Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

r.o.s.t.a.c.k.a - kontrola logu.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

Re: r.o.s.t.a.c.k.a - kontrola logu.

#136 Příspěvek od r.o.s.t.a.c.k.a »

Spíš ta základní deska, kontrolu hardisků jsem dělala a nic to nenašlo. Zítra ho zanesem do Losanu, snad to bude brzy opravené.. Do toho nám odešla TV, tak se asi budem doma koukat do zdi :lol:
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: r.o.s.t.a.c.k.a - kontrola logu.

#137 Příspěvek od Rudy »

To je pěkné. Kdyby jste nebyla ode mne 130km, koukl bych se na to. Jsem televizák původním povoláním. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

Re: r.o.s.t.a.c.k.a - kontrola logu.

#138 Příspěvek od r.o.s.t.a.c.k.a »

Tak to je opravdu škoda.. Ale tak to byste mi možná mohl trošku poradit, čím by to mohlo být a jestli má cenu ji dávat vůbec do opravy.. Sice trošku offtopic pro toto forum.. :oops:

Ve čtvrtek zničehonic vypadl obraz, fungoval jen zvuk. Při zapnutí obrazovka nereagovala, při vypnutí problikla.. V pátek, když jsme měli možnost ji dát do servisu, jsme ji zkusili a naběhla normálně. Nyní opět nefunguje. Obrazovka zřejmě rozbitá nebude, když jeden den zase fungovala, spíš nějaký kontakt? Kabely jsou všechny zapojené napevno, zkoušeli jsme, jestli není něco uvolněného.. Jen nevím, jestli se vyplatí oprava, aby to nebylo moc drahé.. Není to žádné nové LCD, je to cca 7 let stará televize, taková ta klasická velká.. Podobná bazarová se dá sehnat za dva tisíce, tak aby oprava nestála víc :o
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: r.o.s.t.a.c.k.a - kontrola logu.

#139 Příspěvek od Rudy »

Předpokládám nějaký studený spoj. Může být ve zdroji, řádkovém, nebo vertikálním rozkladu. Opravny mají sice různé ceny, ale 2tis. by taková oprava stát neměla. Problém může být i v nějaké součástce v oněch obvodech, to už se hledá obvykle hůř. Materiálově to náročné nebude, bude hlavně záležet na ceně práce. Jinak opravami (pouze) se dnes uživit nedá, takže to provozuji jen jako vedlejšák po práci. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

Re: r.o.s.t.a.c.k.a - kontrola logu.

#140 Příspěvek od r.o.s.t.a.c.k.a »

Ahoj, prosím o kontrolu logu, jestli se mi tam za tu dobu, co jsem ho nekontrolovala, nenamnožilo něco "špatného". Děkuji :)

Jinak OT - tu TV tenkrát nám opravili :)


Logfile of random's system information tool 1.09 (written by random/random)
Run by Junior at 2012-06-10 09:01:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 345 GB (72%) free of 477 GB
Total RAM: 2783 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:02:06, on 10.6.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SlimDrivers\SlimDrivers.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Virtual Router\VirtualRouterClient.exe
C:\Users\Junior\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe
C:\Program Files\Raxco\PerfectSpeed20\Rx2AgentS1.exe
C:\Users\Junior\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Junior\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Junior\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Junior\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
E:\Downloads\RSIT.exe
C:\Program Files\trend micro\Junior.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={B95612A2-4 ... 2012-02-23 08:13:19&v=10.0.0.7&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VIARaidUtl] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [PerfectSpeed.exe] C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe /tray /startrun
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Junior\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Google Update] "C:\Users\Junior\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Facebook Messenger.lnk = Junior\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe
O4 - Global Startup: Virtual Router Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Rx2Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe
O23 - Service: Rx2Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: VirtualRouterService (Virtual Router) - Chris Pietschmann (http://pietschsoft.com) - C:\Program Files\Virtual Router\VirtualRouterService.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe

--
End of file - 8775 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000UA.job
C:\Windows\tasks\KRALOPMUTV.job
C:\Windows\tasks\SlimDrivers Startup.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2011-10-18 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-09-28 1406248]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-05-08 348624]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-09 343168]
"VIARaidUtl"=C:\Program Files\VIA\RAID\raid_tool.exe [2000-01-01 2375392]
"PerfectSpeed.exe"=C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe [2010-01-21 7365896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Facebook Update"=C:\Users\Junior\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-12 137536]
"Google Update"=C:\Users\Junior\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-05 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Virtual Router Manager.lnk - C:\Windows\Installer\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}\_E6D9769DD20AF384865041.exe

C:\Users\Junior\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Junior\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2012-06-10 09:01:53 ----D---- C:\rsit
2012-06-10 09:01:53 ----D---- C:\Program Files\trend micro
2012-05-22 21:20:08 ----D---- C:\Program Files\1ClickDownload
2012-05-15 18:56:52 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 month======

2012-06-10 09:02:04 ----D---- C:\Windows\Prefetch
2012-06-10 09:01:57 ----D---- C:\Windows\Temp
2012-06-10 09:01:53 ----D---- C:\Program Files
2012-06-10 09:01:45 ----A---- C:\Windows\wincmd.ini
2012-06-10 07:37:31 ----D---- C:\Windows\system32\config
2012-06-10 07:35:06 ----HD---- C:\ProgramData
2012-06-10 07:33:52 ----D---- C:\Windows\system32\drivers
2012-06-10 07:33:50 ----D---- C:\Windows\inf
2012-06-10 07:33:10 ----D---- C:\Windows
2012-06-09 20:56:54 ----D---- C:\Windows\System32
2012-06-09 20:56:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-09 19:06:48 ----D---- C:\Users\Junior\AppData\Roaming\Media Player Classic
2012-06-09 19:05:00 ----D---- C:\Users\Junior\AppData\Roaming\uTorrent
2012-06-09 10:59:52 ----D---- C:\Windows\system32\NDF
2012-06-09 10:43:13 ----SHD---- C:\Windows\Installer
2012-06-09 10:43:13 ----D---- C:\Program Files\Virtual Router
2012-06-04 15:06:15 ----D---- C:\Windows\system32\catroot
2012-05-29 16:32:54 ----D---- C:\Users\Junior\AppData\Roaming\ICQ
2012-05-25 14:04:42 ----D---- C:\Windows\system32\catroot2
2012-05-25 10:05:42 ----D---- C:\Program Files\ANYDATA
2012-05-25 10:05:38 ----D---- C:\Windows\system32\DriverStore
2012-05-25 10:03:28 ----D---- C:\Program Files\Mozilla Firefox
2012-05-25 10:03:26 ----D---- C:\Users\Junior\AppData\Roaming\Mozilla
2012-05-25 10:02:47 ----D---- C:\ProgramData\Electronic Arts
2012-05-15 19:00:17 ----D---- C:\Users\Junior\AppData\Roaming\Vso
2012-05-15 19:00:17 ----D---- C:\Users\Junior\AppData\Roaming\DAEMON Tools Lite
2012-05-15 18:59:02 ----D---- C:\Windows\ModemLogs
2012-05-15 18:59:02 ----D---- C:\Windows\Logs
2012-05-15 18:59:02 ----D---- C:\Windows\debug
2012-05-14 14:00:37 ----D---- C:\Program Files\O2 Mobilni internet
2012-05-14 13:59:02 ----HD---- C:\Program Files\InstallShield Installation Information
2012-05-14 13:59:02 ----D---- C:\Program Files\Electronic Arts
2012-05-12 06:41:51 ----D---- C:\Program Files\uTorrent
2012-05-11 21:06:03 ----D---- C:\Windows\Microsoft.NET
2012-05-11 21:06:02 ----RSD---- C:\Windows\assembly
2012-05-11 13:37:25 ----D---- C:\Windows\winsxs
2012-05-11 13:35:55 ----D---- C:\Program Files\Microsoft Silverlight
2012-05-11 04:52:29 ----D---- C:\Program Files\Windows Journal
2012-05-11 04:32:25 ----D---- C:\ProgramData\Microsoft Help
2012-05-11 04:28:00 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-04-19 721904]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-05-08 137928]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-09-15 36000]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-21 218688]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-05-08 83392]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2009-08-21 73232]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2008-07-29 904192]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-10-17 85520]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2000-01-01 43008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2000-01-01 362600]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2009-11-06 106880]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-05-12 30312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Classic\safedrv.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2012-01-18 16472]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2012-01-18 11104]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2010-05-12 96488]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2010-05-12 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2010-05-12 121576]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2010-05-12 98152]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-04-27 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2012-06-10 12984]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUSB;Sony Ericsson USB Device sa0101 Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S3 XDva392;XDva392; \??\C:\Windows\system32\XDva392.sys []
S3 ZD1211BU(TP-LINK);TL-WN322G Wireless USB Adapter Driver(TP-LINK); C:\Windows\system32\DRIVERS\zd1211Bu.sys [2007-06-25 500736]
S3 ZDPSp60;ZDPSp60 NDIS Protocol Driver; C:\Windows\System32\Drivers\ZDPSp60.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 291840]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-05-08 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-01-26 75136]
R2 Rx2Agent;Rx2Agent; C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe [2010-01-21 779528]
R2 Virtual Router;VirtualRouterService; C:\Program Files\Virtual Router\VirtualRouterService.exe [2009-11-18 12288]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2000-01-01 52888]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Rx2Engine;Rx2Engine; C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe [2010-01-21 947464]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-15 1343400]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: r.o.s.t.a.c.k.a - kontrola logu.

#141 Příspěvek od Rudy »

Zdravím!
Myslím, že tam něco bude. Dejte log ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware
Jinak díky za info! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

Re: r.o.s.t.a.c.k.a - kontrola logu.

#142 Příspěvek od r.o.s.t.a.c.k.a »

Tak už se mi ten log dělá přes půl hodiny.. Sice to tam píše, že to trvá, ale takhle? No, snad se to neseklo :D
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

Re: r.o.s.t.a.c.k.a - kontrola logu.

#143 Příspěvek od r.o.s.t.a.c.k.a »

Tak hotovo, snad je to kompletní, vypnula jsem předtím antivir i firewall.. Jen mi to nějak zlobilo, předtím se to fakt seklo, musela jsem PC natvrdo vypnout a spustit znovu..


ComboFix 12-06-09.02 - Junior 10.06.2012 15:02:09.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2783.1714 [GMT 2:00]
Spuštěný z: c:\users\Junior\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
C:\desktop.ini
c:\users\Junior\AppData\Roaming\inst.exe
c:\users\Junior\AppData\Roaming\vso_ts_preview.xml
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system\VRAIDlog.dll
c:\windows\system32\DEBUG.log
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-10 do 2012-06-10 )))))))))))))))))))))))))))))))
.
.
2012-06-10 13:09 . 2012-06-10 13:09 -------- d-----w- c:\users\Junior\AppData\Local\temp
2012-06-10 13:09 . 2012-06-10 13:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-10 07:01 . 2012-06-10 07:02 -------- d-----w- C:\rsit
2012-06-10 07:01 . 2012-06-10 07:02 -------- d-----w- c:\program files\trend micro
2012-05-22 19:20 . 2012-05-30 19:38 -------- d-----w- c:\program files\1ClickDownload
2012-05-15 16:56 . 2012-05-15 16:56 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-10 12:57 . 2012-01-07 14:16 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-05-14 20:29 . 2012-05-14 20:29 3095908 ----a-w- C:\AKAIO 1.8.9z.zip
2012-05-08 18:05 . 2011-10-29 14:31 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 18:05 . 2011-10-29 14:31 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-05 12:42 . 2012-04-10 08:09 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 12:42 . 2011-05-31 14:46 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-01 09:39 . 2012-05-01 09:39 2450843 ----a-w- C:\ak2ifw_update_3ds4.0_dsi144.zip
2012-04-26 14:20 . 2012-04-26 14:20 27248 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
2012-03-31 04:39 . 2012-05-10 18:00 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-10 18:00 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 02:36 . 2012-05-10 18:00 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 10:23 . 2012-05-10 18:00 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-17 07:27 . 2012-05-10 17:59 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Facebook Update"="c:\users\Junior\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-04-12 137536]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-09-28 1406248]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
"VIARaidUtl"="c:\program files\VIA\RAID\raid_tool.exe" [2000-01-01 2375392]
"PerfectSpeed.exe"="c:\program files\Raxco\PerfectSpeed20\PerfectSpeed.exe" [2010-01-21 7365896]
.
c:\users\Junior\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Junior\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe [2012-5-17 200704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 VRAID Log Service;VRAID Log Service;c:\program files\VIA\RAID\vialogsv.exe [2000-01-01 52888]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2009-11-06 106880]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-05-12 30312]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena Classic\safedrv.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2012-01-18 16472]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2012-01-18 11104]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2010-05-12 96488]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2010-05-12 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2010-05-12 121576]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2010-05-12 98152]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-06-10 12984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-15 1343400]
R3 XDva392;XDva392;c:\windows\system32\XDva392.sys [x]
R3 ZD1211BU(TP-LINK);TL-WN322G Wireless USB Adapter Driver(TP-LINK);c:\windows\system32\DRIVERS\zd1211Bu.sys [2007-06-25 500736]
R3 ZDPSp60;ZDPSp60 NDIS Protocol Driver;c:\windows\system32\Drivers\ZDPSp60.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-04-19 721904]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-15 36000]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-21 218688]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 291840]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-04 238952]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 Rx2Agent;Rx2Agent;c:\program files\Raxco\PerfectSpeed20\Rx2Agent.exe [2010-01-21 779528]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
S3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2008-07-29 904192]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-10-17 85520]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2000-01-01 362600]
S3 Rx2Engine;Rx2Engine;c:\program files\Raxco\PerfectSpeed20\Rx2Engine.exe [2010-01-21 947464]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 12:42]
.
2012-06-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000Core.job
- c:\users\Junior\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-12 05:10]
.
2012-06-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000UA.job
- c:\users\Junior\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-12 05:10]
.
2012-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000Core.job
- c:\users\Junior\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-05 08:56]
.
2012-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000UA.job
- c:\users\Junior\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-05 08:56]
.
2012-06-10 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files\SlimDrivers\SlimDrivers.exe [2012-02-01 12:42]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://isearch.avg.com/?cid={B95612A2-453F-40E8-9069-7EF4AB768112}&mid=4ee290026f4847d18ba9bd2b2b7219a3-1d4d0c3038b9479e6e2a189467d1a09593a91f13&lang=cs&ds=ts024&pr=sa&d=2012-02-23 08:13&v=10.0.0.7&sap=hp
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-NPSStartup - (no file)
AddRemove-MP4 Video Converter_is1 - c:\program files\WinAVI MP4 Converter\unins000.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
.
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: WDC_WD50 rev.05.0 -> Harddisk0\DR0 -> \Device\0000006d
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
error: Read K dokončení požadované služby není k dispozici dostatek prostředků.
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3183601904-2497013897-3255697537-1000\Software\Zepter Software\RegLib*bcead930\CloneDVDmobile/1]
"1"=dword:4d6a28e5
"2"=dword:4d9cab69
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-06-10 15:11:41
ComboFix-quarantined-files.txt 2012-06-10 13:11
.
Před spuštěním: Volných bajtů: 361 955 340 288
Po spuštění: Volných bajtů: 361 861 746 688
.
- - End Of File - - 56DC02B0BDFC96B50BBED81D855B42DC
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: r.o.s.t.a.c.k.a - kontrola logu.

#144 Příspěvek od Rudy »

1. Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Folder::
c:\users\Junior\AppData\Local\Facebook\Update

Collect::
c:\windows\system32\XDva392.sys
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000UA.job

Driver::
XDva392

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-

RegLock::
[HKEY_USERS\S-1-5-21-3183601904-2497013897-3255697537-1000\Software\Zepter Software\RegLib*bcead930\CloneDVDmobile/1]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

2. Stáhněte, rozbalte a spusťte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip . Nechte pracovat a pak sem vložte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

Re: r.o.s.t.a.c.k.a - kontrola logu.

#145 Příspěvek od r.o.s.t.a.c.k.a »

Tak jsem to udělala, napoprvé mi to shodilo celý PC a hodilo to nouzový režim, napodruhé to vyhodilo tento log:


ComboFix 12-06-09.02 - Junior 10.06.2012 19:46:20.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2783.1886 [GMT 2:00]
Spuštěný z: c:\users\Junior\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Junior\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
file zipped: c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000Core.job
file zipped: c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000UA.job
file zipped: c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000Core.job
file zipped: c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Junior\AppData\Local\Facebook\Update
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\FacebookCrashHandler.exe
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\FacebookUpdate.exe
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\FacebookUpdateHelper.msi
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdate.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ar.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_bg.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_bn.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ca.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_cs.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_da.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_de.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_el.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_en-GB.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_en.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_es-419.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_es.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_et.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fa.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fi.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fil.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fr.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_gu.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hi.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hr.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hu.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_id.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_is.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_it.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_iw.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ja.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_kn.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ko.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_lt.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_lv.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ml.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_mr.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ms.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_nl.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_no.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_or.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pl.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pt-BR.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pt-PT.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ro.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ru.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sk.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sl.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sr.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sv.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ta.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_te.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_th.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_tr.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_uk.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ur.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_vi.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_zh-CN.dll
c:\users\Junior\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_zh-TW.dll
c:\users\Junior\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\system32\DEBUG.log
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_XDVA392
-------\Service_XDva392
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-10 do 2012-06-10 )))))))))))))))))))))))))))))))
.
.
2012-06-10 17:55 . 2012-06-10 17:55 -------- d-----w- c:\programdata\AutoKMS
2012-06-10 17:53 . 2012-06-10 17:56 -------- d-----w- c:\users\Junior\AppData\Local\temp
2012-06-10 07:01 . 2012-06-10 07:02 -------- d-----w- C:\rsit
2012-06-10 07:01 . 2012-06-10 07:02 -------- d-----w- c:\program files\trend micro
2012-05-22 19:20 . 2012-05-30 19:38 -------- d-----w- c:\program files\1ClickDownload
2012-05-15 16:56 . 2012-05-15 16:56 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-10 17:56 . 2012-01-07 14:16 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-05-14 20:29 . 2012-05-14 20:29 3095908 ----a-w- C:\AKAIO 1.8.9z.zip
2012-05-08 18:05 . 2011-10-29 14:31 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 18:05 . 2011-10-29 14:31 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-05 12:42 . 2012-04-10 08:09 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 12:42 . 2011-05-31 14:46 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-01 09:39 . 2012-05-01 09:39 2450843 ----a-w- C:\ak2ifw_update_3ds4.0_dsi144.zip
2012-04-26 14:20 . 2012-04-26 14:20 27248 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
2012-03-31 04:39 . 2012-05-10 18:00 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-10 18:00 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 02:36 . 2012-05-10 18:00 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 10:23 . 2012-05-10 18:00 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-17 07:27 . 2012-05-10 17:59 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-09-28 1406248]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
"VIARaidUtl"="c:\program files\VIA\RAID\raid_tool.exe" [2000-01-01 2375392]
"PerfectSpeed.exe"="c:\program files\Raxco\PerfectSpeed20\PerfectSpeed.exe" [2010-01-21 7365896]
.
c:\users\Junior\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Junior\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe [2012-5-17 200704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2009-11-06 106880]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-05-12 30312]
R3 CFcatchme;CFcatchme;c:\users\Junior\AppData\Local\Temp\CFcatchme.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena Classic\safedrv.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2012-01-18 16472]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2012-01-18 11104]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2010-05-12 96488]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2010-05-12 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2010-05-12 121576]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2010-05-12 98152]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-06-10 12984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-15 1343400]
R3 ZD1211BU(TP-LINK);TL-WN322G Wireless USB Adapter Driver(TP-LINK);c:\windows\system32\DRIVERS\zd1211Bu.sys [2007-06-25 500736]
R3 ZDPSp60;ZDPSp60 NDIS Protocol Driver;c:\windows\system32\Drivers\ZDPSp60.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-04-19 721904]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-15 36000]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-21 218688]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 291840]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-04 238952]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 Rx2Agent;Rx2Agent;c:\program files\Raxco\PerfectSpeed20\Rx2Agent.exe [2010-01-21 779528]
S2 VRAID Log Service;VRAID Log Service;c:\program files\VIA\RAID\vialogsv.exe [2000-01-01 52888]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
S3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2008-07-29 904192]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-10-17 85520]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2000-01-01 362600]
S3 Rx2Engine;Rx2Engine;c:\program files\Raxco\PerfectSpeed20\Rx2Engine.exe [2010-01-21 947464]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 12:42]
.
2012-06-10 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files\SlimDrivers\SlimDrivers.exe [2012-02-01 12:42]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://isearch.avg.com/?cid={B95612A2-453F-40E8-9069-7EF4AB768112}&mid=4ee290026f4847d18ba9bd2b2b7219a3-1d4d0c3038b9479e6e2a189467d1a09593a91f13&lang=cs&ds=ts024&pr=sa&d=2012-02-23 08:13&v=10.0.0.7&sap=hp
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: WDC_WD50 rev.05.0 -> Harddisk0\DR0 -> \Device\0000006d
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
error: Read K dokončení požadované služby není k dispozici dostatek prostředků.
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3183601904-2497013897-3255697537-1000\Software\Zepter Software\RegLib*bcead930\CloneDVDmobile/1]
"1"=dword:4d6a28e5
"2"=dword:4d9cab69
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\conhost.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Celkový čas: 2012-06-10 20:00:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-06-10 18:00
ComboFix2.txt 2012-06-10 13:11
.
Před spuštěním: Volných bajtů: 361 514 618 880
Po spuštění: Volných bajtů: 361 319 337 984
.
- - End Of File - - 6D0BA46284B598C17334400C4C48C57A
Nahr nˇ probŘhlo ŁspŘçnŘ
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

Re: r.o.s.t.a.c.k.a - kontrola logu.

#146 Příspěvek od r.o.s.t.a.c.k.a »

V tom druhém programu mi to našlo jeden soubor, mám dát přeskočit, karanténu nebo smazat?
Přílohy
Bez názvu.jpg
Bez názvu.jpg (23.99 KiB) Zobrazeno 1676 x
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

Re: r.o.s.t.a.c.k.a - kontrola logu.

#147 Příspěvek od r.o.s.t.a.c.k.a »

Omlouvám se, asi jsem dala špatný log z rsit.. Tady je správný


Logfile of random's system information tool 1.09 (written by random/random)
Run by Junior at 2012-06-10 09:01:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 345 GB (72%) free of 477 GB
Total RAM: 2783 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:02:06, on 10.6.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SlimDrivers\SlimDrivers.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Virtual Router\VirtualRouterClient.exe
C:\Users\Junior\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe
C:\Program Files\Raxco\PerfectSpeed20\Rx2AgentS1.exe
C:\Users\Junior\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Junior\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Junior\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Junior\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
E:\Downloads\RSIT.exe
C:\Program Files\trend micro\Junior.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={B95612A2-4 ... 2012-02-23 08:13:19&v=10.0.0.7&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VIARaidUtl] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [PerfectSpeed.exe] C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe /tray /startrun
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Junior\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Google Update] "C:\Users\Junior\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Facebook Messenger.lnk = Junior\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe
O4 - Global Startup: Virtual Router Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Rx2Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe
O23 - Service: Rx2Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: VirtualRouterService (Virtual Router) - Chris Pietschmann (http://pietschsoft.com) - C:\Program Files\Virtual Router\VirtualRouterService.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe

--
End of file - 8775 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3183601904-2497013897-3255697537-1000UA.job
C:\Windows\tasks\KRALOPMUTV.job
C:\Windows\tasks\SlimDrivers Startup.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2011-10-18 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-09-28 1406248]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-05-08 348624]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-09 343168]
"VIARaidUtl"=C:\Program Files\VIA\RAID\raid_tool.exe [2000-01-01 2375392]
"PerfectSpeed.exe"=C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe [2010-01-21 7365896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Facebook Update"=C:\Users\Junior\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-12 137536]
"Google Update"=C:\Users\Junior\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-05 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Virtual Router Manager.lnk - C:\Windows\Installer\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}\_E6D9769DD20AF384865041.exe

C:\Users\Junior\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Junior\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2012-06-10 09:01:53 ----D---- C:\rsit
2012-06-10 09:01:53 ----D---- C:\Program Files\trend micro
2012-05-22 21:20:08 ----D---- C:\Program Files\1ClickDownload
2012-05-15 18:56:52 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 month======

2012-06-10 09:02:04 ----D---- C:\Windows\Prefetch
2012-06-10 09:01:57 ----D---- C:\Windows\Temp
2012-06-10 09:01:53 ----D---- C:\Program Files
2012-06-10 09:01:45 ----A---- C:\Windows\wincmd.ini
2012-06-10 07:37:31 ----D---- C:\Windows\system32\config
2012-06-10 07:35:06 ----HD---- C:\ProgramData
2012-06-10 07:33:52 ----D---- C:\Windows\system32\drivers
2012-06-10 07:33:50 ----D---- C:\Windows\inf
2012-06-10 07:33:10 ----D---- C:\Windows
2012-06-09 20:56:54 ----D---- C:\Windows\System32
2012-06-09 20:56:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-09 19:06:48 ----D---- C:\Users\Junior\AppData\Roaming\Media Player Classic
2012-06-09 19:05:00 ----D---- C:\Users\Junior\AppData\Roaming\uTorrent
2012-06-09 10:59:52 ----D---- C:\Windows\system32\NDF
2012-06-09 10:43:13 ----SHD---- C:\Windows\Installer
2012-06-09 10:43:13 ----D---- C:\Program Files\Virtual Router
2012-06-04 15:06:15 ----D---- C:\Windows\system32\catroot
2012-05-29 16:32:54 ----D---- C:\Users\Junior\AppData\Roaming\ICQ
2012-05-25 14:04:42 ----D---- C:\Windows\system32\catroot2
2012-05-25 10:05:42 ----D---- C:\Program Files\ANYDATA
2012-05-25 10:05:38 ----D---- C:\Windows\system32\DriverStore
2012-05-25 10:03:28 ----D---- C:\Program Files\Mozilla Firefox
2012-05-25 10:03:26 ----D---- C:\Users\Junior\AppData\Roaming\Mozilla
2012-05-25 10:02:47 ----D---- C:\ProgramData\Electronic Arts
2012-05-15 19:00:17 ----D---- C:\Users\Junior\AppData\Roaming\Vso
2012-05-15 19:00:17 ----D---- C:\Users\Junior\AppData\Roaming\DAEMON Tools Lite
2012-05-15 18:59:02 ----D---- C:\Windows\ModemLogs
2012-05-15 18:59:02 ----D---- C:\Windows\Logs
2012-05-15 18:59:02 ----D---- C:\Windows\debug
2012-05-14 14:00:37 ----D---- C:\Program Files\O2 Mobilni internet
2012-05-14 13:59:02 ----HD---- C:\Program Files\InstallShield Installation Information
2012-05-14 13:59:02 ----D---- C:\Program Files\Electronic Arts
2012-05-12 06:41:51 ----D---- C:\Program Files\uTorrent
2012-05-11 21:06:03 ----D---- C:\Windows\Microsoft.NET
2012-05-11 21:06:02 ----RSD---- C:\Windows\assembly
2012-05-11 13:37:25 ----D---- C:\Windows\winsxs
2012-05-11 13:35:55 ----D---- C:\Program Files\Microsoft Silverlight
2012-05-11 04:52:29 ----D---- C:\Program Files\Windows Journal
2012-05-11 04:32:25 ----D---- C:\ProgramData\Microsoft Help
2012-05-11 04:28:00 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-04-19 721904]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-05-08 137928]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-09-15 36000]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-21 218688]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-05-08 83392]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2009-08-21 73232]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2008-07-29 904192]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-10-17 85520]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2000-01-01 43008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2000-01-01 362600]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2009-11-06 106880]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-05-12 30312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Classic\safedrv.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2012-01-18 16472]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2012-01-18 11104]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2010-05-12 96488]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2010-05-12 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2010-05-12 121576]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2010-05-12 98152]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-04-27 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2012-06-10 12984]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUSB;Sony Ericsson USB Device sa0101 Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S3 XDva392;XDva392; \??\C:\Windows\system32\XDva392.sys []
S3 ZD1211BU(TP-LINK);TL-WN322G Wireless USB Adapter Driver(TP-LINK); C:\Windows\system32\DRIVERS\zd1211Bu.sys [2007-06-25 500736]
S3 ZDPSp60;ZDPSp60 NDIS Protocol Driver; C:\Windows\System32\Drivers\ZDPSp60.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 291840]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-05-08 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-01-26 75136]
R2 Rx2Agent;Rx2Agent; C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe [2010-01-21 779528]
R2 Virtual Router;VirtualRouterService; C:\Program Files\Virtual Router\VirtualRouterService.exe [2009-11-18 12288]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2000-01-01 52888]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Rx2Engine;Rx2Engine; C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe [2010-01-21 947464]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-15 1343400]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: r.o.s.t.a.c.k.a - kontrola logu.

#148 Příspěvek od Rudy »

Řešíme ComboFix, takže RSIT nepotřebuji. Ten driver patří Daemon Tools, takže přeskočte. Ještě poprosím: stáhněte, rozbalte a spusťte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip . Nechte pracovat a po skončení akce sem vložte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

Re: r.o.s.t.a.c.k.a - kontrola logu.

#149 Příspěvek od r.o.s.t.a.c.k.a »

22:59:07.0037 5860 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
22:59:07.0094 5860 ============================================================
22:59:07.0094 5860 Current date / time: 2012/06/10 22:59:07.0094
22:59:07.0094 5860 SystemInfo:
22:59:07.0094 5860
22:59:07.0094 5860 OS Version: 6.1.7601 ServicePack: 1.0
22:59:07.0094 5860 Product type: Workstation
22:59:07.0094 5860 ComputerName: JUNIOR-PC
22:59:07.0095 5860 UserName: Junior
22:59:07.0095 5860 Windows directory: C:\Windows
22:59:07.0095 5860 System windows directory: C:\Windows
22:59:07.0095 5860 Processor architecture: Intel x86
22:59:07.0095 5860 Number of processors: 2
22:59:07.0095 5860 Page size: 0x1000
22:59:07.0095 5860 Boot type: Normal boot
22:59:07.0095 5860 ============================================================
22:59:08.0189 5860 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:59:08.0197 5860 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:59:08.0211 5860 ============================================================
22:59:08.0211 5860 \Device\Harddisk1\DR1:
22:59:08.0211 5860 MBR partitions:
22:59:08.0211 5860 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
22:59:08.0211 5860 \Device\Harddisk0\DR0:
22:59:08.0211 5860 MBR partitions:
22:59:08.0211 5860 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
22:59:08.0211 5860 ============================================================
22:59:08.0243 5860 C: <-> \Device\Harddisk0\DR0\Partition0
22:59:08.0277 5860 E: <-> \Device\Harddisk1\DR1\Partition0
22:59:08.0277 5860 ============================================================
22:59:08.0277 5860 Initialize success
22:59:08.0277 5860 ============================================================
22:59:13.0679 5552 ============================================================
22:59:13.0679 5552 Scan started
22:59:13.0679 5552 Mode: Manual;
22:59:13.0679 5552 ============================================================
22:59:14.0635 5552 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:59:14.0639 5552 1394ohci - ok
22:59:14.0692 5552 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:59:14.0698 5552 ACPI - ok
22:59:14.0749 5552 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:59:14.0749 5552 AcpiPmi - ok
22:59:14.0891 5552 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:59:14.0892 5552 AdobeARMservice - ok
22:59:14.0995 5552 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:59:14.0997 5552 AdobeFlashPlayerUpdateSvc - ok
22:59:15.0060 5552 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:59:15.0068 5552 adp94xx - ok
22:59:15.0111 5552 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:59:15.0117 5552 adpahci - ok
22:59:15.0133 5552 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:59:15.0136 5552 adpu320 - ok
22:59:15.0210 5552 adusbser (e4283b3de62494325818d60c638cdd51) C:\Windows\system32\DRIVERS\adusbser.sys
22:59:15.0211 5552 adusbser - ok
22:59:15.0250 5552 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:59:15.0251 5552 AeLookupSvc - ok
22:59:15.0313 5552 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:59:15.0316 5552 AFD - ok
22:59:15.0346 5552 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:59:15.0347 5552 agp440 - ok
22:59:15.0377 5552 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:59:15.0378 5552 aic78xx - ok
22:59:15.0415 5552 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:59:15.0416 5552 ALG - ok
22:59:15.0437 5552 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:59:15.0437 5552 aliide - ok
22:59:15.0491 5552 AMD External Events Utility (f970ea885aefeb1b9eb97ca7f1eb226d) C:\Windows\system32\atiesrxx.exe
22:59:15.0494 5552 AMD External Events Utility - ok
22:59:15.0577 5552 AMD FUEL Service - ok
22:59:15.0630 5552 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:59:15.0631 5552 amdagp - ok
22:59:15.0659 5552 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:59:15.0660 5552 amdide - ok
22:59:15.0678 5552 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
22:59:15.0679 5552 amdiox86 - ok
22:59:15.0725 5552 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:59:15.0726 5552 AmdK8 - ok
22:59:16.0193 5552 amdkmdag (ab70f110143892eb41aa46500aa5cf00) C:\Windows\system32\DRIVERS\atikmdag.sys
22:59:16.0245 5552 amdkmdag - ok
22:59:16.0419 5552 amdkmdap (32d68d05b871eed5572d0c2c764ea4ec) C:\Windows\system32\DRIVERS\atikmpag.sys
22:59:16.0421 5552 amdkmdap - ok
22:59:16.0470 5552 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
22:59:16.0471 5552 AmdLLD - ok
22:59:16.0512 5552 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:59:16.0513 5552 AmdPPM - ok
22:59:16.0558 5552 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
22:59:16.0559 5552 amdsata - ok
22:59:16.0605 5552 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:59:16.0608 5552 amdsbs - ok
22:59:16.0642 5552 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
22:59:16.0643 5552 amdxata - ok
22:59:16.0700 5552 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\Windows\system32\Drivers\ssadadb.sys
22:59:16.0701 5552 androidusb - ok
22:59:16.0817 5552 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
22:59:16.0819 5552 AntiVirSchedulerService - ok
22:59:16.0876 5552 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
22:59:16.0878 5552 AntiVirService - ok
22:59:16.0914 5552 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:59:16.0915 5552 AppID - ok
22:59:16.0972 5552 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:59:16.0973 5552 AppIDSvc - ok
22:59:17.0013 5552 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:59:17.0015 5552 Appinfo - ok
22:59:17.0048 5552 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:59:17.0050 5552 arc - ok
22:59:17.0070 5552 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:59:17.0072 5552 arcsas - ok
22:59:17.0174 5552 aspnet_state (39cdcb109bf200cc8a05b9c7e6272d11) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:59:17.0176 5552 aspnet_state - ok
22:59:17.0209 5552 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:59:17.0209 5552 AsyncMac - ok
22:59:17.0274 5552 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:59:17.0275 5552 atapi - ok
22:59:17.0370 5552 athrusb (44fa26470d4c8123ccf71f4200b782d3) C:\Windows\system32\DRIVERS\athrusb.sys
22:59:17.0377 5552 athrusb - ok
22:59:17.0450 5552 AtiHDAudioService (7725aecceddf81bd8374c77157e450ea) C:\Windows\system32\drivers\AtihdW73.sys
22:59:17.0450 5552 AtiHDAudioService - ok
22:59:17.0945 5552 atikmdag (ab70f110143892eb41aa46500aa5cf00) C:\Windows\system32\DRIVERS\atikmdag.sys
22:59:18.0005 5552 atikmdag - ok
22:59:18.0168 5552 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:59:18.0171 5552 AudioEndpointBuilder - ok
22:59:18.0178 5552 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:59:18.0182 5552 Audiosrv - ok
22:59:18.0288 5552 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
22:59:18.0289 5552 avgntflt - ok
22:59:18.0339 5552 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
22:59:18.0342 5552 avipbb - ok
22:59:18.0365 5552 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
22:59:18.0367 5552 avkmgr - ok
22:59:18.0421 5552 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:59:18.0423 5552 AxInstSV - ok
22:59:18.0491 5552 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:59:18.0498 5552 b06bdrv - ok
22:59:18.0567 5552 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:59:18.0571 5552 b57nd60x - ok
22:59:18.0629 5552 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:59:18.0632 5552 BDESVC - ok
22:59:18.0646 5552 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:59:18.0648 5552 Beep - ok
22:59:18.0712 5552 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:59:18.0716 5552 BFE - ok
22:59:18.0776 5552 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
22:59:18.0783 5552 BITS - ok
22:59:18.0804 5552 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:59:18.0805 5552 blbdrive - ok
22:59:18.0841 5552 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:59:18.0842 5552 bowser - ok
22:59:18.0856 5552 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:59:18.0857 5552 BrFiltLo - ok
22:59:18.0877 5552 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:59:18.0877 5552 BrFiltUp - ok
22:59:18.0909 5552 Bridge (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
22:59:18.0910 5552 Bridge - ok
22:59:18.0919 5552 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
22:59:18.0920 5552 BridgeMP - ok
22:59:18.0960 5552 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:59:18.0961 5552 Browser - ok
22:59:18.0989 5552 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:59:18.0991 5552 Brserid - ok
22:59:19.0005 5552 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:59:19.0006 5552 BrSerWdm - ok
22:59:19.0018 5552 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:59:19.0018 5552 BrUsbMdm - ok
22:59:19.0030 5552 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:59:19.0031 5552 BrUsbSer - ok
22:59:19.0047 5552 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:59:19.0048 5552 BTHMODEM - ok
22:59:19.0074 5552 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:59:19.0075 5552 bthserv - ok
22:59:19.0176 5552 catchme - ok
22:59:19.0219 5552 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:59:19.0220 5552 cdfs - ok
22:59:19.0264 5552 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:59:19.0265 5552 cdrom - ok
22:59:19.0291 5552 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:59:19.0293 5552 CertPropSvc - ok
22:59:19.0335 5552 CFcatchme - ok
22:59:19.0350 5552 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:59:19.0350 5552 circlass - ok
22:59:19.0378 5552 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:59:19.0380 5552 CLFS - ok
22:59:19.0450 5552 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:59:19.0451 5552 clr_optimization_v2.0.50727_32 - ok
22:59:19.0560 5552 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:59:19.0563 5552 clr_optimization_v4.0.30319_32 - ok
22:59:19.0585 5552 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:59:19.0586 5552 CmBatt - ok
22:59:19.0621 5552 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:59:19.0622 5552 cmdide - ok
22:59:19.0673 5552 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
22:59:19.0677 5552 CNG - ok
22:59:19.0697 5552 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:59:19.0698 5552 Compbatt - ok
22:59:19.0742 5552 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:59:19.0742 5552 CompositeBus - ok
22:59:19.0757 5552 COMSysApp - ok
22:59:19.0776 5552 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:59:19.0776 5552 crcdisk - ok
22:59:19.0825 5552 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
22:59:19.0826 5552 CryptSvc - ok
22:59:19.0866 5552 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:59:19.0870 5552 DcomLaunch - ok
22:59:19.0930 5552 DefragFS (292e9ec82df08cbdd1cc51d963f38248) C:\Windows\system32\drivers\DefragFS.sys
22:59:19.0931 5552 DefragFS - ok
22:59:19.0970 5552 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:59:19.0972 5552 defragsvc - ok
22:59:20.0006 5552 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:59:20.0007 5552 DfsC - ok
22:59:20.0054 5552 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:59:20.0057 5552 Dhcp - ok
22:59:20.0071 5552 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:59:20.0072 5552 discache - ok
22:59:20.0103 5552 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:59:20.0103 5552 Disk - ok
22:59:20.0143 5552 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:59:20.0144 5552 Dnscache - ok
22:59:20.0179 5552 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:59:20.0182 5552 dot3svc - ok
22:59:20.0212 5552 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:59:20.0214 5552 DPS - ok
22:59:20.0250 5552 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:59:20.0252 5552 drmkaud - ok
22:59:20.0318 5552 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:59:20.0323 5552 dtsoftbus01 - ok
22:59:20.0406 5552 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:59:20.0416 5552 DXGKrnl - ok
22:59:20.0461 5552 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:59:20.0463 5552 EapHost - ok
22:59:20.0616 5552 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:59:20.0635 5552 ebdrv - ok
22:59:20.0766 5552 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:59:20.0768 5552 EFS - ok
22:59:20.0841 5552 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:59:20.0844 5552 ehRecvr - ok
22:59:20.0884 5552 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:59:20.0885 5552 ehSched - ok
22:59:20.0970 5552 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:59:20.0978 5552 elxstor - ok
22:59:21.0016 5552 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:59:21.0017 5552 ErrDev - ok
22:59:21.0055 5552 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:59:21.0059 5552 EventSystem - ok
22:59:21.0083 5552 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:59:21.0085 5552 exfat - ok
22:59:21.0109 5552 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:59:21.0111 5552 fastfat - ok
22:59:21.0180 5552 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:59:21.0186 5552 Fax - ok
22:59:21.0218 5552 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:59:21.0219 5552 fdc - ok
22:59:21.0230 5552 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:59:21.0232 5552 fdPHost - ok
22:59:21.0244 5552 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:59:21.0245 5552 FDResPub - ok
22:59:21.0260 5552 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:59:21.0261 5552 FileInfo - ok
22:59:21.0281 5552 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:59:21.0282 5552 Filetrace - ok
22:59:21.0286 5552 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:59:21.0287 5552 flpydisk - ok
22:59:21.0311 5552 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:59:21.0312 5552 FltMgr - ok
22:59:21.0381 5552 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
22:59:21.0386 5552 FontCache - ok
22:59:21.0490 5552 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:59:21.0492 5552 FontCache3.0.0.0 - ok
22:59:21.0510 5552 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:59:21.0511 5552 FsDepends - ok
22:59:21.0550 5552 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS
22:59:21.0551 5552 FsUsbExDisk - ok
22:59:21.0591 5552 FsUsbExService (96633419f4a1e37acb89b45ebccfe001) C:\Windows\system32\FsUsbExService.Exe
22:59:21.0594 5552 FsUsbExService - ok
22:59:21.0631 5552 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:59:21.0632 5552 Fs_Rec - ok
22:59:21.0677 5552 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:59:21.0681 5552 fvevol - ok
22:59:21.0718 5552 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:59:21.0719 5552 gagp30kx - ok
22:59:21.0807 5552 GGSAFERDriver - ok
22:59:21.0872 5552 ggsemc (9acdecca8fa4fefd6b4c4c423dc8ada5) C:\Windows\system32\DRIVERS\ggsemc.sys
22:59:21.0873 5552 ggsemc - ok
22:59:21.0887 5552 GMSIPCI - ok
22:59:21.0946 5552 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:59:21.0952 5552 gpsvc - ok
22:59:21.0972 5552 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:59:21.0973 5552 hcw85cir - ok
22:59:22.0049 5552 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:59:22.0051 5552 HdAudAddService - ok
22:59:22.0089 5552 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:59:22.0090 5552 HDAudBus - ok
22:59:22.0108 5552 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:59:22.0109 5552 HidBatt - ok
22:59:22.0148 5552 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:59:22.0149 5552 HidBth - ok
22:59:22.0175 5552 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:59:22.0176 5552 HidIr - ok
22:59:22.0200 5552 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
22:59:22.0200 5552 hidserv - ok
22:59:22.0254 5552 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:59:22.0254 5552 HidUsb - ok
22:59:22.0290 5552 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:59:22.0292 5552 hkmsvc - ok
22:59:22.0331 5552 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:59:22.0333 5552 HomeGroupListener - ok
22:59:22.0369 5552 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:59:22.0372 5552 HomeGroupProvider - ok
22:59:22.0411 5552 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:59:22.0412 5552 HpSAMD - ok
22:59:22.0474 5552 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:59:22.0478 5552 HTTP - ok
22:59:22.0482 5552 Huawei - ok
22:59:22.0491 5552 hwdatacard - ok
22:59:22.0534 5552 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:59:22.0534 5552 hwpolicy - ok
22:59:22.0580 5552 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:59:22.0581 5552 i8042prt - ok
22:59:22.0617 5552 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
22:59:22.0619 5552 iaStorV - ok
22:59:22.0762 5552 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:59:22.0772 5552 idsvc - ok
22:59:22.0899 5552 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:59:22.0900 5552 iirsp - ok
22:59:22.0959 5552 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:59:22.0966 5552 IKEEXT - ok
22:59:22.0984 5552 IntcAzAudAddService - ok
22:59:23.0000 5552 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:59:23.0000 5552 intelide - ok
22:59:23.0034 5552 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:59:23.0034 5552 intelppm - ok
22:59:23.0072 5552 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:59:23.0074 5552 IPBusEnum - ok
22:59:23.0092 5552 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:59:23.0093 5552 IpFilterDriver - ok
22:59:23.0198 5552 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:59:23.0204 5552 iphlpsvc - ok
22:59:23.0235 5552 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:59:23.0237 5552 IPMIDRV - ok
22:59:23.0257 5552 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:59:23.0259 5552 IPNAT - ok
22:59:23.0282 5552 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:59:23.0283 5552 IRENUM - ok
22:59:23.0310 5552 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:59:23.0311 5552 isapnp - ok
22:59:23.0352 5552 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:59:23.0354 5552 iScsiPrt - ok
22:59:23.0382 5552 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
22:59:23.0384 5552 kbdclass - ok
22:59:23.0429 5552 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
22:59:23.0432 5552 kbdhid - ok
22:59:23.0467 5552 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:59:23.0471 5552 KeyIso - ok
22:59:23.0486 5552 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
22:59:23.0489 5552 KSecDD - ok
22:59:23.0519 5552 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
22:59:23.0521 5552 KSecPkg - ok
22:59:23.0563 5552 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:59:23.0600 5552 KtmRm - ok
22:59:23.0642 5552 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
22:59:23.0647 5552 LanmanServer - ok
22:59:23.0696 5552 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:59:23.0700 5552 LanmanWorkstation - ok
22:59:23.0743 5552 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:59:23.0745 5552 lltdio - ok
22:59:23.0778 5552 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:59:23.0795 5552 lltdsvc - ok
22:59:23.0830 5552 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:59:23.0833 5552 lmhosts - ok
22:59:23.0867 5552 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:59:23.0869 5552 LSI_FC - ok
22:59:23.0895 5552 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:59:23.0897 5552 LSI_SAS - ok
22:59:23.0914 5552 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:59:23.0916 5552 LSI_SAS2 - ok
22:59:23.0939 5552 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:59:23.0940 5552 LSI_SCSI - ok
22:59:23.0972 5552 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:59:23.0974 5552 luafv - ok
22:59:24.0017 5552 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:59:24.0021 5552 Mcx2Svc - ok
22:59:24.0034 5552 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:59:24.0035 5552 megasas - ok
22:59:24.0061 5552 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:59:24.0076 5552 MegaSR - ok
22:59:24.0177 5552 Microsoft SharePoint Workspace Audit Service - ok
22:59:24.0215 5552 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:59:24.0217 5552 MMCSS - ok
22:59:24.0229 5552 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:59:24.0230 5552 Modem - ok
22:59:24.0274 5552 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:59:24.0275 5552 monitor - ok
22:59:24.0319 5552 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:59:24.0320 5552 mouclass - ok
22:59:24.0332 5552 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:59:24.0333 5552 mouhid - ok
22:59:24.0369 5552 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:59:24.0370 5552 mountmgr - ok
22:59:24.0406 5552 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:59:24.0407 5552 mpio - ok
22:59:24.0425 5552 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:59:24.0427 5552 mpsdrv - ok
22:59:24.0492 5552 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:59:24.0555 5552 MpsSvc - ok
22:59:24.0627 5552 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:59:24.0631 5552 MRxDAV - ok
22:59:24.0675 5552 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:59:24.0679 5552 mrxsmb - ok
22:59:24.0719 5552 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:59:24.0723 5552 mrxsmb10 - ok
22:59:24.0745 5552 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:59:24.0748 5552 mrxsmb20 - ok
22:59:24.0786 5552 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:59:24.0787 5552 msahci - ok
22:59:24.0820 5552 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:59:24.0821 5552 msdsm - ok
22:59:24.0855 5552 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:59:24.0859 5552 MSDTC - ok
22:59:24.0900 5552 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:59:24.0901 5552 Msfs - ok
22:59:24.0921 5552 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:59:24.0921 5552 mshidkmdf - ok
22:59:24.0956 5552 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:59:24.0957 5552 msisadrv - ok
22:59:24.0999 5552 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:59:25.0003 5552 MSiSCSI - ok
22:59:25.0007 5552 msiserver - ok
22:59:25.0040 5552 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:59:25.0041 5552 MSKSSRV - ok
22:59:25.0068 5552 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:59:25.0069 5552 MSPCLOCK - ok
22:59:25.0080 5552 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:59:25.0082 5552 MSPQM - ok
22:59:25.0114 5552 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:59:25.0117 5552 MsRPC - ok
22:59:25.0137 5552 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:59:25.0138 5552 mssmbios - ok
22:59:25.0155 5552 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:59:25.0156 5552 MSTEE - ok
22:59:25.0173 5552 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:59:25.0174 5552 MTConfig - ok
22:59:25.0188 5552 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:59:25.0189 5552 Mup - ok
22:59:25.0211 5552 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:59:25.0225 5552 napagent - ok
22:59:25.0274 5552 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:59:25.0276 5552 NativeWifiP - ok
22:59:25.0417 5552 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
22:59:25.0421 5552 NAUpdate - ok
22:59:25.0479 5552 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:59:25.0484 5552 NDIS - ok
22:59:25.0495 5552 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:59:25.0496 5552 NdisCap - ok
22:59:25.0524 5552 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:59:25.0526 5552 NdisTapi - ok
22:59:25.0569 5552 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:59:25.0572 5552 Ndisuio - ok
22:59:25.0608 5552 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:59:25.0612 5552 NdisWan - ok
22:59:25.0650 5552 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:59:25.0653 5552 NDProxy - ok
22:59:25.0671 5552 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:59:25.0673 5552 NetBIOS - ok
22:59:25.0718 5552 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:59:25.0721 5552 NetBT - ok
22:59:25.0755 5552 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:59:25.0758 5552 Netlogon - ok
22:59:25.0829 5552 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:59:25.0834 5552 Netman - ok
22:59:25.0867 5552 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:59:25.0873 5552 netprofm - ok
22:59:25.0974 5552 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:59:25.0976 5552 NetTcpPortSharing - ok
22:59:26.0009 5552 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:59:26.0011 5552 nfrd960 - ok
22:59:26.0037 5552 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:59:26.0042 5552 NlaSvc - ok
22:59:26.0051 5552 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:59:26.0053 5552 Npfs - ok
22:59:26.0077 5552 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:59:26.0080 5552 nsi - ok
22:59:26.0098 5552 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:59:26.0099 5552 nsiproxy - ok
22:59:26.0224 5552 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
22:59:26.0242 5552 Ntfs - ok
22:59:26.0621 5552 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:59:26.0623 5552 Null - ok
22:59:27.0293 5552 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:59:27.0452 5552 nvlddmkm - ok
22:59:27.0616 5552 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
22:59:27.0620 5552 nvraid - ok
22:59:27.0661 5552 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
22:59:27.0664 5552 nvstor - ok
22:59:27.0716 5552 nvsvc (4ed813efd77a9b7e57e341cdc1c5cbc4) C:\Windows\system32\nvvsvc.exe
22:59:27.0724 5552 nvsvc - ok
22:59:27.0747 5552 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:59:27.0750 5552 nv_agp - ok
22:59:27.0785 5552 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:59:27.0787 5552 ohci1394 - ok
22:59:27.0890 5552 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:59:27.0893 5552 ose - ok
22:59:28.0175 5552 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:59:28.0200 5552 osppsvc - ok
22:59:28.0288 5552 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:59:28.0304 5552 p2pimsvc - ok
22:59:28.0346 5552 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:59:28.0361 5552 p2psvc - ok
22:59:28.0430 5552 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:59:28.0432 5552 Parport - ok
22:59:28.0475 5552 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:59:28.0476 5552 partmgr - ok
22:59:28.0487 5552 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:59:28.0488 5552 Parvdm - ok
22:59:28.0510 5552 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:59:28.0513 5552 PcaSvc - ok
22:59:28.0549 5552 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:59:28.0551 5552 pci - ok
22:59:28.0578 5552 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:59:28.0578 5552 pciide - ok
22:59:28.0606 5552 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:59:28.0609 5552 pcmcia - ok
22:59:28.0624 5552 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:59:28.0625 5552 pcw - ok
22:59:28.0659 5552 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:59:28.0662 5552 PEAUTH - ok
22:59:28.0796 5552 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:59:28.0835 5552 pla - ok
22:59:28.0941 5552 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:59:28.0947 5552 PlugPlay - ok
22:59:28.0996 5552 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe
22:59:28.0999 5552 PnkBstrA - ok
22:59:29.0026 5552 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:59:29.0029 5552 PNRPAutoReg - ok
22:59:29.0056 5552 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:59:29.0060 5552 PNRPsvc - ok
22:59:29.0095 5552 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:59:29.0108 5552 PolicyAgent - ok
22:59:29.0139 5552 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:59:29.0143 5552 Power - ok
22:59:29.0209 5552 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:59:29.0211 5552 PptpMiniport - ok
22:59:29.0231 5552 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:59:29.0233 5552 Processor - ok
22:59:29.0279 5552 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
22:59:29.0283 5552 ProfSvc - ok
22:59:29.0311 5552 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:59:29.0313 5552 ProtectedStorage - ok
22:59:29.0357 5552 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:59:29.0359 5552 Psched - ok
22:59:29.0397 5552 pwdrvio (681ae4f1927fe0fdeee2863f1684088d) C:\Windows\system32\pwdrvio.sys
22:59:29.0403 5552 pwdrvio - ok
22:59:29.0461 5552 pwdspio (bc60895ce021309ebd887d2f22055654) C:\Windows\system32\pwdspio.sys
22:59:29.0468 5552 pwdspio - ok
22:59:29.0578 5552 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:59:29.0615 5552 ql2300 - ok
22:59:29.0742 5552 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:59:29.0744 5552 ql40xx - ok
22:59:29.0781 5552 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:59:29.0798 5552 QWAVE - ok
22:59:29.0838 5552 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:59:29.0840 5552 QWAVEdrv - ok
22:59:29.0859 5552 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:59:29.0861 5552 RasAcd - ok
22:59:29.0906 5552 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:59:29.0908 5552 RasAgileVpn - ok
22:59:29.0926 5552 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:59:29.0946 5552 RasAuto - ok
22:59:29.0971 5552 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:59:29.0974 5552 Rasl2tp - ok
22:59:30.0030 5552 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:59:30.0035 5552 RasMan - ok
22:59:30.0051 5552 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:59:30.0053 5552 RasPppoe - ok
22:59:30.0081 5552 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:59:30.0083 5552 RasSstp - ok
22:59:30.0129 5552 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:59:30.0131 5552 rdbss - ok
22:59:30.0151 5552 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:59:30.0152 5552 rdpbus - ok
22:59:30.0181 5552 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:59:30.0181 5552 RDPCDD - ok
22:59:30.0209 5552 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:59:30.0209 5552 RDPENCDD - ok
22:59:30.0229 5552 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:59:30.0229 5552 RDPREFMP - ok
22:59:30.0269 5552 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
22:59:30.0272 5552 RDPWD - ok
22:59:30.0309 5552 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:59:30.0311 5552 rdyboost - ok
22:59:30.0344 5552 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:59:30.0347 5552 RemoteAccess - ok
22:59:30.0367 5552 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:59:30.0371 5552 RemoteRegistry - ok
22:59:30.0408 5552 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:59:30.0410 5552 RpcEptMapper - ok
22:59:30.0444 5552 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:59:30.0446 5552 RpcLocator - ok
22:59:30.0499 5552 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:59:30.0503 5552 RpcSs - ok
22:59:30.0519 5552 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:59:30.0521 5552 rspndr - ok
22:59:30.0562 5552 RTL8023xp (4a9f49d1b7e67f7ab9595b61126e81fd) C:\Windows\system32\DRIVERS\Rtnicxp.sys
22:59:30.0563 5552 RTL8023xp - ok
22:59:30.0617 5552 RTL8167 (e099d23ee1bbce0cf5745f811f3b1882) C:\Windows\system32\DRIVERS\Rt86win7.sys
22:59:30.0640 5552 RTL8167 - ok
22:59:30.0794 5552 Rx2Agent (0a61445a4a4b0e479e89198349b1bc0d) C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe
22:59:30.0822 5552 Rx2Agent - ok
22:59:30.0931 5552 Rx2Engine (4c1175ec46033e8d52cc467aec4dde64) C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe
22:59:30.0946 5552 Rx2Engine - ok
22:59:31.0067 5552 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:59:31.0069 5552 SamSs - ok
22:59:31.0166 5552 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:59:31.0168 5552 sbp2port - ok
22:59:31.0203 5552 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:59:31.0212 5552 SCardSvr - ok
22:59:31.0247 5552 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:59:31.0249 5552 scfilter - ok
22:59:31.0325 5552 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:59:31.0343 5552 Schedule - ok
22:59:31.0393 5552 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:59:31.0395 5552 SCPolicySvc - ok
22:59:31.0441 5552 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:59:31.0460 5552 SDRSVC - ok
22:59:31.0503 5552 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:59:31.0504 5552 secdrv - ok
22:59:31.0516 5552 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:59:31.0520 5552 seclogon - ok
22:59:31.0547 5552 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
22:59:31.0551 5552 SENS - ok
22:59:31.0567 5552 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:59:31.0572 5552 SensrSvc - ok
22:59:31.0600 5552 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:59:31.0601 5552 Serenum - ok
22:59:31.0637 5552 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:59:31.0639 5552 Serial - ok
22:59:31.0667 5552 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:59:31.0669 5552 sermouse - ok
22:59:31.0724 5552 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:59:31.0729 5552 SessionEnv - ok
22:59:31.0804 5552 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:59:31.0807 5552 sffdisk - ok
22:59:31.0824 5552 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:59:31.0825 5552 sffp_mmc - ok
22:59:31.0845 5552 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:59:31.0847 5552 sffp_sd - ok
22:59:31.0864 5552 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:59:31.0864 5552 sfloppy - ok
22:59:31.0920 5552 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:59:31.0925 5552 SharedAccess - ok
22:59:31.0973 5552 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:59:31.0978 5552 ShellHWDetection - ok
22:59:32.0010 5552 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:59:32.0011 5552 sisagp - ok
22:59:32.0042 5552 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:59:32.0043 5552 SiSRaid2 - ok
22:59:32.0066 5552 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:59:32.0068 5552 SiSRaid4 - ok
22:59:32.0106 5552 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:59:32.0108 5552 Smb - ok
22:59:32.0143 5552 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
22:59:32.0147 5552 SNMPTRAP - ok
22:59:32.0266 5552 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
22:59:32.0269 5552 Sony PC Companion - ok
22:59:32.0295 5552 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:59:32.0296 5552 spldr - ok
22:59:32.0343 5552 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
22:59:32.0357 5552 Spooler - ok
22:59:32.0528 5552 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
22:59:32.0547 5552 sppsvc - ok
22:59:32.0674 5552 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
22:59:32.0677 5552 sppuinotify - ok
22:59:32.0813 5552 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys
22:59:32.0814 5552 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
22:59:32.0818 5552 sptd ( LockedFile.Multi.Generic ) - warning
22:59:32.0819 5552 sptd - detected LockedFile.Multi.Generic (1)
22:59:32.0858 5552 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:59:32.0861 5552 srv - ok
22:59:32.0887 5552 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:59:32.0889 5552 srv2 - ok
22:59:32.0901 5552 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:59:32.0902 5552 srvnet - ok
22:59:32.0953 5552 ssadbus (406776fe3c2b66796bac1a7afb9ac8a1) C:\Windows\system32\DRIVERS\ssadbus.sys
22:59:32.0955 5552 ssadbus - ok
22:59:32.0982 5552 ssadmdfl (b19532d015a5d295e2aa34bb521202cf) C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:59:32.0983 5552 ssadmdfl - ok
22:59:33.0017 5552 ssadmdm (2aebf9108e6f435458b9499c27394da4) C:\Windows\system32\DRIVERS\ssadmdm.sys
22:59:33.0019 5552 ssadmdm - ok
22:59:33.0055 5552 ssadserd (28f893c9b4e98dee5ae3c24db56b1b11) C:\Windows\system32\DRIVERS\ssadserd.sys
22:59:33.0057 5552 ssadserd - ok
22:59:33.0095 5552 sscdbus (ffe42941e0326c322f40b0b79a46493c) C:\Windows\system32\DRIVERS\sscdbus.sys
22:59:33.0097 5552 sscdbus - ok
22:59:33.0143 5552 sscdmdfl (a68e7d87adfbb8c50d88cd58230c6819) C:\Windows\system32\DRIVERS\sscdmdfl.sys
22:59:33.0146 5552 sscdmdfl - ok
22:59:33.0176 5552 sscdmdm (b534b24151281856ec2f69ed3d6d60dd) C:\Windows\system32\DRIVERS\sscdmdm.sys
22:59:33.0182 5552 sscdmdm - ok
22:59:33.0230 5552 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
22:59:33.0239 5552 SSDPSRV - ok
22:59:33.0295 5552 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
22:59:33.0298 5552 ssmdrv - ok
22:59:33.0317 5552 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
22:59:33.0325 5552 SstpSvc - ok
22:59:33.0362 5552 ss_bbus (3f0164fbc0bd1adbd02df9759181451a) C:\Windows\system32\DRIVERS\ss_bbus.sys
22:59:33.0364 5552 ss_bbus - ok
22:59:33.0398 5552 ss_bmdfl (b89d62206034e5fe573c80a24dd55675) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
22:59:33.0400 5552 ss_bmdfl - ok
22:59:33.0431 5552 ss_bmdm (1ed0fcea586fe2a416ee15196e5631dd) C:\Windows\system32\DRIVERS\ss_bmdm.sys
22:59:33.0434 5552 ss_bmdm - ok
22:59:33.0462 5552 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:59:33.0463 5552 stexstor - ok
22:59:33.0522 5552 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
22:59:33.0530 5552 StiSvc - ok
22:59:33.0596 5552 SWDUMon (6ed7abf6cb1e6ec0debb53e0f104ed64) C:\Windows\system32\DRIVERS\SWDUMon.sys
22:59:33.0598 5552 SWDUMon - ok
22:59:33.0634 5552 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:59:33.0635 5552 swenum - ok
22:59:33.0656 5552 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
22:59:33.0661 5552 swprv - ok
22:59:33.0747 5552 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
22:59:33.0761 5552 SysMain - ok
22:59:33.0795 5552 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
22:59:33.0799 5552 TabletInputService - ok
22:59:33.0847 5552 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
22:59:33.0852 5552 TapiSrv - ok
22:59:33.0862 5552 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
22:59:33.0866 5552 TBS - ok
22:59:34.0032 5552 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
22:59:34.0049 5552 Tcpip - ok
22:59:34.0211 5552 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
22:59:34.0219 5552 TCPIP6 - ok
22:59:34.0301 5552 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:59:34.0303 5552 tcpipreg - ok
22:59:34.0334 5552 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:59:34.0335 5552 TDPIPE - ok
22:59:34.0362 5552 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:59:34.0363 5552 TDTCP - ok
22:59:34.0401 5552 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:59:34.0403 5552 tdx - ok
22:59:34.0439 5552 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:59:34.0441 5552 TermDD - ok
22:59:34.0495 5552 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
22:59:34.0543 5552 TermService - ok
22:59:34.0567 5552 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
22:59:34.0575 5552 Themes - ok
22:59:34.0616 5552 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:59:34.0620 5552 THREADORDER - ok
22:59:34.0673 5552 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
22:59:34.0681 5552 TrkWks - ok
22:59:34.0753 5552 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
22:59:34.0757 5552 TrustedInstaller - ok
22:59:34.0783 5552 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:59:34.0785 5552 tssecsrv - ok
22:59:34.0838 5552 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:59:34.0840 5552 TsUsbFlt - ok
22:59:34.0884 5552 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:59:34.0887 5552 tunnel - ok
22:59:34.0920 5552 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:59:34.0922 5552 uagp35 - ok
22:59:34.0963 5552 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:59:34.0966 5552 udfs - ok
22:59:34.0990 5552 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
22:59:34.0994 5552 UI0Detect - ok
22:59:35.0019 5552 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:59:35.0021 5552 uliagpkx - ok
22:59:35.0062 5552 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
22:59:35.0064 5552 umbus - ok
22:59:35.0099 5552 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:59:35.0100 5552 UmPass - ok
22:59:35.0132 5552 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
22:59:35.0139 5552 upnphost - ok
22:59:35.0160 5552 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
22:59:35.0162 5552 usbccgp - ok
22:59:35.0192 5552 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:59:35.0194 5552 usbcir - ok
22:59:35.0208 5552 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
22:59:35.0209 5552 usbehci - ok
22:59:35.0237 5552 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
22:59:35.0239 5552 usbhub - ok
22:59:35.0256 5552 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
22:59:35.0257 5552 usbohci - ok
22:59:35.0271 5552 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:59:35.0273 5552 usbprint - ok
22:59:35.0288 5552 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:59:35.0290 5552 USBSTOR - ok
22:59:35.0309 5552 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
22:59:35.0310 5552 usbuhci - ok
22:59:35.0325 5552 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
22:59:35.0327 5552 UxSms - ok
22:59:35.0355 5552 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:59:35.0357 5552 VaultSvc - ok
22:59:35.0371 5552 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:59:35.0372 5552 vdrvroot - ok
22:59:35.0431 5552 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
22:59:35.0443 5552 vds - ok
22:59:35.0464 5552 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:59:35.0466 5552 vga - ok
22:59:35.0471 5552 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:59:35.0473 5552 VgaSave - ok
22:59:35.0510 5552 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:59:35.0513 5552 vhdmp - ok
22:59:35.0528 5552 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:59:35.0530 5552 viaagp - ok
22:59:35.0545 5552 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:59:35.0547 5552 ViaC7 - ok
22:59:35.0576 5552 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:59:35.0577 5552 viaide - ok
22:59:35.0614 5552 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:59:35.0615 5552 volmgr - ok
22:59:35.0640 5552 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:59:35.0642 5552 volmgrx - ok
22:59:35.0660 5552 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:59:35.0662 5552 volsnap - ok
22:59:35.0730 5552 VRAID Log Service (4775579d1ae9c881a6f2f7739858e7cd) C:\Program Files\VIA\RAID\vialogsv.exe
22:59:35.0731 5552 VRAID Log Service - ok
22:59:35.0761 5552 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:59:35.0764 5552 vsmraid - ok
22:59:35.0864 5552 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
22:59:35.0881 5552 VSS - ok
22:59:35.0897 5552 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
22:59:35.0898 5552 vwifibus - ok
22:59:35.0955 5552 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
22:59:35.0970 5552 W32Time - ok
22:59:35.0994 5552 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:59:35.0995 5552 WacomPen - ok
22:59:36.0035 5552 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:59:36.0037 5552 WANARP - ok
22:59:36.0041 5552 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:59:36.0042 5552 Wanarpv6 - ok
22:59:36.0165 5552 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
22:59:36.0192 5552 WatAdminSvc - ok
22:59:36.0368 5552 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
22:59:36.0427 5552 wbengine - ok
22:59:36.0453 5552 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
22:59:36.0473 5552 WbioSrvc - ok
22:59:36.0521 5552 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
22:59:36.0535 5552 wcncsvc - ok
22:59:36.0555 5552 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
22:59:36.0560 5552 WcsPlugInService - ok
22:59:36.0620 5552 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:59:36.0621 5552 Wd - ok
22:59:36.0659 5552 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:59:36.0662 5552 Wdf01000 - ok
22:59:36.0681 5552 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:59:36.0685 5552 WdiServiceHost - ok
22:59:36.0690 5552 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:59:36.0694 5552 WdiSystemHost - ok
22:59:36.0731 5552 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
22:59:36.0748 5552 WebClient - ok
22:59:36.0764 5552 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
22:59:36.0769 5552 Wecsvc - ok
22:59:36.0779 5552 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
22:59:36.0782 5552 wercplsupport - ok
22:59:36.0816 5552 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
22:59:36.0819 5552 WerSvc - ok
22:59:36.0846 5552 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:59:36.0847 5552 WfpLwf - ok
22:59:36.0859 5552 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:59:36.0860 5552 WIMMount - ok
22:59:36.0968 5552 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
22:59:36.0986 5552 WinDefend - ok
22:59:36.0993 5552 WinHttpAutoProxySvc - ok
22:59:37.0052 5552 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
22:59:37.0053 5552 Winmgmt - ok
22:59:37.0138 5552 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
22:59:37.0152 5552 WinRM - ok
22:59:37.0210 5552 WinUSB (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUSB.sys
22:59:37.0211 5552 WinUSB - ok
22:59:37.0284 5552 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
22:59:37.0293 5552 Wlansvc - ok
22:59:37.0319 5552 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:59:37.0320 5552 WmiAcpi - ok
22:59:37.0344 5552 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
22:59:37.0347 5552 wmiApSrv - ok
22:59:37.0420 5552 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:59:37.0427 5552 WMPNetworkSvc - ok
22:59:37.0544 5552 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
22:59:37.0553 5552 WPCSvc - ok
22:59:37.0598 5552 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
22:59:37.0603 5552 WPDBusEnum - ok
22:59:37.0637 5552 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:59:37.0638 5552 ws2ifsl - ok
22:59:37.0654 5552 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
22:59:37.0659 5552 wscsvc - ok
22:59:37.0664 5552 WSearch - ok
22:59:37.0784 5552 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
22:59:37.0819 5552 wuauserv - ok
22:59:37.0898 5552 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:59:37.0900 5552 WudfPf - ok
22:59:37.0949 5552 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:59:37.0950 5552 WUDFRd - ok
22:59:37.0998 5552 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
22:59:38.0001 5552 wudfsvc - ok
22:59:38.0048 5552 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
22:59:38.0065 5552 WwanSvc - ok
22:59:38.0138 5552 ZD1211BU(TP-LINK) (d125e1445bb9dc951c250d4192e70841) C:\Windows\system32\DRIVERS\zd1211Bu.sys
22:59:38.0156 5552 ZD1211BU(TP-LINK) - ok
22:59:38.0190 5552 ZDPSp60 - ok
22:59:38.0800 5552 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk1\DR1
22:59:38.0803 5552 \Device\Harddisk1\DR1 - ok
22:59:38.0819 5552 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:59:39.0185 5552 \Device\Harddisk0\DR0 - ok
22:59:39.0189 5552 Boot (0x1200) (3edd9ff2dc70e91f4d9441177ac7a2de) \Device\Harddisk1\DR1\Partition0
22:59:39.0191 5552 \Device\Harddisk1\DR1\Partition0 - ok
22:59:39.0196 5552 Boot (0x1200) (4d17e3aac638bf1bd503bc314584e546) \Device\Harddisk0\DR0\Partition0
22:59:39.0197 5552 \Device\Harddisk0\DR0\Partition0 - ok
22:59:39.0199 5552 ============================================================
22:59:39.0199 5552 Scan finished
22:59:39.0199 5552 ============================================================
22:59:39.0213 5652 Detected object count: 1
22:59:39.0213 5652 Actual detected object count: 1
22:59:41.0662 5652 sptd ( LockedFile.Multi.Generic ) - skipped by user
22:59:41.0663 5652 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
22:59:53.0730 4164 ============================================================
22:59:53.0730 4164 Scan started
22:59:53.0730 4164 Mode: Manual;
22:59:53.0730 4164 ============================================================
22:59:53.0954 4164 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:59:53.0956 4164 1394ohci - ok
22:59:53.0998 4164 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:59:54.0000 4164 ACPI - ok
22:59:54.0027 4164 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:59:54.0027 4164 AcpiPmi - ok
22:59:54.0124 4164 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:59:54.0124 4164 AdobeARMservice - ok
22:59:54.0208 4164 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:59:54.0213 4164 AdobeFlashPlayerUpdateSvc - ok
22:59:54.0275 4164 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:59:54.0283 4164 adp94xx - ok
22:59:54.0319 4164 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:59:54.0322 4164 adpahci - ok
22:59:54.0331 4164 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:59:54.0333 4164 adpu320 - ok
22:59:54.0376 4164 adusbser (e4283b3de62494325818d60c638cdd51) C:\Windows\system32\DRIVERS\adusbser.sys
22:59:54.0378 4164 adusbser - ok
22:59:54.0416 4164 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:59:54.0417 4164 AeLookupSvc - ok
22:59:54.0469 4164 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:59:54.0472 4164 AFD - ok
22:59:54.0524 4164 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:59:54.0525 4164 agp440 - ok
22:59:54.0543 4164 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:59:54.0544 4164 aic78xx - ok
22:59:54.0560 4164 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:59:54.0561 4164 ALG - ok
22:59:54.0580 4164 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:59:54.0581 4164 aliide - ok
22:59:54.0620 4164 AMD External Events Utility (f970ea885aefeb1b9eb97ca7f1eb226d) C:\Windows\system32\atiesrxx.exe
22:59:54.0622 4164 AMD External Events Utility - ok
22:59:54.0687 4164 AMD FUEL Service - ok
22:59:54.0706 4164 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:59:54.0707 4164 amdagp - ok
22:59:54.0725 4164 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:59:54.0726 4164 amdide - ok
22:59:54.0744 4164 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
22:59:54.0744 4164 amdiox86 - ok
22:59:54.0757 4164 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:59:54.0758 4164 AmdK8 - ok
22:59:55.0212 4164 amdkmdag (ab70f110143892eb41aa46500aa5cf00) C:\Windows\system32\DRIVERS\atikmdag.sys
22:59:55.0275 4164 amdkmdag - ok
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

Re: r.o.s.t.a.c.k.a - kontrola logu.

#150 Příspěvek od r.o.s.t.a.c.k.a »

22:59:55.0441 4164 amdkmdap (32d68d05b871eed5572d0c2c764ea4ec) C:\Windows\system32\DRIVERS\atikmpag.sys
22:59:55.0443 4164 amdkmdap - ok
22:59:55.0481 4164 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
22:59:55.0482 4164 AmdLLD - ok
22:59:55.0501 4164 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:59:55.0501 4164 AmdPPM - ok
22:59:55.0534 4164 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
22:59:55.0535 4164 amdsata - ok
22:59:55.0557 4164 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:59:55.0559 4164 amdsbs - ok
22:59:55.0575 4164 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
22:59:55.0575 4164 amdxata - ok
22:59:55.0610 4164 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\Windows\system32\Drivers\ssadadb.sys
22:59:55.0611 4164 androidusb - ok
22:59:55.0706 4164 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
22:59:55.0709 4164 AntiVirSchedulerService - ok
22:59:55.0755 4164 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
22:59:55.0757 4164 AntiVirService - ok
22:59:55.0792 4164 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:59:55.0793 4164 AppID - ok
22:59:55.0827 4164 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:59:55.0829 4164 AppIDSvc - ok
22:59:55.0867 4164 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:59:55.0869 4164 Appinfo - ok
22:59:55.0889 4164 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:59:55.0892 4164 arc - ok
22:59:55.0913 4164 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:59:55.0915 4164 arcsas - ok
22:59:55.0985 4164 aspnet_state (39cdcb109bf200cc8a05b9c7e6272d11) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:59:55.0985 4164 aspnet_state - ok
22:59:55.0997 4164 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:59:55.0998 4164 AsyncMac - ok
22:59:56.0029 4164 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:59:56.0030 4164 atapi - ok
22:59:56.0114 4164 athrusb (44fa26470d4c8123ccf71f4200b782d3) C:\Windows\system32\DRIVERS\athrusb.sys
22:59:56.0119 4164 athrusb - ok
22:59:56.0160 4164 AtiHDAudioService (7725aecceddf81bd8374c77157e450ea) C:\Windows\system32\drivers\AtihdW73.sys
22:59:56.0161 4164 AtiHDAudioService - ok
22:59:56.0564 4164 atikmdag (ab70f110143892eb41aa46500aa5cf00) C:\Windows\system32\DRIVERS\atikmdag.sys
22:59:56.0612 4164 atikmdag - ok
22:59:56.0753 4164 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:59:56.0756 4164 AudioEndpointBuilder - ok
22:59:56.0763 4164 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:59:56.0766 4164 Audiosrv - ok
22:59:56.0832 4164 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
22:59:56.0833 4164 avgntflt - ok
22:59:56.0848 4164 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
22:59:56.0849 4164 avipbb - ok
22:59:56.0863 4164 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
22:59:56.0864 4164 avkmgr - ok
22:59:56.0897 4164 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:59:56.0898 4164 AxInstSV - ok
22:59:56.0940 4164 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:59:56.0943 4164 b06bdrv - ok
22:59:56.0985 4164 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:59:56.0987 4164 b57nd60x - ok
22:59:57.0027 4164 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:59:57.0028 4164 BDESVC - ok
22:59:57.0044 4164 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:59:57.0045 4164 Beep - ok
22:59:57.0109 4164 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:59:57.0117 4164 BFE - ok
22:59:57.0176 4164 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
22:59:57.0184 4164 BITS - ok
22:59:57.0193 4164 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:59:57.0194 4164 blbdrive - ok
22:59:57.0230 4164 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:59:57.0231 4164 bowser - ok
22:59:57.0244 4164 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:59:57.0244 4164 BrFiltLo - ok
22:59:57.0265 4164 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:59:57.0266 4164 BrFiltUp - ok
22:59:57.0286 4164 Bridge (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
22:59:57.0288 4164 Bridge - ok
22:59:57.0293 4164 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
22:59:57.0294 4164 BridgeMP - ok
22:59:57.0326 4164 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:59:57.0327 4164 Browser - ok
22:59:57.0355 4164 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:59:57.0358 4164 Brserid - ok
22:59:57.0383 4164 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:59:57.0384 4164 BrSerWdm - ok
22:59:57.0417 4164 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:59:57.0417 4164 BrUsbMdm - ok
22:59:57.0429 4164 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:59:57.0430 4164 BrUsbSer - ok
22:59:57.0447 4164 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:59:57.0448 4164 BTHMODEM - ok
22:59:57.0473 4164 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:59:57.0474 4164 bthserv - ok
22:59:57.0564 4164 catchme - ok
22:59:57.0585 4164 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:59:57.0586 4164 cdfs - ok
22:59:57.0618 4164 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:59:57.0619 4164 cdrom - ok
22:59:57.0658 4164 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:59:57.0659 4164 CertPropSvc - ok
22:59:57.0662 4164 CFcatchme - ok
22:59:57.0683 4164 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:59:57.0683 4164 circlass - ok
22:59:57.0724 4164 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:59:57.0730 4164 CLFS - ok
22:59:57.0806 4164 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:59:57.0808 4164 clr_optimization_v2.0.50727_32 - ok
22:59:57.0881 4164 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:59:57.0885 4164 clr_optimization_v4.0.30319_32 - ok
22:59:57.0908 4164 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:59:57.0909 4164 CmBatt - ok
22:59:57.0944 4164 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:59:57.0945 4164 cmdide - ok
22:59:57.0997 4164 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
22:59:58.0001 4164 CNG - ok
22:59:58.0018 4164 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:59:58.0019 4164 Compbatt - ok
22:59:58.0052 4164 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:59:58.0053 4164 CompositeBus - ok
22:59:58.0058 4164 COMSysApp - ok
22:59:58.0075 4164 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:59:58.0075 4164 crcdisk - ok
22:59:58.0114 4164 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
22:59:58.0116 4164 CryptSvc - ok
22:59:58.0167 4164 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:59:58.0173 4164 DcomLaunch - ok
22:59:58.0207 4164 DefragFS (292e9ec82df08cbdd1cc51d963f38248) C:\Windows\system32\drivers\DefragFS.sys
22:59:58.0208 4164 DefragFS - ok
22:59:58.0248 4164 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:59:58.0251 4164 defragsvc - ok
22:59:58.0284 4164 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:59:58.0285 4164 DfsC - ok
22:59:58.0311 4164 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:59:58.0314 4164 Dhcp - ok
22:59:58.0326 4164 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:59:58.0327 4164 discache - ok
22:59:58.0347 4164 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:59:58.0348 4164 Disk - ok
22:59:58.0387 4164 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:59:58.0390 4164 Dnscache - ok
22:59:58.0425 4164 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:59:58.0428 4164 dot3svc - ok
22:59:58.0456 4164 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:59:58.0459 4164 DPS - ok
22:59:58.0494 4164 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:59:58.0495 4164 drmkaud - ok
22:59:58.0537 4164 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:59:58.0539 4164 dtsoftbus01 - ok
22:59:58.0608 4164 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:59:58.0614 4164 DXGKrnl - ok
22:59:58.0650 4164 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:59:58.0653 4164 EapHost - ok
22:59:58.0819 4164 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:59:58.0838 4164 ebdrv - ok
22:59:58.0955 4164 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:59:58.0956 4164 EFS - ok
22:59:59.0030 4164 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:59:59.0033 4164 ehRecvr - ok
22:59:59.0073 4164 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:59:59.0074 4164 ehSched - ok
22:59:59.0158 4164 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:59:59.0166 4164 elxstor - ok
22:59:59.0204 4164 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:59:59.0205 4164 ErrDev - ok
22:59:59.0244 4164 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:59:59.0247 4164 EventSystem - ok
22:59:59.0273 4164 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:59:59.0274 4164 exfat - ok
22:59:59.0297 4164 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:59:59.0299 4164 fastfat - ok
22:59:59.0354 4164 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:59:59.0359 4164 Fax - ok
22:59:59.0384 4164 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:59:59.0385 4164 fdc - ok
22:59:59.0397 4164 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:59:59.0398 4164 fdPHost - ok
22:59:59.0410 4164 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:59:59.0411 4164 FDResPub - ok
22:59:59.0426 4164 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:59:59.0427 4164 FileInfo - ok
22:59:59.0448 4164 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:59:59.0448 4164 Filetrace - ok
22:59:59.0453 4164 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:59:59.0453 4164 flpydisk - ok
22:59:59.0477 4164 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:59:59.0479 4164 FltMgr - ok
22:59:59.0547 4164 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
22:59:59.0552 4164 FontCache - ok
22:59:59.0657 4164 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:59:59.0659 4164 FontCache3.0.0.0 - ok
22:59:59.0700 4164 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:59:59.0700 4164 FsDepends - ok
22:59:59.0739 4164 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS
22:59:59.0741 4164 FsUsbExDisk - ok
22:59:59.0759 4164 FsUsbExService (96633419f4a1e37acb89b45ebccfe001) C:\Windows\system32\FsUsbExService.Exe
22:59:59.0763 4164 FsUsbExService - ok
22:59:59.0797 4164 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:59:59.0797 4164 Fs_Rec - ok
22:59:59.0819 4164 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:59:59.0821 4164 fvevol - ok
22:59:59.0840 4164 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:59:59.0841 4164 gagp30kx - ok
22:59:59.0895 4164 GGSAFERDriver - ok
22:59:59.0927 4164 ggsemc (9acdecca8fa4fefd6b4c4c423dc8ada5) C:\Windows\system32\DRIVERS\ggsemc.sys
22:59:59.0928 4164 ggsemc - ok
22:59:59.0932 4164 GMSIPCI - ok
22:59:59.0990 4164 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:59:59.0996 4164 gpsvc - ok
23:00:00.0016 4164 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
23:00:00.0017 4164 hcw85cir - ok
23:00:00.0071 4164 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
23:00:00.0074 4164 HdAudAddService - ok
23:00:00.0111 4164 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
23:00:00.0113 4164 HDAudBus - ok
23:00:00.0141 4164 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
23:00:00.0141 4164 HidBatt - ok
23:00:00.0181 4164 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
23:00:00.0182 4164 HidBth - ok
23:00:00.0197 4164 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
23:00:00.0198 4164 HidIr - ok
23:00:00.0220 4164 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
23:00:00.0222 4164 hidserv - ok
23:00:00.0226 4164 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
23:00:00.0227 4164 HidUsb - ok
23:00:00.0257 4164 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
23:00:00.0259 4164 hkmsvc - ok
23:00:00.0297 4164 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
23:00:00.0299 4164 HomeGroupListener - ok
23:00:00.0334 4164 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
23:00:00.0337 4164 HomeGroupProvider - ok
23:00:00.0378 4164 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
23:00:00.0378 4164 HpSAMD - ok
23:00:00.0434 4164 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
23:00:00.0444 4164 HTTP - ok
23:00:00.0453 4164 Huawei - ok
23:00:00.0476 4164 hwdatacard - ok
23:00:00.0523 4164 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
23:00:00.0524 4164 hwpolicy - ok
23:00:00.0547 4164 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
23:00:00.0548 4164 i8042prt - ok
23:00:00.0583 4164 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
23:00:00.0586 4164 iaStorV - ok
23:00:00.0721 4164 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:00:00.0727 4164 idsvc - ok
23:00:00.0855 4164 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
23:00:00.0857 4164 iirsp - ok
23:00:00.0934 4164 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
23:00:00.0947 4164 IKEEXT - ok
23:00:00.0961 4164 IntcAzAudAddService - ok
23:00:00.0989 4164 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
23:00:00.0989 4164 intelide - ok
23:00:01.0011 4164 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
23:00:01.0012 4164 intelppm - ok
23:00:01.0049 4164 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
23:00:01.0051 4164 IPBusEnum - ok
23:00:01.0070 4164 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:00:01.0071 4164 IpFilterDriver - ok
23:00:01.0111 4164 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
23:00:01.0116 4164 iphlpsvc - ok
23:00:01.0157 4164 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
23:00:01.0158 4164 IPMIDRV - ok
23:00:01.0179 4164 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
23:00:01.0181 4164 IPNAT - ok
23:00:01.0192 4164 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
23:00:01.0193 4164 IRENUM - ok
23:00:01.0209 4164 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
23:00:01.0210 4164 isapnp - ok
23:00:01.0252 4164 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
23:00:01.0254 4164 iScsiPrt - ok
23:00:01.0271 4164 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
23:00:01.0272 4164 kbdclass - ok
23:00:01.0306 4164 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
23:00:01.0307 4164 kbdhid - ok
23:00:01.0332 4164 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:00:01.0335 4164 KeyIso - ok
23:00:01.0350 4164 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
23:00:01.0351 4164 KSecDD - ok
23:00:01.0376 4164 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
23:00:01.0378 4164 KSecPkg - ok
23:00:01.0440 4164 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
23:00:01.0445 4164 KtmRm - ok
23:00:01.0508 4164 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
23:00:01.0512 4164 LanmanServer - ok
23:00:01.0551 4164 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
23:00:01.0555 4164 LanmanWorkstation - ok
23:00:01.0576 4164 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
23:00:01.0577 4164 lltdio - ok
23:00:01.0611 4164 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
23:00:01.0613 4164 lltdsvc - ok
23:00:01.0630 4164 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
23:00:01.0632 4164 lmhosts - ok
23:00:01.0656 4164 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:00:01.0657 4164 LSI_FC - ok
23:00:01.0672 4164 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:00:01.0673 4164 LSI_SAS - ok
23:00:01.0692 4164 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:00:01.0693 4164 LSI_SAS2 - ok
23:00:01.0716 4164 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:00:01.0717 4164 LSI_SCSI - ok
23:00:01.0739 4164 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
23:00:01.0740 4164 luafv - ok
23:00:01.0772 4164 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
23:00:01.0774 4164 Mcx2Svc - ok
23:00:01.0789 4164 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
23:00:01.0790 4164 megasas - ok
23:00:01.0815 4164 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
23:00:01.0817 4164 MegaSR - ok
23:00:01.0888 4164 Microsoft SharePoint Workspace Audit Service - ok
23:00:01.0926 4164 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:00:01.0931 4164 MMCSS - ok
23:00:01.0951 4164 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
23:00:01.0953 4164 Modem - ok
23:00:01.0985 4164 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
23:00:01.0987 4164 monitor - ok
23:00:02.0030 4164 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
23:00:02.0031 4164 mouclass - ok
23:00:02.0043 4164 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
23:00:02.0044 4164 mouhid - ok
23:00:02.0058 4164 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
23:00:02.0059 4164 mountmgr - ok
23:00:02.0095 4164 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
23:00:02.0096 4164 mpio - ok
23:00:02.0115 4164 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
23:00:02.0116 4164 mpsdrv - ok
23:00:02.0177 4164 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
23:00:02.0184 4164 MpsSvc - ok
23:00:02.0214 4164 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
23:00:02.0215 4164 MRxDAV - ok
23:00:02.0251 4164 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:00:02.0252 4164 mrxsmb - ok
23:00:02.0292 4164 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:00:02.0294 4164 mrxsmb10 - ok
23:00:02.0311 4164 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:00:02.0312 4164 mrxsmb20 - ok
23:00:02.0342 4164 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
23:00:02.0342 4164 msahci - ok
23:00:02.0374 4164 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
23:00:02.0375 4164 msdsm - ok
23:00:02.0409 4164 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
23:00:02.0411 4164 MSDTC - ok
23:00:02.0433 4164 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
23:00:02.0433 4164 Msfs - ok
23:00:02.0453 4164 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
23:00:02.0454 4164 mshidkmdf - ok
23:00:02.0490 4164 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
23:00:02.0492 4164 msisadrv - ok
23:00:02.0534 4164 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
23:00:02.0540 4164 MSiSCSI - ok
23:00:02.0548 4164 msiserver - ok
23:00:02.0574 4164 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
23:00:02.0575 4164 MSKSSRV - ok
23:00:02.0589 4164 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
23:00:02.0590 4164 MSPCLOCK - ok
23:00:02.0603 4164 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
23:00:02.0603 4164 MSPQM - ok
23:00:02.0624 4164 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
23:00:02.0626 4164 MsRPC - ok
23:00:02.0637 4164 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
23:00:02.0639 4164 mssmbios - ok
23:00:02.0655 4164 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
23:00:02.0655 4164 MSTEE - ok
23:00:02.0672 4164 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
23:00:02.0673 4164 MTConfig - ok
23:00:02.0688 4164 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
23:00:02.0689 4164 Mup - ok
23:00:02.0733 4164 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
23:00:02.0738 4164 napagent - ok
23:00:02.0763 4164 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
23:00:02.0765 4164 NativeWifiP - ok
23:00:02.0896 4164 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
23:00:02.0900 4164 NAUpdate - ok
23:00:02.0968 4164 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
23:00:02.0973 4164 NDIS - ok
23:00:02.0995 4164 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
23:00:02.0996 4164 NdisCap - ok
23:00:03.0013 4164 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
23:00:03.0013 4164 NdisTapi - ok
23:00:03.0045 4164 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
23:00:03.0046 4164 Ndisuio - ok
23:00:03.0073 4164 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
23:00:03.0074 4164 NdisWan - ok
23:00:03.0104 4164 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
23:00:03.0105 4164 NDProxy - ok
23:00:03.0110 4164 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
23:00:03.0110 4164 NetBIOS - ok
23:00:03.0151 4164 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
23:00:03.0152 4164 NetBT - ok
23:00:03.0189 4164 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:00:03.0190 4164 Netlogon - ok
23:00:03.0240 4164 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
23:00:03.0242 4164 Netman - ok
23:00:03.0266 4164 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
23:00:03.0271 4164 netprofm - ok
23:00:03.0372 4164 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:00:03.0373 4164 NetTcpPortSharing - ok
23:00:03.0386 4164 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
23:00:03.0387 4164 nfrd960 - ok
23:00:03.0413 4164 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
23:00:03.0416 4164 NlaSvc - ok
23:00:03.0450 4164 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
23:00:03.0451 4164 Npfs - ok
23:00:03.0477 4164 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
23:00:03.0479 4164 nsi - ok
23:00:03.0487 4164 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
23:00:03.0487 4164 nsiproxy - ok
23:00:03.0599 4164 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
23:00:03.0617 4164 Ntfs - ok
23:00:03.0765 4164 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
23:00:03.0766 4164 Null - ok
23:00:04.0238 4164 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:00:04.0296 4164 nvlddmkm - ok
23:00:04.0368 4164 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
23:00:04.0370 4164 nvraid - ok
23:00:04.0404 4164 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
23:00:04.0405 4164 nvstor - ok
23:00:04.0448 4164 nvsvc (4ed813efd77a9b7e57e341cdc1c5cbc4) C:\Windows\system32\nvvsvc.exe
23:00:04.0450 4164 nvsvc - ok
23:00:04.0479 4164 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
23:00:04.0480 4164 nv_agp - ok
23:00:04.0507 4164 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
23:00:04.0508 4164 ohci1394 - ok
23:00:04.0580 4164 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:00:04.0583 4164 ose - ok
23:00:04.0923 4164 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:00:04.0950 4164 osppsvc - ok
23:00:05.0197 4164 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:00:05.0200 4164 p2pimsvc - ok
23:00:05.0235 4164 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
23:00:05.0239 4164 p2psvc - ok
23:00:05.0285 4164 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
23:00:05.0286 4164 Parport - ok
23:00:05.0330 4164 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
23:00:05.0332 4164 partmgr - ok
23:00:05.0354 4164 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
23:00:05.0355 4164 Parvdm - ok
23:00:05.0391 4164 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
23:00:05.0398 4164 PcaSvc - ok
23:00:05.0450 4164 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
23:00:05.0451 4164 pci - ok
23:00:05.0478 4164 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
23:00:05.0479 4164 pciide - ok
23:00:05.0506 4164 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
23:00:05.0508 4164 pcmcia - ok
23:00:05.0524 4164 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
23:00:05.0525 4164 pcw - ok
23:00:05.0561 4164 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
23:00:05.0567 4164 PEAUTH - ok
23:00:05.0689 4164 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
23:00:05.0699 4164 pla - ok
23:00:05.0762 4164 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
23:00:05.0767 4164 PlugPlay - ok
23:00:05.0795 4164 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe
23:00:05.0798 4164 PnkBstrA - ok
23:00:05.0814 4164 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
23:00:05.0816 4164 PNRPAutoReg - ok
23:00:05.0829 4164 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:00:05.0832 4164 PNRPsvc - ok
23:00:05.0860 4164 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
23:00:05.0864 4164 PolicyAgent - ok
23:00:05.0894 4164 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
23:00:05.0897 4164 Power - ok
23:00:05.0965 4164 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
23:00:05.0967 4164 PptpMiniport - ok
23:00:05.0987 4164 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
23:00:05.0989 4164 Processor - ok
23:00:06.0036 4164 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
23:00:06.0044 4164 ProfSvc - ok
23:00:06.0077 4164 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:00:06.0081 4164 ProtectedStorage - ok
23:00:06.0124 4164 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
23:00:06.0127 4164 Psched - ok
23:00:06.0163 4164 pwdrvio (681ae4f1927fe0fdeee2863f1684088d) C:\Windows\system32\pwdrvio.sys
23:00:06.0169 4164 pwdrvio - ok
23:00:06.0205 4164 pwdspio (bc60895ce021309ebd887d2f22055654) C:\Windows\system32\pwdspio.sys
23:00:06.0208 4164 pwdspio - ok
23:00:06.0289 4164 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
23:00:06.0299 4164 ql2300 - ok
23:00:06.0341 4164 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
23:00:06.0342 4164 ql40xx - ok
23:00:06.0369 4164 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
23:00:06.0372 4164 QWAVE - ok
23:00:06.0393 4164 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
23:00:06.0394 4164 QWAVEdrv - ok
23:00:06.0413 4164 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
23:00:06.0414 4164 RasAcd - ok
23:00:06.0437 4164 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:00:06.0438 4164 RasAgileVpn - ok
23:00:06.0458 4164 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
23:00:06.0460 4164 RasAuto - ok
23:00:06.0471 4164 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:00:06.0472 4164 Rasl2tp - ok
23:00:06.0517 4164 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
23:00:06.0521 4164 RasMan - ok
23:00:06.0539 4164 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
23:00:06.0540 4164 RasPppoe - ok
23:00:06.0559 4164 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
23:00:06.0560 4164 RasSstp - ok
23:00:06.0595 4164 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
23:00:06.0596 4164 rdbss - ok
23:00:06.0617 4164 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
23:00:06.0617 4164 rdpbus - ok
23:00:06.0647 4164 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:00:06.0648 4164 RDPCDD - ok
23:00:06.0664 4164 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
23:00:06.0664 4164 RDPENCDD - ok
23:00:06.0673 4164 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
23:00:06.0673 4164 RDPREFMP - ok
23:00:06.0713 4164 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
23:00:06.0715 4164 RDPWD - ok
23:00:06.0752 4164 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
23:00:06.0754 4164 rdyboost - ok
23:00:06.0788 4164 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
23:00:06.0791 4164 RemoteAccess - ok
23:00:06.0823 4164 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
23:00:06.0826 4164 RemoteRegistry - ok
23:00:06.0841 4164 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
23:00:06.0843 4164 RpcEptMapper - ok
23:00:06.0877 4164 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
23:00:06.0878 4164 RpcLocator - ok
23:00:06.0938 4164 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:00:06.0950 4164 RpcSs - ok
23:00:06.0975 4164 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
23:00:06.0977 4164 rspndr - ok
23:00:07.0017 4164 RTL8023xp (4a9f49d1b7e67f7ab9595b61126e81fd) C:\Windows\system32\DRIVERS\Rtnicxp.sys
23:00:07.0018 4164 RTL8023xp - ok
23:00:07.0069 4164 RTL8167 (e099d23ee1bbce0cf5745f811f3b1882) C:\Windows\system32\DRIVERS\Rt86win7.sys
23:00:07.0073 4164 RTL8167 - ok
23:00:07.0200 4164 Rx2Agent (0a61445a4a4b0e479e89198349b1bc0d) C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe
23:00:07.0207 4164 Rx2Agent - ok
23:00:07.0290 4164 Rx2Engine (4c1175ec46033e8d52cc467aec4dde64) C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe
23:00:07.0298 4164 Rx2Engine - ok
23:00:07.0444 4164 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:00:07.0449 4164 SamSs - ok
23:00:07.0534 4164 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
23:00:07.0536 4164 sbp2port - ok
23:00:07.0593 4164 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
23:00:07.0601 4164 SCardSvr - ok
23:00:07.0636 4164 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
23:00:07.0638 4164 scfilter - ok
23:00:07.0711 4164 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
23:00:07.0720 4164 Schedule - ok
23:00:07.0758 4164 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:00:07.0759 4164 SCPolicySvc - ok
23:00:07.0794 4164 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
23:00:07.0799 4164 SDRSVC - ok
23:00:07.0836 4164 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:00:07.0837 4164 secdrv - ok
23:00:07.0849 4164 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
23:00:07.0852 4164 seclogon - ok
23:00:07.0869 4164 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
23:00:07.0873 4164 SENS - ok
23:00:07.0889 4164 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
23:00:07.0892 4164 SensrSvc - ok
23:00:07.0910 4164 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
23:00:07.0911 4164 Serenum - ok
23:00:07.0925 4164 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
23:00:07.0927 4164 Serial - ok
23:00:07.0955 4164 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
23:00:07.0957 4164 sermouse - ok
23:00:08.0014 4164 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
23:00:08.0022 4164 SessionEnv - ok
23:00:08.0060 4164 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
23:00:08.0061 4164 sffdisk - ok
23:00:08.0078 4164 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
23:00:08.0080 4164 sffp_mmc - ok
23:00:08.0100 4164 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
23:00:08.0101 4164 sffp_sd - ok
23:00:08.0118 4164 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
23:00:08.0119 4164 sfloppy - ok
23:00:08.0164 4164 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
23:00:08.0168 4164 SharedAccess - ok
23:00:08.0205 4164 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
23:00:08.0211 4164 ShellHWDetection - ok
23:00:08.0243 4164 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
23:00:08.0244 4164 sisagp - ok
23:00:08.0253 4164 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:00:08.0253 4164 SiSRaid2 - ok
23:00:08.0277 4164 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
23:00:08.0278 4164 SiSRaid4 - ok
23:00:08.0294 4164 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
23:00:08.0295 4164 Smb - ok
23:00:08.0305 4164 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
23:00:08.0309 4164 SNMPTRAP - ok
23:00:08.0396 4164 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
23:00:08.0398 4164 Sony PC Companion - ok
23:00:08.0416 4164 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
23:00:08.0417 4164 spldr - ok
23:00:08.0452 4164 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
23:00:08.0456 4164 Spooler - ok
23:00:08.0648 4164 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
23:00:08.0698 4164 sppsvc - ok
23:00:08.0829 4164 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
23:00:08.0831 4164 sppuinotify - ok
23:00:08.0929 4164 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys
23:00:08.0930 4164 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
23:00:08.0932 4164 sptd ( LockedFile.Multi.Generic ) - warning
23:00:08.0932 4164 sptd - detected LockedFile.Multi.Generic (1)
23:00:08.0980 4164 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
23:00:08.0982 4164 srv - ok
23:00:09.0008 4164 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
23:00:09.0011 4164 srv2 - ok
23:00:09.0022 4164 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
23:00:09.0024 4164 srvnet - ok
23:00:09.0066 4164 ssadbus (406776fe3c2b66796bac1a7afb9ac8a1) C:\Windows\system32\DRIVERS\ssadbus.sys
23:00:09.0068 4164 ssadbus - ok
23:00:09.0104 4164 ssadmdfl (b19532d015a5d295e2aa34bb521202cf) C:\Windows\system32\DRIVERS\ssadmdfl.sys
23:00:09.0106 4164 ssadmdfl - ok
23:00:09.0152 4164 ssadmdm (2aebf9108e6f435458b9499c27394da4) C:\Windows\system32\DRIVERS\ssadmdm.sys
23:00:09.0155 4164 ssadmdm - ok
23:00:09.0189 4164 ssadserd (28f893c9b4e98dee5ae3c24db56b1b11) C:\Windows\system32\DRIVERS\ssadserd.sys
23:00:09.0193 4164 ssadserd - ok
23:00:09.0241 4164 sscdbus (ffe42941e0326c322f40b0b79a46493c) C:\Windows\system32\DRIVERS\sscdbus.sys
23:00:09.0243 4164 sscdbus - ok
23:00:09.0276 4164 sscdmdfl (a68e7d87adfbb8c50d88cd58230c6819) C:\Windows\system32\DRIVERS\sscdmdfl.sys
23:00:09.0278 4164 sscdmdfl - ok
23:00:09.0306 4164 sscdmdm (b534b24151281856ec2f69ed3d6d60dd) C:\Windows\system32\DRIVERS\sscdmdm.sys
23:00:09.0307 4164 sscdmdm - ok
23:00:09.0338 4164 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
23:00:09.0342 4164 SSDPSRV - ok
23:00:09.0384 4164 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
23:00:09.0385 4164 ssmdrv - ok
23:00:09.0405 4164 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
23:00:09.0409 4164 SstpSvc - ok
23:00:09.0450 4164 ss_bbus (3f0164fbc0bd1adbd02df9759181451a) C:\Windows\system32\DRIVERS\ss_bbus.sys
23:00:09.0451 4164 ss_bbus - ok
23:00:09.0465 4164 ss_bmdfl (b89d62206034e5fe573c80a24dd55675) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
23:00:09.0465 4164 ss_bmdfl - ok
23:00:09.0487 4164 ss_bmdm (1ed0fcea586fe2a416ee15196e5631dd) C:\Windows\system32\DRIVERS\ss_bmdm.sys
23:00:09.0488 4164 ss_bmdm - ok
23:00:09.0528 4164 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
23:00:09.0529 4164 stexstor - ok
23:00:09.0576 4164 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
23:00:09.0583 4164 StiSvc - ok
23:00:09.0629 4164 SWDUMon (6ed7abf6cb1e6ec0debb53e0f104ed64) C:\Windows\system32\DRIVERS\SWDUMon.sys
23:00:09.0631 4164 SWDUMon - ok
23:00:09.0667 4164 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
23:00:09.0668 4164 swenum - ok
23:00:09.0716 4164 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
23:00:09.0727 4164 swprv - ok
23:00:09.0857 4164 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
23:00:09.0873 4164 SysMain - ok
23:00:09.0906 4164 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
23:00:09.0909 4164 TabletInputService - ok
23:00:09.0957 4164 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
23:00:09.0962 4164 TapiSrv - ok
23:00:09.0973 4164 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
23:00:09.0977 4164 TBS - ok
23:00:10.0104 4164 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
23:00:10.0112 4164 Tcpip - ok
23:00:10.0288 4164 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
23:00:10.0296 4164 TCPIP6 - ok
23:00:10.0368 4164 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
23:00:10.0370 4164 tcpipreg - ok
23:00:10.0423 4164 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
23:00:10.0425 4164 TDPIPE - ok
23:00:10.0459 4164 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
23:00:10.0461 4164 TDTCP - ok
23:00:10.0502 4164 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
23:00:10.0504 4164 tdx - ok
23:00:10.0551 4164 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
23:00:10.0553 4164 TermDD - ok
23:00:10.0608 4164 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
23:00:10.0615 4164 TermService - ok
23:00:10.0633 4164 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
23:00:10.0636 4164 Themes - ok
23:00:10.0670 4164 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:00:10.0672 4164 THREADORDER - ok
23:00:10.0694 4164 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
23:00:10.0698 4164 TrkWks - ok
23:00:10.0761 4164 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
23:00:10.0763 4164 TrustedInstaller - ok
23:00:10.0793 4164 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:00:10.0794 4164 tssecsrv - ok
23:00:10.0837 4164 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
23:00:10.0838 4164 TsUsbFlt - ok
23:00:10.0885 4164 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
23:00:10.0888 4164 tunnel - ok
23:00:10.0931 4164 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
23:00:10.0934 4164 uagp35 - ok
23:00:10.0988 4164 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
23:00:10.0992 4164 udfs - ok
23:00:11.0034 4164 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
23:00:11.0041 4164 UI0Detect - ok
23:00:11.0064 4164 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
23:00:11.0066 4164 uliagpkx - ok
23:00:11.0095 4164 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
23:00:11.0096 4164 umbus - ok
23:00:11.0110 4164 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
23:00:11.0110 4164 UmPass - ok
23:00:11.0143 4164 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
23:00:11.0149 4164 upnphost - ok
23:00:11.0159 4164 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
23:00:11.0161 4164 usbccgp - ok
23:00:11.0192 4164 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
23:00:11.0194 4164 usbcir - ok
23:00:11.0200 4164 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
23:00:11.0201 4164 usbehci - ok
23:00:11.0237 4164 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
23:00:11.0240 4164 usbhub - ok
23:00:11.0255 4164 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
23:00:11.0256 4164 usbohci - ok
23:00:11.0271 4164 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
23:00:11.0272 4164 usbprint - ok
23:00:11.0299 4164 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:00:11.0301 4164 USBSTOR - ok
23:00:11.0320 4164 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
23:00:11.0321 4164 usbuhci - ok
23:00:11.0336 4164 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
23:00:11.0340 4164 UxSms - ok
23:00:11.0377 4164 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:00:11.0379 4164 VaultSvc - ok
23:00:11.0394 4164 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
23:00:11.0395 4164 vdrvroot - ok
23:00:11.0432 4164 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
23:00:11.0440 4164 vds - ok
23:00:11.0464 4164 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
23:00:11.0465 4164 vga - ok
23:00:11.0472 4164 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
23:00:11.0473 4164 VgaSave - ok
23:00:11.0510 4164 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
23:00:11.0512 4164 vhdmp - ok
23:00:11.0528 4164 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
23:00:11.0529 4164 viaagp - ok
23:00:11.0545 4164 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
23:00:11.0546 4164 ViaC7 - ok
23:00:11.0575 4164 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
23:00:11.0576 4164 viaide - ok
23:00:11.0598 4164 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
23:00:11.0599 4164 volmgr - ok
23:00:11.0629 4164 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
23:00:11.0632 4164 volmgrx - ok
23:00:11.0660 4164 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
23:00:11.0663 4164 volsnap - ok
23:00:11.0741 4164 VRAID Log Service (4775579d1ae9c881a6f2f7739858e7cd) C:\Program Files\VIA\RAID\vialogsv.exe
23:00:11.0742 4164 VRAID Log Service - ok
23:00:11.0771 4164 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
23:00:11.0775 4164 vsmraid - ok
23:00:11.0873 4164 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
23:00:11.0887 4164 VSS - ok
23:00:11.0908 4164 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
23:00:11.0909 4164 vwifibus - ok
23:00:11.0966 4164 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
23:00:11.0973 4164 W32Time - ok
23:00:11.0993 4164 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
23:00:11.0994 4164 WacomPen - ok
23:00:12.0024 4164 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:00:12.0025 4164 WANARP - ok
23:00:12.0031 4164 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:00:12.0032 4164 Wanarpv6 - ok
23:00:12.0145 4164 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
23:00:12.0156 4164 WatAdminSvc - ok
23:00:12.0331 4164 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
23:00:12.0344 4164 wbengine - ok
23:00:12.0367 4164 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
23:00:12.0371 4164 WbioSrvc - ok
23:00:12.0443 4164 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
23:00:12.0449 4164 wcncsvc - ok
23:00:12.0466 4164 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
23:00:12.0470 4164 WcsPlugInService - ok
23:00:12.0531 4164 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
23:00:12.0532 4164 Wd - ok
23:00:12.0569 4164 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:00:12.0574 4164 Wdf01000 - ok
23:00:12.0591 4164 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:00:12.0596 4164 WdiServiceHost - ok
23:00:12.0601 4164 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:00:12.0605 4164 WdiSystemHost - ok
23:00:12.0643 4164 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
23:00:12.0648 4164 WebClient - ok
23:00:12.0664 4164 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
23:00:12.0669 4164 Wecsvc - ok
23:00:12.0690 4164 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
23:00:12.0695 4164 wercplsupport - ok
23:00:12.0715 4164 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
23:00:12.0719 4164 WerSvc - ok
23:00:12.0735 4164 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
23:00:12.0736 4164 WfpLwf - ok
23:00:12.0747 4164 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
23:00:12.0748 4164 WIMMount - ok
23:00:12.0871 4164 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
23:00:12.0882 4164 WinDefend - ok
23:00:12.0897 4164 WinHttpAutoProxySvc - ok
23:00:12.0951 4164 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
23:00:12.0953 4164 Winmgmt - ok
23:00:13.0028 4164 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
23:00:13.0038 4164 WinRM - ok
23:00:13.0087 4164 WinUSB (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUSB.sys
23:00:13.0088 4164 WinUSB - ok
23:00:13.0160 4164 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
23:00:13.0167 4164 Wlansvc - ok
23:00:13.0196 4164 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
23:00:13.0197 4164 WmiAcpi - ok
23:00:13.0222 4164 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
23:00:13.0223 4164 wmiApSrv - ok
23:00:13.0321 4164 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
23:00:13.0327 4164 WMPNetworkSvc - ok
23:00:13.0432 4164 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
23:00:13.0435 4164 WPCSvc - ok
23:00:13.0475 4164 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
23:00:13.0478 4164 WPDBusEnum - ok
23:00:13.0514 4164 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
23:00:13.0515 4164 ws2ifsl - ok
23:00:13.0531 4164 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
23:00:13.0534 4164 wscsvc - ok
23:00:13.0537 4164 WSearch - ok
23:00:13.0684 4164 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
23:00:13.0712 4164 wuauserv - ok
23:00:13.0770 4164 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
23:00:13.0771 4164 WudfPf - ok
23:00:13.0792 4164 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:00:13.0794 4164 WUDFRd - ok
23:00:13.0831 4164 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
23:00:13.0835 4164 wudfsvc - ok
23:00:13.0878 4164 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
23:00:13.0882 4164 WwanSvc - ok
23:00:13.0930 4164 ZD1211BU(TP-LINK) (d125e1445bb9dc951c250d4192e70841) C:\Windows\system32\DRIVERS\zd1211Bu.sys
23:00:13.0933 4164 ZD1211BU(TP-LINK) - ok
23:00:13.0938 4164 ZDPSp60 - ok
23:00:14.0522 4164 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk1\DR1
23:00:14.0528 4164 \Device\Harddisk1\DR1 - ok
23:00:14.0540 4164 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:00:14.0947 4164 \Device\Harddisk0\DR0 - ok
23:00:14.0950 4164 Boot (0x1200) (3edd9ff2dc70e91f4d9441177ac7a2de) \Device\Harddisk1\DR1\Partition0
23:00:14.0951 4164 \Device\Harddisk1\DR1\Partition0 - ok
23:00:14.0955 4164 Boot (0x1200) (4d17e3aac638bf1bd503bc314584e546) \Device\Harddisk0\DR0\Partition0
23:00:14.0956 4164 \Device\Harddisk0\DR0\Partition0 - ok
23:00:14.0958 4164 ============================================================
23:00:14.0958 4164 Scan finished
23:00:14.0958 4164 ============================================================
23:00:14.0969 1860 Detected object count: 1
23:00:14.0969 1860 Actual detected object count: 1
23:00:18.0545 1860 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:00:18.0545 1860 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“