19:45:04.0359 3072 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:45:04.0578 3072 WZCSVC - ok
19:45:04.0578 3072 xcpip - ok
19:45:04.0609 3072 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:45:04.0750 3072 xmlprov - ok
19:45:04.0765 3072 xpsec - ok
19:45:04.0796 3072 ================ Scan global ===============================
19:45:04.0828 3072 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
19:45:04.0875 3072 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
19:45:04.0890 3072 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
19:45:04.0937 3072 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
19:45:04.0937 3072 [Global] - ok
19:45:04.0937 3072 ================ Scan MBR ==================================
19:45:04.0968 3072 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
19:45:05.0125 3072 \Device\Harddisk0\DR0 - ok
19:45:05.0125 3072 ================ Scan VBR ==================================
19:45:05.0125 3072 [ C4A233AA4DA20B2AB098DC15AD0C7379 ] \Device\Harddisk0\DR0\Partition1
19:45:05.0140 3072 \Device\Harddisk0\DR0\Partition1 - ok
19:45:05.0140 3072 ============================================================
19:45:05.0140 3072 Scan finished
19:45:05.0140 3072 ============================================================
19:45:05.0250 3064 Detected object count: 21
19:45:05.0250 3064 Actual detected object count: 21
19:45:23.0031 3064 AsAudioDevice_351 ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0031 3064 AsAudioDevice_351 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0031 3064 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0031 3064 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0031 3064 idsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0031 3064 idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0031 3064 InCDfs ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0031 3064 InCDfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 InCDPass ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 InCDPass ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 InCDrec ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 InCDrec ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 incdrm ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 incdrm ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 InCDsrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 InCDsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0046 3064 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:23.0046 3064 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:45:23.0062 3064 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:45:23.0062 3064 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:45:26.0015 2412 Deinitialize success
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#10 Příspěvek od BattleMaster33 »

Neee...já už myslel, že jsem se toho zbavil :(
Dobře, zkusím to.
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#11 Příspěvek od BattleMaster33 »

Bohužel, když máčknu na Report, tak mi počítač totálně zamrzá a musím reset přes tlačítko na bedně.
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#12 Příspěvek od BattleMaster33 »

Použil jsem Avanger; log:

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Driver "xpsec" deleted successfully.
Driver "xcpip" deleted successfully.
Driver "0zx_fqi6i.sys" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.



Log Z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vláďa at 2013-02-03 01:10:38
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 200 GB (65%) free of 305 GB
Total RAM: 2047 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:10:47, on 3.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\F-Secure\Common\FSHDLL32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Vláďa\Plocha\RSIT.exe
C:\Program Files\trend micro\Vláďa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://download11.managerzone.com/socce ... Loader.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)

--
End of file - 11030 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1294935756-1728218303-3573497230-1005.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1294935756-1728218303-3573497230-1006.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1294935756-1728218303-3573497230-1007.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1294935756-1728218303-3573497230-1005.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1294935756-1728218303-3573497230-1006.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1294935756-1728218303-3573497230-1007.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Vláďa\Data aplikací\Mozilla\Firefox\Profiles\wlbxj8q0.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, firefox@tvunetworks.com:2, 5, 3, 1, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.1.6&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.135 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\Program Files\TVUPlayer\npTVUAx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609]
"Description"=12.0.1.609
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
NPOFF12.DLL
nppl3260.dll
nprjplug.dll
nprpjplug.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Vláďa\Data aplikací\Mozilla\Firefox\Profiles\wlbxj8q0.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}

C:\Documents and Settings\Vláďa\Data aplikací\Mozilla\Firefox\Profiles\wlbxj8q0.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-01-19 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2010-03-16 321312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2013-01-10 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-16 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-16 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-12-19 16062464]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2006-11-02 1397760]
"LGODDFU"=C:\Program Files\lg_fwupdate\fwupdate.exe [2005-04-12 229376]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2009-08-05 199264]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2009-08-05 2349664]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-01-19 274608]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-10 2254768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"PowerBar"= []
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2006-02-10 2048000]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-19 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2010-02-28 519584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-08-22 593920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
C:\Program Files\Logitech\Vid HD\Vid.exe [2011-01-13 6129496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-19 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Vláďa^Nabídka Start^Programy^Po spuštění^FIFA 11 Registration.lnk]
C:\PROGRA~1\EASPOR~1\FIFA11~2\Support\EAREGI~1.EXE /remind /language=ENB /PRID=DR:185015500 /WHPR=FIFA 11 /PRNM=Electronic Arts Product []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Vláďa^Nabídka Start^Programy^Po spuštění^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ICQ Service"=2
"Hamachi2Svc"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\38330892.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\38330892.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Vláďa\Plocha\Condition Zero\czero.exe"="C:\Documents and Settings\Vláďa\Plocha\Condition Zero\czero.exe:*:Enabled:czero.exe"
"C:\Documents and Settings\Vláďa\Dokumenty\Condition Zero\czero.exe"="C:\Documents and Settings\Vláďa\Dokumenty\Condition Zero\czero.exe:*:Enabled:Condition Zero Launcher"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\Program Files\TrackMania Original Demo\TmOriginalDemo.exe"="C:\Program Files\TrackMania Original Demo\TmOriginalDemo.exe:*:Enabled:TmOriginalDemo"
"C:\Program Files\THQ\Dawn of War - Winter Assault Demo\WinterAssault.exe"="C:\Program Files\THQ\Dawn of War - Winter Assault Demo\WinterAssault.exe:*:Enabled:WinterAssault"
"C:\Q3Ademo\quake3.exe"="C:\Q3Ademo\quake3.exe:*:Enabled:quake3"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Activision\Call of Duty 4 Modern Warfare\Setup\Data\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 Modern Warfare\Setup\Data\iw3mp.exe:*:Enabled:iw3mp"
"C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe"="C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Enabled:DarkCrusade"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\EA SPORTS\FIFA 09\FIFA09.exe"="C:\Program Files\EA SPORTS\FIFA 09\FIFA09.exe:*:Enabled:FIFA09"
"C:\Program Files\EA GAMES\Command & Conquer The First Decade\Command & Conquer(tm) Generals Zero Hour\generals.exe"="C:\Program Files\EA GAMES\Command & Conquer The First Decade\Command & Conquer(tm) Generals Zero Hour\generals.exe:*:Enabled:generals"
"C:\Program Files\EA GAMES\Command & Conquer The First Decade\Command & Conquer(tm) Generals\game.dat"="C:\Program Files\EA GAMES\Command & Conquer The First Decade\Command & Conquer(tm) Generals\game.dat:*:Enabled:game"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Gameforge4D\AirRivals_EN\Launcher.atm"="C:\Program Files\Gameforge4D\AirRivals_EN\Launcher.atm:Enabled:GameExe2"
"C:\Program Files\Gameforge4D\AirRivals_EN\Res-Voip\SCVoIP.exe"="C:\Program Files\Gameforge4D\AirRivals_EN\Res-Voip\SCVoIP.exe:Enabled:GameVoIP"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Ubisoft\Heroes of Might and Magic V\bin\H5_MapEditor.exe"="C:\Program Files\Ubisoft\Heroes of Might and Magic V\bin\H5_MapEditor.exe:*:Enabled:Heroes of Might and Magic V Editor map"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Logitech\Vid HD\Vid.exe"="C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path]
"Debugger="

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=lvcodec2.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"VIDC.FPS1"=frapsvid.dll
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.scr - open - "%1" /S "%3"

======List of files/folders created in the last 1 month======

2013-02-03 01:10:38 ----D---- C:\rsit
2013-02-03 01:10:38 ----D---- C:\Program Files\trend micro
2013-02-03 00:30:12 ----D---- C:\Avenger
2013-02-03 00:30:12 ----A---- C:\avenger.txt
2013-02-02 19:44:07 ----A---- C:\TDSSKiller.2.8.15.0_02.02.2013_19.44.07_log.txt
2013-02-02 19:15:34 ----D---- C:\TDSSKiller_Quarantine
2013-02-02 19:12:03 ----A---- C:\TDSSKiller.2.8.15.0_02.02.2013_19.12.03_log.txt
2013-02-02 12:32:12 ----A---- C:\TDSSKiller.2.8.15.0_02.02.2013_12.32.12_log.txt
2013-01-16 23:56:12 ----D---- C:\Program Files\K-Lite Codec Pack
2013-01-16 23:55:55 ----D---- C:\Program Files\YouTube Song Downloader
2013-01-16 21:24:46 ----A---- C:\WINDOWS\system32\lame_enc.dll
2013-01-16 21:15:58 ----D---- C:\Documents and Settings\Vláďa\Data aplikací\Audacity
2013-01-16 21:15:24 ----D---- C:\Program Files\Audacity
2013-01-14 17:08:21 ----D---- C:\Program Files\LogMeIn Hamachi
2013-01-11 14:37:50 ----D---- C:\Documents and Settings\Vláďa\Data aplikací\Malwarebytes
2013-01-11 14:37:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-01-11 14:31:53 ----A---- C:\WINDOWS\system32\drivers\TrufosAlt.sys
2013-01-09 23:44:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$
2013-01-07 18:37:10 ----D---- C:\Program Files\ElcomSoft
2013-01-07 17:22:59 ----D---- C:\Documents and Settings\Vláďa\Data aplikací\iWesoft
2013-01-07 17:09:01 ----A---- C:\WINDOWS\winDecrypt.INI
2013-01-07 17:03:03 ----D---- C:\Program Files\Freeware PDF Unlocker

======List of files/folders modified in the last 1 month======

2013-02-03 01:10:47 ----D---- C:\WINDOWS\Prefetch
2013-02-03 01:10:38 ----RD---- C:\Program Files
2013-02-03 01:04:04 ----D---- C:\Program Files\lg_fwupdate
2013-02-03 00:32:23 ----A---- C:\WINDOWS\lgfwup.ini
2013-02-03 00:32:08 ----SD---- C:\WINDOWS\Tasks
2013-02-03 00:30:59 ----D---- C:\WINDOWS\system32\logishrd
2013-02-03 00:30:12 ----D---- C:\WINDOWS\system32\drivers
2013-02-03 00:30:12 ----D---- C:\WINDOWS\system32
2013-02-03 00:29:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-02 20:02:34 ----D---- C:\WINDOWS\Temp
2013-02-02 19:44:15 ----D---- C:\WINDOWS\system32\CatRoot2
2013-02-02 14:07:06 ----SHD---- C:\WINDOWS\Installer
2013-02-02 14:07:06 ----SHD---- C:\Config.Msi
2013-02-02 14:07:05 ----D---- C:\WINDOWS\system32\en-us
2013-02-02 14:07:04 ----D---- C:\WINDOWS\system32\XPSViewer
2013-02-01 14:57:59 ----D---- C:\WINDOWS
2013-02-01 14:09:57 ----D---- C:\Program Files\The Creative Assembly
2013-02-01 14:08:52 ----D---- C:\WINDOWS\Minidump
2013-02-01 13:46:37 ----HD---- C:\Program Files\InstallShield Installation Information
2013-02-01 13:46:37 ----D---- C:\Program Files\Ubisoft
2013-02-01 13:45:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Origin
2013-02-01 13:36:09 ----A---- C:\WINDOWS\NeroDigital.ini
2013-01-31 16:37:16 ----HD---- C:\WINDOWS\inf
2013-01-31 16:25:56 ----D---- C:\Program Files\HLSW
2013-01-31 16:22:09 ----D---- C:\Program Files\Google
2013-01-31 16:21:06 ----D---- C:\Program Files\GameSpy Arcade
2013-01-31 16:13:45 ----D---- C:\Program Files\Common Files\BioWare
2013-01-31 16:12:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2013-01-31 16:12:38 ----D---- C:\Program Files\DivX
2013-01-31 16:12:33 ----D---- C:\Program Files\Common Files
2013-01-31 16:10:36 ----D---- C:\Program Files\Codec Pack - All In 1
2013-01-31 16:06:11 ----D---- C:\Program Files\AviSynth 2.5
2013-01-31 16:04:46 ----D---- C:\Documents and Settings\Vláďa\Data aplikací\Ubisoft
2013-01-31 16:04:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2013-01-31 16:03:40 ----D---- C:\Program Files\Adobe
2013-01-29 22:42:35 ----D---- C:\WINDOWS\Help
2013-01-29 20:30:48 ----D---- C:\Program Files\Mozilla Firefox
2013-01-21 16:37:12 ----D---- C:\WINDOWS\Debug
2013-01-20 16:27:43 ----D---- C:\Documents and Settings\Vláďa\Data aplikací\gtk-2.0
2013-01-18 13:26:28 ----RSD---- C:\WINDOWS\assembly
2013-01-18 13:22:55 ----D---- C:\WINDOWS\Microsoft.NET
2013-01-17 23:21:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-01-17 23:21:09 ----D---- C:\WINDOWS\WinSxS
2013-01-17 23:09:59 ----D---- C:\Documents and Settings\Vláďa\Data aplikací\Skype
2013-01-15 23:47:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-01-15 23:46:41 ----HD---- C:\WINDOWS\$hf_mig$
2013-01-14 16:56:45 ----RASH---- C:\boot.ini
2013-01-14 16:56:45 ----A---- C:\WINDOWS\win.ini
2013-01-14 16:56:45 ----A---- C:\WINDOWS\system.ini
2013-01-11 15:15:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2013-01-09 23:40:31 ----A---- C:\WINDOWS\system32\MRT.exe
2013-01-06 06:33:55 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fsbts;fsbts; C:\WINDOWS\system32\Drivers\fsbts.sys [2012-12-31 44240]
R0 FSFW;F-Secure Firewall Driver; C:\WINDOWS\System32\drivers\fsdfw.sys [2010-12-29 82120]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-02-21 19968]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-04-03 715248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys []
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-11-02 28672]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-10-01 278984]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-10-01 25416]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys []
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-12-21 4405248]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 LVPr2Mon;LVPr2Mon Driver; C:\WINDOWS\system32\Drivers\LVPr2Mon.sys [2010-05-07 25824]
R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2010-11-10 283744]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2008-12-17 41752]
R3 LVUVC;Logitech QuickCam Pro 9000(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2010-11-10 4323040]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-22 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-22 18944]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S0 stwlfbus;stwlfbus; C:\WINDOWS\system32\DRIVERS\stwlfbus.sys []
S1 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys []
S3 acj7ch7j;acj7ch7j; C:\WINDOWS\system32\drivers\acj7ch7j.sys []
S3 AsAudioDevice_351;AsAudioDevice_351; C:\WINDOWS\system32\drivers\AsAudioDevice_351.sys [2009-01-08 16640]
S3 avsrjol9;avsrjol9; C:\WINDOWS\system32\drivers\avsrjol9.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2009-10-07 23832]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HTCAND32;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2010-06-22 21248]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-01-19 503144]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2009-08-05 215648]
R2 FSMA;FSMA; C:\Program Files\F-Secure\Common\FSMA32.EXE [2009-08-05 186976]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 1435568]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-16 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2010-04-27 522848]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2011-09-07 61088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-04 135664]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-04 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------


Po použití Avangeru se mi, jak jsi říkal, počítač 2x restartoval, ale poté mi vyskočila chybová hláška o chybějícím disku. Pokračovat nešlo, po opětovném máčknutí storno hláška zmizela. Mohl bys mi, prosím, říct co to bylo?
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#13 Příspěvek od BattleMaster33 »

Tak jsem znovu restartoval počítač a ošklivej bubák s hláškou už na mě nevyskočil :)...celý počítač jede mnohem MNOHEM rychleji.
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#14 Příspěvek od BattleMaster33 »

Tady to je:

14:05:09.0609 2116 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:05:09.0859 2116 ============================================================
14:05:09.0859 2116 Current date / time: 2013/02/03 14:05:09.0859
14:05:09.0859 2116 SystemInfo:
14:05:09.0859 2116
14:05:09.0859 2116 OS Version: 5.1.2600 ServicePack: 3.0
14:05:09.0859 2116 Product type: Workstation
14:05:09.0859 2116 ComputerName: KOCIANOVI
14:05:09.0859 2116 UserName: Vláďa
14:05:09.0859 2116 Windows directory: C:\WINDOWS
14:05:09.0859 2116 System windows directory: C:\WINDOWS
14:05:09.0859 2116 Processor architecture: Intel x86
14:05:09.0859 2116 Number of processors: 1
14:05:09.0859 2116 Page size: 0x1000
14:05:09.0859 2116 Boot type: Normal boot
14:05:09.0859 2116 ============================================================
14:05:10.0250 2116 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:05:10.0265 2116 ============================================================
14:05:10.0265 2116 \Device\Harddisk0\DR0:
14:05:10.0265 2116 MBR partitions:
14:05:10.0265 2116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
14:05:10.0265 2116 ============================================================
14:05:10.0281 2116 C: <-> \Device\Harddisk0\DR0\Partition1
14:05:10.0281 2116 ============================================================
14:05:10.0281 2116 Initialize success
14:05:10.0281 2116 ============================================================
14:05:14.0218 2568 ============================================================
14:05:14.0218 2568 Scan started
14:05:14.0218 2568 Mode: Manual; SigCheck; TDLFS;
14:05:14.0218 2568 ============================================================
14:05:14.0296 2568 ================ Scan system memory ========================
14:05:16.0921 2568 System memory - ok
14:05:16.0921 2568 ================ Scan services =============================
14:05:17.0062 2568 Abiosdsk - ok
14:05:17.0062 2568 abp480n5 - ok
14:05:17.0125 2568 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:05:18.0546 2568 ACPI - ok
14:05:18.0593 2568 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:05:18.0875 2568 ACPIEC - ok
14:05:18.0875 2568 adpu160m - ok
14:05:18.0906 2568 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:05:19.0109 2568 aec - ok
14:05:19.0140 2568 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:05:19.0390 2568 AFD - ok
14:05:19.0406 2568 Aha154x - ok
14:05:19.0406 2568 aic78u2 - ok
14:05:19.0421 2568 aic78xx - ok
14:05:19.0437 2568 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:05:19.0593 2568 Alerter - ok
14:05:19.0609 2568 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
14:05:19.0812 2568 ALG - ok
14:05:19.0812 2568 AliIde - ok
14:05:19.0859 2568 [ FCFFA85CFD4BF7A4711012847048DCA3 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
14:05:19.0937 2568 AmdK8 - ok
14:05:19.0937 2568 amsint - ok
14:05:19.0953 2568 AppMgmt - ok
14:05:19.0968 2568 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:05:20.0125 2568 Arp1394 - ok
14:05:20.0140 2568 [ 23020385D34E35DFC2D6503FA67D3FFC ] AsAudioDevice_351 C:\WINDOWS\system32\drivers\AsAudioDevice_351.sys
14:05:20.0187 2568 AsAudioDevice_351 ( UnsignedFile.Multi.Generic ) - warning
14:05:20.0187 2568 AsAudioDevice_351 - detected UnsignedFile.Multi.Generic (1)
14:05:20.0203 2568 asc - ok
14:05:20.0203 2568 asc3350p - ok
14:05:20.0218 2568 asc3550 - ok
14:05:20.0312 2568 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:05:20.0390 2568 aspnet_state - ok
14:05:20.0406 2568 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:05:20.0578 2568 AsyncMac - ok
14:05:20.0625 2568 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:05:20.0859 2568 atapi - ok
14:05:20.0859 2568 Atdisk - ok
14:05:20.0890 2568 [ 3C4B9850A2631C2263507400D029057B ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
14:05:21.0031 2568 atksgt - ok
14:05:21.0046 2568 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:05:21.0203 2568 Atmarpc - ok
14:05:21.0234 2568 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:05:21.0390 2568 AudioSrv - ok
14:05:21.0406 2568 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:05:21.0578 2568 audstub - ok
14:05:21.0609 2568 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:05:21.0812 2568 Beep - ok
14:05:21.0859 2568 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
14:05:22.0093 2568 BITS - ok
14:05:22.0125 2568 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
14:05:22.0250 2568 Browser - ok
14:05:22.0281 2568 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:05:22.0421 2568 cbidf2k - ok
14:05:22.0453 2568 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:05:22.0515 2568 CCDECODE - ok
14:05:22.0515 2568 cd20xrnt - ok
14:05:22.0546 2568 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:05:22.0781 2568 Cdaudio - ok
14:05:22.0796 2568 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:05:22.0937 2568 Cdfs - ok
14:05:22.0953 2568 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:05:23.0109 2568 Cdrom - ok
14:05:23.0109 2568 Changer - ok
14:05:23.0140 2568 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:05:23.0296 2568 CiSvc - ok
14:05:23.0312 2568 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:05:23.0468 2568 ClipSrv - ok
14:05:23.0500 2568 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:05:23.0625 2568 clr_optimization_v2.0.50727_32 - ok
14:05:23.0656 2568 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:05:23.0718 2568 clr_optimization_v4.0.30319_32 - ok
14:05:23.0734 2568 CmdIde - ok
14:05:23.0734 2568 COMSysApp - ok
14:05:23.0750 2568 Cpqarray - ok
14:05:23.0765 2568 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:05:23.0921 2568 CryptSvc - ok
14:05:23.0921 2568 dac2w2k - ok
14:05:23.0921 2568 dac960nt - ok
14:05:23.0968 2568 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:05:24.0125 2568 DcomLaunch - ok
14:05:24.0156 2568 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:05:24.0328 2568 Dhcp - ok
14:05:24.0343 2568 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:05:24.0484 2568 Disk - ok
14:05:24.0484 2568 dmadmin - ok
14:05:24.0531 2568 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:05:24.0812 2568 dmboot - ok
14:05:24.0828 2568 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:05:25.0015 2568 dmio - ok
14:05:25.0031 2568 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:05:25.0203 2568 dmload - ok
14:05:25.0234 2568 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:05:25.0390 2568 dmserver - ok
14:05:25.0406 2568 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:05:25.0593 2568 DMusic - ok
14:05:25.0609 2568 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:05:25.0703 2568 Dnscache - ok
14:05:25.0734 2568 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:05:25.0906 2568 Dot3svc - ok
14:05:25.0921 2568 dpti2o - ok
14:05:25.0921 2568 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:05:26.0046 2568 drmkaud - ok
14:05:26.0062 2568 EagleNT - ok
14:05:26.0078 2568 EagleXNt - ok
14:05:26.0093 2568 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:05:26.0218 2568 EapHost - ok
14:05:26.0250 2568 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:05:26.0375 2568 ERSvc - ok
14:05:26.0406 2568 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
14:05:26.0500 2568 Eventlog - ok
14:05:26.0546 2568 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
14:05:26.0703 2568 EventSystem - ok
14:05:26.0812 2568 [ 7CE0422451C4B05A14B642680F525C69 ] F-Secure Gatekeeper C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys
14:05:26.0890 2568 F-Secure Gatekeeper - ok
14:05:26.0906 2568 [ A9BE66E05254B20DF82E0F7CDDECA7DD ] F-Secure Gatekeeper Handler Starter C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
14:05:27.0000 2568 F-Secure Gatekeeper Handler Starter - ok
14:05:27.0062 2568 [ F5ACA65237C7511D5803CDC5E7003D75 ] F-Secure HIPS C:\Program Files\F-Secure\HIPS\drivers\fshs.sys
14:05:27.0093 2568 F-Secure HIPS - ok
14:05:27.0125 2568 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:05:27.0296 2568 Fastfat - ok
14:05:27.0312 2568 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:05:27.0406 2568 FastUserSwitchingCompatibility - ok
14:05:27.0421 2568 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
14:05:27.0546 2568 Fdc - ok
14:05:27.0578 2568 [ B73EC688C29F81F9DA0FCF63682B3ECB ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
14:05:27.0640 2568 FilterService - ok
14:05:27.0656 2568 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:05:27.0796 2568 Fips - ok
14:05:27.0828 2568 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:05:27.0953 2568 Flpydisk - ok
14:05:27.0984 2568 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:05:28.0140 2568 FltMgr - ok
14:05:28.0203 2568 [ FACECF3F75BAF3775A879D1168402270 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:05:28.0265 2568 FontCache3.0.0.0 - ok
14:05:28.0296 2568 [ 18DA737DD5122A475DA4948ED4643675 ] fsbts C:\WINDOWS\system32\Drivers\fsbts.sys
14:05:28.0390 2568 fsbts - ok
14:05:28.0453 2568 [ 8E0BF7478CC3BAED48282ADBC97ADAFB ] FSDFWD C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
14:05:28.0609 2568 FSDFWD - ok
14:05:28.0625 2568 [ ACA3910A53A057B8C3A6EBF4EF788C7C ] FSFW C:\WINDOWS\system32\drivers\fsdfw.sys
14:05:28.0703 2568 FSFW - ok
14:05:28.0750 2568 [ 392E85687A902239C01BADDF212B1A36 ] FSMA C:\Program Files\F-Secure\Common\FSMA32.EXE
14:05:28.0828 2568 FSMA - ok
14:05:28.0875 2568 [ 42AEF6A385354ACA65FC210CE7CE4D7C ] FSORSPClient C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
14:05:28.0921 2568 FSORSPClient - ok
14:05:28.0953 2568 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:05:29.0109 2568 Fs_Rec - ok
14:05:29.0125 2568 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:05:29.0343 2568 Ftdisk - ok
14:05:29.0359 2568 GMSIPCI - ok
14:05:29.0390 2568 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:05:29.0531 2568 Gpc - ok
14:05:29.0593 2568 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:05:29.0703 2568 gupdate - ok
14:05:29.0718 2568 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:05:29.0796 2568 gupdatem - ok
14:05:29.0843 2568 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:05:29.0937 2568 gusvc - ok
14:05:29.0953 2568 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
14:05:30.0000 2568 hamachi - ok
14:05:30.0078 2568 [ 616399E27A55C97AE859230EB13984D8 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
14:05:30.0281 2568 Hamachi2Svc - ok
14:05:30.0312 2568 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:05:30.0500 2568 HDAudBus - ok
14:05:30.0562 2568 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:05:30.0687 2568 helpsvc - ok
14:05:30.0703 2568 HidServ - ok
14:05:30.0718 2568 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:05:30.0859 2568 HidUsb - ok
14:05:30.0890 2568 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:05:31.0046 2568 hkmsvc - ok
14:05:31.0046 2568 hpn - ok
14:05:31.0078 2568 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
14:05:31.0156 2568 HTCAND32 - ok
14:05:31.0187 2568 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
14:05:31.0250 2568 htcnprot - ok
14:05:31.0281 2568 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:05:31.0437 2568 HTTP - ok
14:05:31.0468 2568 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:05:31.0734 2568 HTTPFilter - ok
14:05:31.0750 2568 i2omgmt - ok
14:05:31.0750 2568 i2omp - ok
14:05:31.0796 2568 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:05:32.0171 2568 i8042prt - ok
14:05:32.0234 2568 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:05:32.0328 2568 IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:05:32.0328 2568 IDriverT - detected UnsignedFile.Multi.Generic (1)
14:05:32.0375 2568 [ EA7267505149B3A10DF32506A4E4E412 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:05:32.0562 2568 idsvc ( UnsignedFile.Multi.Generic ) - warning
14:05:32.0562 2568 idsvc - detected UnsignedFile.Multi.Generic (1)
14:05:32.0593 2568 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:05:32.0765 2568 Imapi - ok
14:05:32.0796 2568 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:05:33.0000 2568 ImapiService - ok
14:05:33.0046 2568 [ B87FC7C71632240DAC8F4D20E9CE8377 ] InCDfs C:\WINDOWS\system32\drivers\InCDfs.sys
14:05:33.0109 2568 InCDfs ( UnsignedFile.Multi.Generic ) - warning
14:05:33.0109 2568 InCDfs - detected UnsignedFile.Multi.Generic (1)
14:05:33.0125 2568 [ 2E878405128EC98886EB9C2216AC7BD6 ] InCDPass C:\WINDOWS\system32\DRIVERS\InCDPass.sys
14:05:33.0156 2568 InCDPass ( UnsignedFile.Multi.Generic ) - warning
14:05:33.0156 2568 InCDPass - detected UnsignedFile.Multi.Generic (1)
14:05:33.0171 2568 [ DDF078917A42F105385D7EB6DEBB3433 ] InCDrec C:\WINDOWS\system32\drivers\InCDrec.sys
14:05:33.0218 2568 InCDrec ( UnsignedFile.Multi.Generic ) - warning
14:05:33.0218 2568 InCDrec - detected UnsignedFile.Multi.Generic (1)
14:05:33.0218 2568 [ 7F352360E947AD2CD4BA60DE27B1A299 ] incdrm C:\WINDOWS\system32\drivers\incdrm.sys
14:05:33.0250 2568 incdrm ( UnsignedFile.Multi.Generic ) - warning
14:05:33.0250 2568 incdrm - detected UnsignedFile.Multi.Generic (1)
14:05:33.0296 2568 [ E9372A17C22FC4E5C9FD8798A97775FC ] InCDsrv C:\Program Files\Ahead\InCD\InCDsrv.exe
14:05:33.0421 2568 InCDsrv ( UnsignedFile.Multi.Generic ) - warning
14:05:33.0421 2568 InCDsrv - detected UnsignedFile.Multi.Generic (1)
14:05:33.0437 2568 ini910u - ok
14:05:33.0578 2568 [ 001AACA6ED0E6B00FC5B8FAF74977E81 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:05:34.0000 2568 IntcAzAudAddService - ok
14:05:34.0015 2568 IntelIde - ok
14:05:34.0046 2568 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
14:05:34.0156 2568 Ip6Fw - ok
14:05:34.0187 2568 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:05:34.0328 2568 IpFilterDriver - ok
14:05:34.0359 2568 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:05:34.0484 2568 IpInIp - ok
14:05:34.0515 2568 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:05:34.0703 2568 IpNat - ok
14:05:34.0734 2568 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:05:34.0937 2568 IPSec - ok
14:05:34.0953 2568 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
14:05:35.0109 2568 irda - ok
14:05:35.0125 2568 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:05:35.0265 2568 IRENUM - ok
14:05:35.0296 2568 [ 8024EA8C5B2D2A4D201F418B0AADB804 ] Irmon C:\WINDOWS\System32\irmon.dll
14:05:35.0421 2568 Irmon - ok
14:05:35.0437 2568 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
14:05:35.0515 2568 irsir - ok
14:05:35.0531 2568 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:05:35.0656 2568 isapnp - ok
14:05:35.0750 2568 [ 77AC10DB097DFD0CD3071465B644D0AB ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
14:05:35.0859 2568 JavaQuickStarterService - ok
14:05:35.0890 2568 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:05:36.0015 2568 Kbdclass - ok
14:05:36.0031 2568 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:05:36.0234 2568 kmixer - ok
14:05:36.0265 2568 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:05:36.0343 2568 KSecDD - ok
14:05:36.0390 2568 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
14:05:36.0484 2568 lanmanserver - ok
14:05:36.0515 2568 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:05:36.0625 2568 lanmanworkstation - ok
14:05:36.0625 2568 lbrtfdc - ok
14:05:36.0671 2568 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:05:36.0734 2568 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
14:05:36.0734 2568 LightScribeService - detected UnsignedFile.Multi.Generic (1)
14:05:36.0781 2568 [ 4127E8B6DDB4090E815C1F8852C277D3 ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
14:05:36.0812 2568 lirsgt - ok
14:05:36.0843 2568 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:05:36.0968 2568 LmHosts - ok
14:05:37.0000 2568 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
14:05:37.0046 2568 LVPr2Mon - ok
14:05:37.0078 2568 [ 2333057542C91AE8228BDCCC2E5F2632 ] LVPrcSrv C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
14:05:37.0171 2568 LVPrcSrv - ok
14:05:37.0203 2568 [ A1857FBB9B4930EEB2FD92386C45C529 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
14:05:37.0359 2568 LVRS - ok
14:05:37.0390 2568 [ 5F987FC1AAD215EC2C60CF07719B1CCE ] LVUSBSta C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys
14:05:37.0437 2568 LVUSBSta - ok
14:05:37.0546 2568 [ 3703406AF0726BADD24C5E552493E5B1 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
14:05:37.0890 2568 LVUVC - ok
14:05:37.0921 2568 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\WINDOWS\system32\DRIVERS\mcdbus.sys
14:05:37.0968 2568 mcdbus ( UnsignedFile.Multi.Generic ) - warning
14:05:37.0968 2568 mcdbus - detected UnsignedFile.Multi.Generic (1)
14:05:38.0000 2568 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:05:38.0140 2568 Messenger - ok
14:05:38.0203 2568 Microsoft SharePoint Workspace Audit Service - ok
14:05:38.0218 2568 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:05:38.0343 2568 mnmdd - ok
14:05:38.0375 2568 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:05:38.0531 2568 mnmsrvc - ok
14:05:38.0578 2568 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:05:38.0734 2568 Modem - ok
14:05:38.0750 2568 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:05:38.0875 2568 Mouclass - ok
14:05:38.0906 2568 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:05:39.0046 2568 mouhid - ok
14:05:39.0046 2568 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:05:39.0187 2568 MountMgr - ok
14:05:39.0203 2568 mraid35x - ok
14:05:39.0203 2568 MREMP50 - ok
14:05:39.0218 2568 MREMP50a64 - ok
14:05:39.0218 2568 MREMPR5 - ok
14:05:39.0218 2568 MRENDIS5 - ok
14:05:39.0234 2568 MRESP50 - ok
14:05:39.0234 2568 MRESP50a64 - ok
14:05:39.0250 2568 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:05:39.0406 2568 MRxDAV - ok
14:05:39.0453 2568 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:05:39.0781 2568 MRxSmb - ok
14:05:39.0796 2568 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:05:39.0968 2568 MSDTC - ok
14:05:39.0984 2568 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:05:40.0125 2568 Msfs - ok
14:05:40.0140 2568 MSIServer - ok
14:05:40.0156 2568 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:05:40.0296 2568 MSKSSRV - ok
14:05:40.0312 2568 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:05:40.0453 2568 MSPCLOCK - ok
14:05:40.0468 2568 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:05:40.0609 2568 MSPQM - ok
14:05:40.0640 2568 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:05:40.0765 2568 mssmbios - ok
14:05:40.0796 2568 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:05:40.0859 2568 MSTEE - ok
14:05:40.0890 2568 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:05:40.0953 2568 Mup - ok
14:05:40.0968 2568 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:05:41.0031 2568 NABTSFEC - ok
14:05:41.0078 2568 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:05:41.0265 2568 napagent - ok
14:05:41.0296 2568 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:05:41.0484 2568 NDIS - ok
14:05:41.0500 2568 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:05:41.0562 2568 NdisIP - ok
14:05:41.0609 2568 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:05:41.0671 2568 NdisTapi - ok
14:05:41.0687 2568 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:05:41.0796 2568 Ndisuio - ok
14:05:41.0812 2568 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:05:41.0937 2568 NdisWan - ok
14:05:41.0984 2568 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:05:42.0031 2568 NDProxy - ok
14:05:42.0062 2568 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:05:42.0203 2568 NetBIOS - ok
14:05:42.0218 2568 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:05:42.0421 2568 NetBT - ok
14:05:42.0437 2568 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
14:05:42.0671 2568 NetDDE - ok
14:05:42.0703 2568 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:05:42.0859 2568 NetDDEdsdm - ok
14:05:42.0875 2568 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:05:43.0015 2568 Netlogon - ok
14:05:43.0046 2568 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
14:05:43.0171 2568 Netman - ok
14:05:43.0203 2568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:05:43.0296 2568 NetTcpPortSharing - ok
14:05:43.0296 2568 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:05:43.0437 2568 NIC1394 - ok
14:05:43.0468 2568 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
14:05:43.0578 2568 Nla - ok
14:05:43.0593 2568 [ 4A8A2AA0706B659175169DECF198E9D7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
14:05:43.0734 2568 nmwcd - ok
14:05:43.0750 2568 [ FD3E61831095AC62E6840D986B5A2016 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
14:05:43.0828 2568 nmwcdc - ok
14:05:43.0859 2568 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:05:44.0000 2568 Npfs - ok
14:05:44.0031 2568 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:05:44.0265 2568 Ntfs - ok
14:05:44.0281 2568 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:05:44.0406 2568 NtLmSsp - ok
14:05:44.0453 2568 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:05:44.0656 2568 NtmsSvc - ok
14:05:44.0703 2568 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:05:44.0843 2568 Null - ok
14:05:44.0968 2568 [ BA1B732C1A70CFEA0C1B64F2850BF44F ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:05:45.0453 2568 nv - ok
14:05:45.0484 2568 [ C03E15101F6D9E82CD9B0E7D715F5DE3 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
14:05:45.0546 2568 nvata - ok
14:05:45.0593 2568 [ CC34564BCA235EBAD8B308D871EFA2DF ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
14:05:45.0687 2568 NVENETFD - ok
14:05:45.0718 2568 [ 46FDB8D07DD4FC81093B0ACB243A525D ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
14:05:45.0781 2568 nvnetbus - ok
14:05:45.0796 2568 [ 0FEBE37DB6650FAA5965C00545009D1D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
14:05:45.0890 2568 NVSvc - ok
14:05:45.0906 2568 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:05:46.0093 2568 NwlnkFlt - ok
14:05:46.0093 2568 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:05:46.0265 2568 NwlnkFwd - ok
14:05:46.0328 2568 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:05:46.0500 2568 odserv - ok
14:05:46.0515 2568 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:05:46.0671 2568 ohci1394 - ok
14:05:46.0703 2568 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:05:46.0781 2568 ose - ok
14:05:46.0953 2568 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:05:47.0484 2568 osppsvc - ok
14:05:47.0515 2568 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
14:05:47.0687 2568 Parport - ok
14:05:47.0718 2568 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:05:47.0859 2568 PartMgr - ok
14:05:47.0890 2568 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:05:48.0046 2568 ParVdm - ok
14:05:48.0078 2568 [ 68139940B5AC84AFFB7EB1B713BE66E7 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
14:05:48.0125 2568 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
14:05:48.0125 2568 PassThru Service - detected UnsignedFile.Multi.Generic (1)
14:05:48.0140 2568 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
14:05:48.0187 2568 pccsmcfd - ok
14:05:48.0218 2568 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:05:48.0359 2568 PCI - ok
14:05:48.0359 2568 PCIDump - ok
14:05:48.0375 2568 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:05:48.0515 2568 PCIIde - ok
14:05:48.0531 2568 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:05:48.0671 2568 Pcmcia - ok
14:05:48.0687 2568 PDCOMP - ok
14:05:48.0687 2568 PDFRAME - ok
14:05:48.0687 2568 PDRELI - ok
14:05:48.0703 2568 PDRFRAME - ok
14:05:48.0703 2568 perc2 - ok
14:05:48.0718 2568 perc2hib - ok
14:05:48.0765 2568 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
14:05:48.0812 2568 PlugPlay - ok
14:05:48.0812 2568 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:05:48.0937 2568 PolicyAgent - ok
14:05:48.0953 2568 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:05:49.0093 2568 PptpMiniport - ok
14:05:49.0093 2568 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
14:05:49.0234 2568 Processor - ok
14:05:49.0265 2568 [ 18D9789A4664BF417EEA944D2776091A ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
14:05:49.0312 2568 prodrv06 ( UnsignedFile.Multi.Generic ) - warning
14:05:49.0312 2568 prodrv06 - detected UnsignedFile.Multi.Generic (1)
14:05:49.0343 2568 [ 8CC9671A7ED2902E747EE0892E1C8575 ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
14:05:49.0421 2568 prohlp02 ( UnsignedFile.Multi.Generic ) - warning
14:05:49.0421 2568 prohlp02 - detected UnsignedFile.Multi.Generic (1)
14:05:49.0437 2568 [ 960BCE3ED38761B446AABAC06C76BADF ] prosync1 C:\WINDOWS\system32\drivers\prosync1.sys
14:05:49.0453 2568 prosync1 ( UnsignedFile.Multi.Generic ) - warning
14:05:49.0453 2568 prosync1 - detected UnsignedFile.Multi.Generic (1)
14:05:49.0468 2568 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:05:49.0578 2568 ProtectedStorage - ok
14:05:49.0593 2568 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:05:49.0718 2568 PSched - ok
14:05:49.0750 2568 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:05:49.0890 2568 Ptilink - ok
14:05:49.0890 2568 ql1080 - ok
14:05:49.0906 2568 Ql10wnt - ok
14:05:49.0906 2568 ql12160 - ok
14:05:49.0921 2568 ql1240 - ok
14:05:49.0921 2568 ql1280 - ok
14:05:49.0937 2568 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:05:50.0109 2568 RasAcd - ok
14:05:50.0140 2568 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:05:50.0281 2568 RasAuto - ok
14:05:50.0312 2568 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:05:50.0390 2568 Rasirda - ok
14:05:50.0406 2568 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:05:50.0531 2568 Rasl2tp - ok
14:05:50.0593 2568 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:05:50.0765 2568 RasMan - ok
14:05:50.0765 2568 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:05:50.0906 2568 RasPppoe - ok
14:05:50.0921 2568 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:05:51.0109 2568 Raspti - ok
14:05:51.0125 2568 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:05:51.0296 2568 Rdbss - ok
14:05:51.0328 2568 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:05:51.0468 2568 RDPCDD - ok
14:05:51.0515 2568 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:05:51.0609 2568 RDPWD - ok
14:05:51.0656 2568 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:05:51.0906 2568 RDSessMgr - ok
14:05:51.0937 2568 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:05:52.0062 2568 redbook - ok
14:05:52.0093 2568 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:05:52.0250 2568 RemoteAccess - ok
14:05:52.0281 2568 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
14:05:52.0437 2568 ROOTMODEM - ok
14:05:52.0453 2568 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
14:05:52.0593 2568 RpcLocator - ok
14:05:52.0625 2568 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:05:52.0750 2568 RpcSs - ok
14:05:52.0765 2568 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:05:52.0968 2568 RSVP - ok
14:05:52.0984 2568 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
14:05:53.0093 2568 rtl8139 - ok
14:05:53.0109 2568 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
14:05:53.0250 2568 SamSs - ok
14:05:53.0281 2568 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:05:53.0468 2568 SCardSvr - ok
14:05:53.0500 2568 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:05:53.0671 2568 Schedule - ok
14:05:53.0687 2568 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:05:53.0828 2568 Secdrv - ok
14:05:53.0843 2568 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:05:53.0968 2568 seclogon - ok
14:05:53.0984 2568 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
14:05:54.0125 2568 SENS - ok
14:05:54.0140 2568 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:05:54.0265 2568 serenum - ok
14:05:54.0281 2568 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:05:54.0421 2568 Serial - ok
14:05:54.0468 2568 [ 77FAA749C34193F003F666D2E368A1F8 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
14:05:54.0640 2568 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
14:05:54.0640 2568 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
14:05:54.0703 2568 [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
14:05:54.0734 2568 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
14:05:54.0734 2568 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
14:05:54.0750 2568 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
14:05:54.0796 2568 sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
14:05:54.0796 2568 sfhlp01 - detected UnsignedFile.Multi.Generic (1)
14:05:54.0796 2568 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
14:05:54.0859 2568 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
14:05:54.0859 2568 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
14:05:54.0875 2568 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:05:54.0984 2568 Sfloppy - ok
14:05:55.0000 2568 [ 6120E41228A3718D8376437FE135DD4D ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
14:05:55.0031 2568 sfsync02 ( UnsignedFile.Multi.Generic ) - warning
14:05:55.0031 2568 sfsync02 - detected UnsignedFile.Multi.Generic (1)
14:05:55.0062 2568 [ D5A7E09D2C6A702809E49190D52ADC9F ] sfvfs02 C:\WINDOWS\system32\drivers\sfvfs02.sys
14:05:55.0093 2568 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
14:05:55.0093 2568 sfvfs02 - detected UnsignedFile.Multi.Generic (1)
14:05:55.0125 2568 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:05:55.0312 2568 SharedAccess - ok
14:05:55.0328 2568 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:05:55.0406 2568 ShellHWDetection - ok
14:05:55.0406 2568 Simbad - ok
14:05:55.0437 2568 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:05:55.0468 2568 SLIP - ok
14:05:55.0515 2568 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
14:05:55.0656 2568 SONYPVU1 - ok
14:05:55.0671 2568 Sparrow - ok
14:05:55.0703 2568 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:05:55.0812 2568 splitter - ok
14:05:55.0843 2568 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:05:55.0921 2568 Spooler - ok
14:05:55.0968 2568 [ 0C1DAD75274CB6E31F053CE3E08BF9C3 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
14:05:55.0968 2568 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 0C1DAD75274CB6E31F053CE3E08BF9C3
14:05:55.0968 2568 sptd ( LockedFile.Multi.Generic ) - warning
14:05:55.0968 2568 sptd - detected LockedFile.Multi.Generic (1)
14:05:55.0984 2568 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:05:56.0125 2568 sr - ok
14:05:56.0156 2568 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
14:05:56.0328 2568 srservice - ok
14:05:56.0359 2568 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:05:56.0484 2568 Srv - ok
14:05:56.0515 2568 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:05:56.0640 2568 SSDPSRV - ok
14:05:56.0640 2568 StarWindServiceAE - ok
14:05:56.0671 2568 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:05:56.0843 2568 stisvc - ok
14:05:56.0859 2568 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:05:56.0906 2568 streamip - ok
14:05:56.0921 2568 stwlfbus - ok
14:05:56.0953 2568 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:05:57.0062 2568 swenum - ok
14:05:57.0093 2568 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:05:57.0234 2568 swmidi - ok
14:05:57.0234 2568 SwPrv - ok
14:05:57.0250 2568 symc810 - ok
14:05:57.0250 2568 symc8xx - ok
14:05:57.0265 2568 sym_hi - ok
14:05:57.0265 2568 sym_u3 - ok
14:05:57.0281 2568 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:05:57.0406 2568 sysaudio - ok
14:05:57.0421 2568 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:05:57.0609 2568 SysmonLog - ok
14:05:57.0671 2568 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:05:57.0828 2568 TapiSrv - ok
14:05:57.0875 2568 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:05:58.0015 2568 Tcpip - ok
14:05:58.0046 2568 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:05:58.0171 2568 TDPIPE - ok
14:05:58.0203 2568 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:05:58.0312 2568 TDTCP - ok
14:05:58.0328 2568 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:05:58.0453 2568 TermDD - ok
14:05:58.0500 2568 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
14:05:58.0703 2568 TermService - ok
14:05:58.0718 2568 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:05:58.0781 2568 Themes - ok
14:05:58.0781 2568 TosIde - ok
14:05:58.0812 2568 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:05:58.0921 2568 TrkWks - ok
14:05:58.0953 2568 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:05:59.0093 2568 Udfs - ok
14:05:59.0093 2568 ultra - ok
14:05:59.0125 2568 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:05:59.0312 2568 Update - ok
14:05:59.0328 2568 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
14:05:59.0500 2568 upnphost - ok
14:05:59.0531 2568 [ 587E643A4E2FFD9A00F114B057CEB773 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
14:05:59.0609 2568 upperdev - ok
14:05:59.0640 2568 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
14:05:59.0765 2568 UPS - ok
14:05:59.0796 2568 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:05:59.0906 2568 usbaudio - ok
14:05:59.0921 2568 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:06:00.0062 2568 usbccgp - ok
14:06:00.0078 2568 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:06:00.0203 2568 usbehci - ok
14:06:00.0234 2568 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:06:00.0375 2568 usbhub - ok
14:06:00.0390 2568 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:06:00.0500 2568 usbohci - ok
14:06:00.0531 2568 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
14:06:00.0656 2568 usbser - ok
14:06:00.0671 2568 [ FCA6A196D47CB972A0E4ADC0DB9CD17C ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
14:06:00.0765 2568 UsbserFilt - ok
14:06:00.0796 2568 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:06:00.0921 2568 USBSTOR - ok
14:06:00.0937 2568 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
14:06:01.0062 2568 usbvideo - ok
14:06:01.0078 2568 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
14:06:01.0218 2568 usb_rndisx - ok
14:06:01.0218 2568 VClone - ok
14:06:01.0234 2568 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:06:01.0375 2568 VgaSave - ok
14:06:01.0375 2568 ViaIde - ok
14:06:01.0390 2568 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:06:01.0531 2568 VolSnap - ok
14:06:01.0593 2568 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
14:06:01.0812 2568 VSS - ok
14:06:01.0828 2568 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
14:06:02.0000 2568 W32Time - ok
14:06:02.0046 2568 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:06:02.0171 2568 Wanarp - ok
14:06:02.0218 2568 [ 4769596D7CC0F5FA447D2BABC239672A ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
14:06:02.0359 2568 Wdf01000 - ok
14:06:02.0359 2568 WDICA - ok
14:06:02.0375 2568 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:06:02.0515 2568 wdmaud - ok
14:06:02.0546 2568 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:06:02.0718 2568 WebClient - ok
14:06:02.0781 2568 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:06:02.0937 2568 winmgmt - ok
14:06:02.0968 2568 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:06:03.0093 2568 WmdmPmSN - ok
14:06:03.0125 2568 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:06:03.0281 2568 WmiApSrv - ok
14:06:03.0359 2568 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:06:03.0515 2568 WMPNetworkSvc - ok
14:06:03.0546 2568 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:06:03.0593 2568 WpdUsb - ok
14:06:03.0671 2568 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:06:03.0828 2568 WPFFontCache_v0400 - ok
14:06:03.0843 2568 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:06:04.0000 2568 wscsvc - ok
14:06:04.0015 2568 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:06:04.0046 2568 WSTCODEC - ok
14:06:04.0078 2568 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:06:04.0187 2568 wuauserv - ok
14:06:04.0234 2568 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:06:04.0312 2568 WudfPf - ok
14:06:04.0328 2568 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:06:04.0375 2568 WudfRd - ok
14:06:04.0390 2568 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:06:04.0437 2568 WudfSvc - ok
14:06:04.0484 2568 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:06:04.0687 2568 WZCSVC - ok
14:06:04.0718 2568 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:06:04.0906 2568 xmlprov - ok
14:06:04.0937 2568 ================ Scan global ===============================
14:06:04.0953 2568 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
14:06:04.0968 2568 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
14:06:05.0000 2568 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
14:06:05.0015 2568 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
14:06:05.0015 2568 [Global] - ok
14:06:05.0015 2568 ================ Scan MBR ==================================
14:06:05.0031 2568 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
14:06:05.0171 2568 \Device\Harddisk0\DR0 - ok
14:06:05.0171 2568 ================ Scan VBR ==================================
14:06:05.0187 2568 [ C4A233AA4DA20B2AB098DC15AD0C7379 ] \Device\Harddisk0\DR0\Partition1
14:06:05.0187 2568 \Device\Harddisk0\DR0\Partition1 - ok
14:06:05.0187 2568 ============================================================
14:06:05.0187 2568 Scan finished
14:06:05.0187 2568 ============================================================
14:06:05.0296 3064 Detected object count: 21
14:06:05.0296 3064 Actual detected object count: 21
14:06:12.0531 3064 AsAudioDevice_351 ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 AsAudioDevice_351 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 idsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 InCDfs ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 InCDfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 InCDPass ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 InCDPass ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 InCDrec ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 InCDrec ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 incdrm ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 incdrm ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 InCDsrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 InCDsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0531 3064 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0531 3064 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0546 3064 sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0546 3064 sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0546 3064 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0546 3064 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0546 3064 sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0546 3064 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0546 3064 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:12.0546 3064 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:06:12.0546 3064 sptd ( LockedFile.Multi.Generic ) - skipped by user
14:06:12.0546 3064 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
14:06:15.0500 2088 Deinitialize success
Nahoru
BattleMaster33
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 01 úno 2013 14:12

Re: Rootkit

#15 Příspěvek od BattleMaster33 »

Log z AdwCleaner před:

# AdwCleaner v2.109 - Logfile created 02/03/2013 at 14:35:07
# Updated 26/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Vláďa - KOCIANOVI
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Vláďa\Plocha\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Documents and Settings\Vláďa\Data aplikací\Mozilla\Firefox\Profiles\wlbxj8q0.default\searchplugins\icqplugin.xml
Folder Found : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Trymedia
Folder Found : C:\Program Files\ICQ6Toolbar

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\Software\TENCENT
Key Found : HKU\S-1-5-21-1294935756-1728218303-3573497230-1005\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v17.0.1 (cs)

File : C:\Documents and Settings\Vláďa\Data aplikací\Mozilla\Firefox\Profiles\wlbxj8q0.default\prefs.js

Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q=");

File : C:\Documents and Settings\Táta\Data aplikací\Mozilla\Firefox\Profiles\pe2zffyf.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Documents and Settings\Vláďa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Táta\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Máma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2786 octets] - [03/02/2013 14:35:07]

########## EOF - C:\AdwCleaner[R1].txt - [2846 octets] ##########
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“