VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

relevantknowledge

https://forum.viry.cz:443/viewtopic.php?t=127825

Stránka 3 z 3

Re: relevantknowledge

Napsal: 09 úno 2013 19:08
od stroupek
Problém s košem (a v něm umístěnou sloužkou Dc33) byl vyřešen, ale problém s prohlížečem stále trvá.

Zde výsledný TDSSKiller log:

19:02:16.0875 3188 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:02:17.0953 3188 ============================================================
19:02:17.0953 3188 Current date / time: 2013/02/09 19:02:17.0953
19:02:17.0953 3188 SystemInfo:
19:02:17.0953 3188
19:02:17.0953 3188 OS Version: 5.1.2600 ServicePack: 3.0
19:02:17.0953 3188 Product type: Workstation
19:02:17.0953 3188 ComputerName: LIBOR-PC
19:02:17.0953 3188 UserName: Libor
19:02:17.0953 3188 Windows directory: C:\WINDOWS
19:02:17.0953 3188 System windows directory: C:\WINDOWS
19:02:17.0953 3188 Processor architecture: Intel x86
19:02:17.0953 3188 Number of processors: 2
19:02:17.0953 3188 Page size: 0x1000
19:02:17.0953 3188 Boot type: Normal boot
19:02:17.0953 3188 ============================================================
19:02:18.0546 3188 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:02:18.0687 3188 ============================================================
19:02:18.0687 3188 \Device\Harddisk0\DR0:
19:02:18.0687 3188 MBR partitions:
19:02:18.0687 3188 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
19:02:18.0687 3188 ============================================================
19:02:18.0750 3188 C: <-> \Device\Harddisk0\DR0\Partition1
19:02:18.0750 3188 ============================================================
19:02:18.0750 3188 Initialize success
19:02:18.0750 3188 ============================================================
19:03:31.0859 3264 ============================================================
19:03:31.0859 3264 Scan started
19:03:31.0859 3264 Mode: Manual; SigCheck; TDLFS;
19:03:31.0859 3264 ============================================================
19:03:32.0078 3264 ================ Scan system memory ========================
19:03:32.0078 3264 System memory - ok
19:03:32.0078 3264 ================ Scan services =============================
19:03:32.0171 3264 [ 8D488938E2F7048906F1FBD3AF394887 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
19:03:32.0281 3264 Aavmker4 - ok
19:03:32.0281 3264 Abiosdsk - ok
19:03:32.0281 3264 abp480n5 - ok
19:03:32.0312 3264 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:03:32.0890 3264 ACPI - ok
19:03:32.0906 3264 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:03:32.0984 3264 ACPIEC - ok
19:03:32.0984 3264 adpu160m - ok
19:03:33.0015 3264 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:03:33.0078 3264 aec - ok
19:03:33.0109 3264 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:03:33.0125 3264 AFD - ok
19:03:33.0125 3264 Aha154x - ok
19:03:33.0125 3264 aic78u2 - ok
19:03:33.0125 3264 aic78xx - ok
19:03:33.0156 3264 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:03:33.0234 3264 Alerter - ok
19:03:33.0250 3264 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
19:03:33.0281 3264 ALG - ok
19:03:33.0281 3264 AliIde - ok
19:03:33.0343 3264 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
19:03:33.0406 3264 Ambfilt - ok
19:03:33.0421 3264 amsint - ok
19:03:33.0468 3264 [ E592751036C1D0A74EC3E57302A03745 ] AppleCharger C:\WINDOWS\system32\DRIVERS\AppleCharger.sys
19:03:33.0468 3264 AppleCharger - ok
19:03:33.0468 3264 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe
19:03:33.0484 3264 AppleChargerSrv - ok
19:03:33.0515 3264 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:03:33.0593 3264 AppMgmt - ok
19:03:33.0593 3264 asc - ok
19:03:33.0593 3264 asc3350p - ok
19:03:33.0593 3264 asc3550 - ok
19:03:33.0640 3264 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:03:33.0656 3264 aspnet_state - ok
19:03:33.0671 3264 [ A0D86B8AC93EF95620420C7A24AC5344 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:03:33.0671 3264 aswFsBlk - ok
19:03:33.0671 3264 [ 7D880C76A285A41284D862E2D798EC0D ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
19:03:33.0687 3264 aswMon2 - ok
19:03:33.0687 3264 [ 69823954BBD461A73D69774928C9737E ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
19:03:33.0703 3264 aswRdr - ok
19:03:33.0703 3264 [ 81F10376AF5F0F466F03CB2C5321B7ED ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
19:03:33.0718 3264 aswSnx - ok
19:03:33.0750 3264 [ 7ECC2776638B04553F9A85BD684C3ABF ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
19:03:33.0765 3264 aswSP - ok
19:03:33.0765 3264 [ 095ED820A926AA8189180B305E1BCFC9 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
19:03:33.0765 3264 aswTdi - ok
19:03:33.0781 3264 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:03:33.0859 3264 AsyncMac - ok
19:03:33.0890 3264 [ FD8F7791ED6F06B637132377836DB519 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:03:33.0890 3264 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\atapi.sys. Real md5: FD8F7791ED6F06B637132377836DB519, Fake md5: 9F3A2F5AA6875C72BF062C712CFA2674
19:03:33.0890 3264 atapi ( Rootkit.Win32.TDSS.tdl3 ) - infected
19:03:33.0890 3264 atapi - detected Rootkit.Win32.TDSS.tdl3 (0)
19:03:33.0890 3264 Atdisk - ok
19:03:33.0890 3264 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:03:33.0953 3264 Atmarpc - ok
19:03:33.0968 3264 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:03:34.0031 3264 AudioSrv - ok
19:03:34.0062 3264 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:03:34.0109 3264 audstub - ok
19:03:34.0171 3264 [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
19:03:34.0187 3264 avast! Antivirus - ok
19:03:34.0187 3264 [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
19:03:34.0187 3264 avast! Mail Scanner - ok
19:03:34.0187 3264 [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Web Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
19:03:34.0203 3264 avast! Web Scanner - ok
19:03:34.0218 3264 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:03:34.0296 3264 Beep - ok
19:03:34.0328 3264 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
19:03:34.0437 3264 BITS - ok
19:03:34.0453 3264 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
19:03:34.0484 3264 Browser - ok
19:03:34.0500 3264 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:03:34.0562 3264 cbidf2k - ok
19:03:34.0562 3264 cd20xrnt - ok
19:03:34.0578 3264 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:03:34.0640 3264 Cdaudio - ok
19:03:34.0671 3264 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:03:34.0718 3264 Cdfs - ok
19:03:34.0734 3264 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:03:34.0781 3264 Cdrom - ok
19:03:34.0796 3264 Changer - ok
19:03:34.0796 3264 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:03:34.0859 3264 CiSvc - ok
19:03:34.0859 3264 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:03:34.0937 3264 ClipSrv - ok
19:03:34.0953 3264 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:03:34.0968 3264 clr_optimization_v2.0.50727_32 - ok
19:03:34.0968 3264 CmdIde - ok
19:03:34.0968 3264 COMSysApp - ok
19:03:34.0984 3264 Cpqarray - ok
19:03:35.0000 3264 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:03:35.0062 3264 CryptSvc - ok
19:03:35.0062 3264 dac2w2k - ok
19:03:35.0062 3264 dac960nt - ok
19:03:35.0093 3264 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:03:35.0109 3264 DcomLaunch - ok
19:03:35.0140 3264 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:03:35.0203 3264 Dhcp - ok
19:03:35.0234 3264 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:03:35.0281 3264 Disk - ok
19:03:35.0281 3264 dmadmin - ok
19:03:35.0312 3264 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:03:35.0406 3264 dmboot - ok
19:03:35.0437 3264 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:03:35.0500 3264 dmio - ok
19:03:35.0515 3264 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:03:35.0562 3264 dmload - ok
19:03:35.0578 3264 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:03:35.0640 3264 dmserver - ok
19:03:35.0656 3264 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:03:35.0718 3264 DMusic - ok
19:03:35.0750 3264 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:03:35.0765 3264 Dnscache - ok
19:03:35.0796 3264 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:03:35.0859 3264 Dot3svc - ok
19:03:35.0859 3264 dpti2o - ok
19:03:35.0859 3264 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:03:35.0921 3264 drmkaud - ok
19:03:35.0953 3264 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
19:03:35.0968 3264 dtsoftbus01 - ok
19:03:35.0984 3264 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:03:36.0046 3264 EapHost - ok
19:03:36.0062 3264 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:03:36.0125 3264 ERSvc - ok
19:03:36.0125 3264 esgiguard - ok
19:03:36.0156 3264 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
19:03:36.0187 3264 Eventlog - ok
19:03:36.0203 3264 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
19:03:36.0218 3264 EventSystem - ok
19:03:36.0234 3264 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:03:36.0312 3264 Fastfat - ok
19:03:36.0328 3264 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:03:36.0359 3264 FastUserSwitchingCompatibility - ok
19:03:36.0359 3264 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:03:36.0421 3264 Fdc - ok
19:03:36.0437 3264 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:03:36.0484 3264 Fips - ok
19:03:36.0484 3264 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:03:36.0546 3264 Flpydisk - ok
19:03:36.0562 3264 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:03:36.0640 3264 FltMgr - ok
19:03:36.0687 3264 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:03:36.0687 3264 FontCache3.0.0.0 - ok
19:03:36.0703 3264 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:03:36.0781 3264 Fs_Rec - ok
19:03:36.0796 3264 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:03:36.0843 3264 Ftdisk - ok
19:03:36.0859 3264 gdrv - ok
19:03:36.0875 3264 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:03:36.0937 3264 Gpc - ok
19:03:36.0953 3264 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:03:37.0015 3264 HDAudBus - ok
19:03:37.0062 3264 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:03:37.0140 3264 helpsvc - ok
19:03:37.0140 3264 HidServ - ok
19:03:37.0171 3264 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:03:37.0218 3264 hidusb - ok
19:03:37.0250 3264 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:03:37.0312 3264 hkmsvc - ok
19:03:37.0312 3264 hpn - ok
19:03:37.0343 3264 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:03:37.0359 3264 HTTP - ok
19:03:37.0375 3264 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:03:37.0437 3264 HTTPFilter - ok
19:03:37.0437 3264 i2omgmt - ok
19:03:37.0437 3264 i2omp - ok
19:03:37.0453 3264 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:03:37.0515 3264 i8042prt - ok
19:03:37.0609 3264 [ A4978E73E18AED6F6765854BA27D674B ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:03:37.0750 3264 ialm - ok
19:03:37.0796 3264 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:03:37.0843 3264 idsvc - ok
19:03:37.0875 3264 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:03:37.0953 3264 Imapi - ok
19:03:37.0968 3264 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:03:38.0031 3264 ImapiService - ok
19:03:38.0031 3264 ini910u - ok
19:03:38.0203 3264 [ 791A119641F14706E6687741775AE1AA ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:03:38.0406 3264 IntcAzAudAddService - ok
19:03:38.0453 3264 [ 28B3162EC8D01114313D7F447D8E157E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:03:38.0468 3264 Intel(R) Capability Licensing Service Interface - ok
19:03:38.0468 3264 IntelIde - ok
19:03:38.0515 3264 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:03:38.0578 3264 intelppm - ok
19:03:38.0593 3264 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:03:38.0656 3264 Ip6Fw - ok
19:03:38.0671 3264 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:03:38.0734 3264 IpFilterDriver - ok
19:03:38.0734 3264 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:03:38.0796 3264 IpInIp - ok
19:03:38.0812 3264 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:03:38.0859 3264 IpNat - ok
19:03:38.0890 3264 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:03:38.0953 3264 IPSec - ok
19:03:38.0984 3264 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:03:39.0015 3264 IRENUM - ok
19:03:39.0046 3264 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:03:39.0109 3264 isapnp - ok
19:03:39.0156 3264 [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:03:39.0171 3264 jhi_service - ok
19:03:39.0187 3264 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:03:39.0250 3264 Kbdclass - ok
19:03:39.0265 3264 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:03:39.0343 3264 kmixer - ok
19:03:39.0359 3264 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:03:39.0375 3264 KSecDD - ok
19:03:39.0406 3264 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
19:03:39.0437 3264 LanmanServer - ok
19:03:39.0453 3264 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:03:39.0468 3264 lanmanworkstation - ok
19:03:39.0468 3264 lbrtfdc - ok
19:03:39.0500 3264 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:03:39.0562 3264 LmHosts - ok
19:03:39.0578 3264 [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:03:39.0593 3264 LMS - ok
19:03:39.0625 3264 [ 240D715CFE4FB8F4CDA76F6863E62334 ] MEI C:\WINDOWS\system32\DRIVERS\HECI.sys
19:03:39.0640 3264 MEI - ok
19:03:39.0656 3264 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:03:39.0718 3264 Messenger - ok
19:03:39.0734 3264 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:03:39.0796 3264 mnmdd - ok
19:03:39.0812 3264 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:03:39.0875 3264 mnmsrvc - ok
19:03:39.0890 3264 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:03:39.0953 3264 Modem - ok
19:03:40.0000 3264 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
19:03:40.0046 3264 Monfilt - ok
19:03:40.0093 3264 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:03:40.0140 3264 Mouclass - ok
19:03:40.0171 3264 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:03:40.0250 3264 mouhid - ok
19:03:40.0265 3264 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:03:40.0328 3264 MountMgr - ok
19:03:40.0328 3264 mraid35x - ok
19:03:40.0328 3264 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:03:40.0406 3264 MRxDAV - ok
19:03:40.0421 3264 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:03:40.0453 3264 MRxSmb - ok
19:03:40.0468 3264 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:03:40.0531 3264 MSDTC - ok
19:03:40.0546 3264 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:03:40.0609 3264 Msfs - ok
19:03:40.0609 3264 MSIServer - ok
19:03:40.0609 3264 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:03:40.0671 3264 MSKSSRV - ok
19:03:40.0671 3264 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:03:40.0750 3264 MSPCLOCK - ok
19:03:40.0750 3264 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:03:40.0796 3264 MSPQM - ok
19:03:40.0828 3264 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:03:40.0890 3264 mssmbios - ok
19:03:40.0921 3264 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:03:40.0921 3264 Mup - ok
19:03:40.0953 3264 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:03:41.0015 3264 napagent - ok
19:03:41.0031 3264 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:03:41.0109 3264 NDIS - ok
19:03:41.0125 3264 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:03:41.0140 3264 NdisTapi - ok
19:03:41.0156 3264 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:03:41.0203 3264 Ndisuio - ok
19:03:41.0203 3264 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:03:41.0265 3264 NdisWan - ok
19:03:41.0281 3264 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:03:41.0296 3264 NDProxy - ok
19:03:41.0312 3264 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:03:41.0375 3264 NetBIOS - ok
19:03:41.0390 3264 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:03:41.0453 3264 NetBT - ok
19:03:41.0484 3264 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
19:03:41.0546 3264 NetDDE - ok
19:03:41.0546 3264 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:03:41.0609 3264 NetDDEdsdm - ok
19:03:41.0625 3264 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:03:41.0671 3264 Netlogon - ok
19:03:41.0687 3264 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
19:03:41.0765 3264 Netman - ok
19:03:41.0781 3264 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:03:41.0796 3264 NetTcpPortSharing - ok
19:03:41.0812 3264 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
19:03:41.0828 3264 Nla - ok
19:03:41.0859 3264 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:03:41.0921 3264 Npfs - ok
19:03:41.0937 3264 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:03:42.0015 3264 Ntfs - ok
19:03:42.0031 3264 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:03:42.0093 3264 NtLmSsp - ok
19:03:42.0125 3264 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:03:42.0203 3264 NtmsSvc - ok
19:03:42.0218 3264 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:03:42.0281 3264 Null - ok
19:03:42.0281 3264 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:03:42.0343 3264 NwlnkFlt - ok
19:03:42.0343 3264 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:03:42.0406 3264 NwlnkFwd - ok
19:03:42.0421 3264 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
19:03:42.0484 3264 Parport - ok
19:03:42.0500 3264 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:03:42.0546 3264 PartMgr - ok
19:03:42.0578 3264 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:03:42.0640 3264 ParVdm - ok
19:03:42.0640 3264 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:03:42.0703 3264 PCI - ok
19:03:42.0703 3264 PCIDump - ok
19:03:42.0718 3264 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:03:42.0781 3264 PCIIde - ok
19:03:42.0812 3264 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:03:42.0875 3264 Pcmcia - ok
19:03:42.0875 3264 PDCOMP - ok
19:03:42.0875 3264 PDFRAME - ok
19:03:42.0875 3264 PDRELI - ok
19:03:42.0875 3264 PDRFRAME - ok
19:03:42.0890 3264 perc2 - ok
19:03:42.0890 3264 perc2hib - ok
19:03:42.0906 3264 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
19:03:42.0921 3264 PlugPlay - ok
19:03:42.0921 3264 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:03:42.0968 3264 PolicyAgent - ok
19:03:43.0000 3264 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:03:43.0062 3264 PptpMiniport - ok
19:03:43.0062 3264 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:03:43.0125 3264 ProtectedStorage - ok
19:03:43.0125 3264 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:03:43.0171 3264 PSched - ok
19:03:43.0187 3264 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:03:43.0265 3264 Ptilink - ok
19:03:43.0265 3264 ql1080 - ok
19:03:43.0265 3264 Ql10wnt - ok
19:03:43.0265 3264 ql12160 - ok
19:03:43.0265 3264 ql1240 - ok
19:03:43.0265 3264 ql1280 - ok
19:03:43.0296 3264 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:03:43.0359 3264 RasAcd - ok
19:03:43.0375 3264 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:03:43.0437 3264 RasAuto - ok
19:03:43.0453 3264 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:03:43.0515 3264 Rasl2tp - ok
19:03:43.0515 3264 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:03:43.0578 3264 RasMan - ok
19:03:43.0578 3264 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:03:43.0640 3264 RasPppoe - ok
19:03:43.0656 3264 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:03:43.0703 3264 Raspti - ok
19:03:43.0734 3264 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:03:43.0781 3264 Rdbss - ok
19:03:43.0796 3264 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:03:43.0859 3264 RDPCDD - ok
19:03:43.0890 3264 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:03:43.0968 3264 rdpdr - ok
19:03:44.0000 3264 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:03:44.0015 3264 RDPWD - ok
19:03:44.0031 3264 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:03:44.0109 3264 RDSessMgr - ok
19:03:44.0140 3264 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:03:44.0203 3264 redbook - ok
19:03:44.0234 3264 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:03:44.0296 3264 RemoteAccess - ok
19:03:44.0343 3264 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:03:44.0406 3264 RemoteRegistry - ok
19:03:44.0406 3264 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:03:44.0468 3264 RpcLocator - ok
19:03:44.0500 3264 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
19:03:44.0515 3264 RpcSs - ok
19:03:44.0546 3264 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:03:44.0593 3264 RSVP - ok
19:03:44.0625 3264 [ 71439E5BF872A91DB450641BE445F51C ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:03:44.0640 3264 RTLE8023xp - ok
19:03:44.0656 3264 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
19:03:44.0703 3264 SamSs - ok
19:03:44.0734 3264 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:03:44.0781 3264 SCardSvr - ok
19:03:44.0812 3264 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:03:44.0890 3264 Schedule - ok
19:03:44.0906 3264 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:03:44.0937 3264 Secdrv - ok
19:03:44.0953 3264 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:03:45.0015 3264 seclogon - ok
19:03:45.0031 3264 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
19:03:45.0093 3264 SENS - ok
19:03:45.0109 3264 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
19:03:45.0171 3264 Serial - ok
19:03:45.0187 3264 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:03:45.0250 3264 Sfloppy - ok
19:03:45.0265 3264 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:03:45.0328 3264 SharedAccess - ok
19:03:45.0343 3264 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:03:45.0359 3264 ShellHWDetection - ok
19:03:45.0359 3264 Simbad - ok
19:03:45.0359 3264 Sparrow - ok
19:03:45.0390 3264 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:03:45.0437 3264 splitter - ok
19:03:45.0468 3264 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:03:45.0484 3264 Spooler - ok
19:03:45.0500 3264 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:03:45.0546 3264 sr - ok
19:03:45.0562 3264 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
19:03:45.0609 3264 srservice - ok
19:03:45.0640 3264 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:03:45.0671 3264 Srv - ok
19:03:45.0718 3264 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:03:45.0750 3264 SSDPSRV - ok
19:03:45.0781 3264 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:03:45.0843 3264 stisvc - ok
19:03:45.0859 3264 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:03:45.0921 3264 swenum - ok
19:03:45.0953 3264 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:03:46.0000 3264 swmidi - ok
19:03:46.0000 3264 SwPrv - ok
19:03:46.0015 3264 symc810 - ok
19:03:46.0015 3264 symc8xx - ok
19:03:46.0015 3264 sym_hi - ok
19:03:46.0015 3264 sym_u3 - ok
19:03:46.0015 3264 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:03:46.0078 3264 sysaudio - ok
19:03:46.0109 3264 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:03:46.0171 3264 SysmonLog - ok
19:03:46.0187 3264 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:03:46.0250 3264 TapiSrv - ok
19:03:46.0281 3264 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:03:46.0296 3264 Tcpip - ok
19:03:46.0328 3264 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:03:46.0390 3264 TDPIPE - ok
19:03:46.0406 3264 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:03:46.0468 3264 TDTCP - ok
19:03:46.0484 3264 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:03:46.0546 3264 TermDD - ok
19:03:46.0578 3264 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
19:03:46.0640 3264 TermService - ok
19:03:46.0656 3264 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:03:46.0656 3264 Themes - ok
19:03:46.0687 3264 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:03:46.0718 3264 TlntSvr - ok
19:03:46.0718 3264 TosIde - ok
19:03:46.0734 3264 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:03:46.0796 3264 TrkWks - ok
19:03:46.0828 3264 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:03:46.0890 3264 Udfs - ok
19:03:46.0890 3264 ultra - ok
19:03:46.0937 3264 [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:03:46.0953 3264 UNS - ok
19:03:47.0000 3264 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:03:47.0062 3264 Update - ok
19:03:47.0078 3264 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
19:03:47.0140 3264 upnphost - ok
19:03:47.0156 3264 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
19:03:47.0203 3264 UPS - ok
19:03:47.0234 3264 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:03:47.0281 3264 usbehci - ok
19:03:47.0296 3264 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:03:47.0359 3264 usbhub - ok
19:03:47.0390 3264 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:03:47.0453 3264 USBSTOR - ok
19:03:47.0484 3264 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:03:47.0531 3264 VgaSave - ok
19:03:47.0531 3264 ViaIde - ok
19:03:47.0546 3264 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:03:47.0609 3264 VolSnap - ok
19:03:47.0625 3264 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
19:03:47.0656 3264 VSS - ok
19:03:47.0671 3264 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
19:03:47.0734 3264 W32Time - ok
19:03:47.0750 3264 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:03:47.0812 3264 Wanarp - ok
19:03:47.0812 3264 WDICA - ok
19:03:47.0828 3264 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:03:47.0906 3264 wdmaud - ok
19:03:47.0921 3264 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:03:47.0984 3264 WebClient - ok
19:03:48.0031 3264 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:03:48.0109 3264 winmgmt - ok
19:03:48.0140 3264 [ 6199B2AE3F9DB9CB6DB230471A1DC601 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
19:03:48.0187 3264 WmdmPmSN - ok
19:03:48.0218 3264 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:03:48.0250 3264 Wmi - ok
19:03:48.0296 3264 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:03:48.0343 3264 WmiApSrv - ok
19:03:48.0375 3264 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:03:48.0437 3264 WS2IFSL - ok
19:03:48.0468 3264 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:03:48.0546 3264 wscsvc - ok
19:03:48.0562 3264 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:03:48.0625 3264 wuauserv - ok
19:03:48.0656 3264 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:03:48.0734 3264 WZCSVC - ok
19:03:48.0734 3264 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:03:48.0828 3264 xmlprov - ok
19:03:48.0828 3264 ================ Scan global ===============================
19:03:48.0843 3264 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
19:03:48.0875 3264 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
19:03:48.0890 3264 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
19:03:48.0906 3264 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
19:03:48.0906 3264 [Global] - ok
19:03:48.0906 3264 ================ Scan MBR ==================================
19:03:48.0921 3264 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
19:03:49.0203 3264 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:03:49.0203 3264 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:03:49.0203 3264 ================ Scan VBR ==================================
19:03:49.0203 3264 [ 73C1C854615390FC71854F0B566DA2DD ] \Device\Harddisk0\DR0\Partition1
19:03:49.0203 3264 \Device\Harddisk0\DR0\Partition1 - ok
19:03:49.0203 3264 ============================================================
19:03:49.0203 3264 Scan finished
19:03:49.0203 3264 ============================================================
19:03:49.0343 3260 Detected object count: 2
19:03:49.0343 3260 Actual detected object count: 2
19:04:14.0671 3260 atapi ( Rootkit.Win32.TDSS.tdl3 ) - skipped by user
19:04:14.0671 3260 atapi ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Skip
19:04:14.0671 3260 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:04:14.0671 3260 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
19:05:27.0296 2028 Deinitialize success

Re: relevantknowledge

Napsal: 09 úno 2013 20:15
od Márty84
Znovu spustte TDSSKiller. Tentokrat vsak nedavejte Skip, ale nechte tam to, co nabidne program, zrejme Cure.

Po restartu udelejte novy sken a dejte zase log.

Re: relevantknowledge

Napsal: 09 úno 2013 21:52
od stroupek
ZÁZRAK!!! Žádné vyskakování oken, Avast je v klidu :thumbsup:

TDSSKiller hlásí ještě jeden thread (mírná hrozba) ale programem je přednastaveno Skip


Log (zřejmě cure procesu):

21:29:13.0125 2532 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:29:13.0531 2532 ============================================================
21:29:13.0531 2532 Current date / time: 2013/02/09 21:29:13.0531
21:29:13.0531 2532 SystemInfo:
21:29:13.0531 2532
21:29:13.0531 2532 OS Version: 5.1.2600 ServicePack: 3.0
21:29:13.0531 2532 Product type: Workstation
21:29:13.0531 2532 ComputerName: LIBOR-PC
21:29:13.0531 2532 UserName: Libor
21:29:13.0531 2532 Windows directory: C:\WINDOWS
21:29:13.0531 2532 System windows directory: C:\WINDOWS
21:29:13.0531 2532 Processor architecture: Intel x86
21:29:13.0531 2532 Number of processors: 2
21:29:13.0531 2532 Page size: 0x1000
21:29:13.0531 2532 Boot type: Normal boot
21:29:13.0531 2532 ============================================================
21:29:24.0140 2532 BG loaded
21:29:26.0578 2532 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:29:27.0421 2532 ============================================================
21:29:27.0421 2532 \Device\Harddisk0\DR0:
21:29:27.0453 2532 MBR partitions:
21:29:27.0453 2532 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
21:29:27.0453 2532 ============================================================
21:29:27.0812 2532 C: <-> \Device\Harddisk0\DR0\Partition1
21:29:27.0843 2532 ============================================================
21:29:27.0843 2532 Initialize success
21:29:27.0843 2532 ============================================================
21:29:39.0343 2500 Deinitialize success


Log skenu:

21:35:46.0078 2220 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:35:48.0078 2220 ============================================================
21:35:48.0078 2220 Current date / time: 2013/02/09 21:35:48.0078
21:35:48.0078 2220 SystemInfo:
21:35:48.0078 2220
21:35:48.0078 2220 OS Version: 5.1.2600 ServicePack: 3.0
21:35:48.0078 2220 Product type: Workstation
21:35:48.0078 2220 ComputerName: LIBOR-PC
21:35:48.0093 2220 UserName: Libor
21:35:48.0093 2220 Windows directory: C:\WINDOWS
21:35:48.0093 2220 System windows directory: C:\WINDOWS
21:35:48.0093 2220 Processor architecture: Intel x86
21:35:48.0093 2220 Number of processors: 2
21:35:48.0093 2220 Page size: 0x1000
21:35:48.0093 2220 Boot type: Normal boot
21:35:48.0093 2220 ============================================================
21:35:48.0296 2220 BG loaded
21:35:48.0453 2220 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:35:48.0562 2220 ============================================================
21:35:48.0562 2220 \Device\Harddisk0\DR0:
21:35:48.0562 2220 MBR partitions:
21:35:48.0562 2220 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
21:35:48.0562 2220 ============================================================
21:35:48.0562 2220 C: <-> \Device\Harddisk0\DR0\Partition1
21:35:48.0562 2220 ============================================================
21:35:48.0562 2220 Initialize success
21:35:48.0562 2220 ============================================================
21:35:53.0890 2368 ============================================================
21:35:53.0890 2368 Scan started
21:35:53.0890 2368 Mode: Manual; SigCheck; TDLFS;
21:35:53.0890 2368 ============================================================
21:35:53.0953 2368 ================ Scan system memory ========================
21:35:53.0953 2368 System memory - ok
21:35:53.0953 2368 ================ Scan services =============================
21:35:54.0062 2368 [ 8D488938E2F7048906F1FBD3AF394887 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
21:35:54.0156 2368 Aavmker4 - ok
21:35:54.0156 2368 Abiosdsk - ok
21:35:54.0156 2368 abp480n5 - ok
21:35:54.0218 2368 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:35:54.0265 2368 ACPI - ok
21:35:54.0281 2368 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:35:54.0343 2368 ACPIEC - ok
21:35:54.0343 2368 adpu160m - ok
21:35:54.0375 2368 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:35:54.0421 2368 aec - ok
21:35:54.0453 2368 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:35:54.0468 2368 AFD - ok
21:35:54.0468 2368 Aha154x - ok
21:35:54.0468 2368 aic78u2 - ok
21:35:54.0468 2368 aic78xx - ok
21:35:54.0500 2368 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:35:54.0546 2368 Alerter - ok
21:35:54.0562 2368 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
21:35:54.0609 2368 ALG - ok
21:35:54.0609 2368 AliIde - ok
21:35:54.0656 2368 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
21:35:54.0703 2368 Ambfilt - ok
21:35:54.0703 2368 amsint - ok
21:35:54.0750 2368 [ E592751036C1D0A74EC3E57302A03745 ] AppleCharger C:\WINDOWS\system32\DRIVERS\AppleCharger.sys
21:35:54.0750 2368 AppleCharger - ok
21:35:54.0750 2368 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe
21:35:54.0765 2368 AppleChargerSrv - ok
21:35:54.0781 2368 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:35:54.0812 2368 AppMgmt - ok
21:35:54.0812 2368 asc - ok
21:35:54.0812 2368 asc3350p - ok
21:35:54.0812 2368 asc3550 - ok
21:35:54.0875 2368 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:35:54.0875 2368 aspnet_state - ok
21:35:54.0906 2368 [ A0D86B8AC93EF95620420C7A24AC5344 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:35:54.0906 2368 aswFsBlk - ok
21:35:54.0921 2368 [ 7D880C76A285A41284D862E2D798EC0D ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
21:35:54.0921 2368 aswMon2 - ok
21:35:54.0937 2368 [ 69823954BBD461A73D69774928C9737E ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
21:35:54.0937 2368 aswRdr - ok
21:35:54.0953 2368 [ 81F10376AF5F0F466F03CB2C5321B7ED ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
21:35:54.0968 2368 aswSnx - ok
21:35:54.0968 2368 [ 7ECC2776638B04553F9A85BD684C3ABF ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
21:35:54.0984 2368 aswSP - ok
21:35:55.0015 2368 [ 095ED820A926AA8189180B305E1BCFC9 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
21:35:55.0015 2368 aswTdi - ok
21:35:55.0031 2368 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:35:55.0078 2368 AsyncMac - ok
21:35:55.0109 2368 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:35:55.0156 2368 atapi - ok
21:35:55.0171 2368 Atdisk - ok
21:35:55.0171 2368 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:35:55.0234 2368 Atmarpc - ok
21:35:55.0250 2368 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:35:55.0312 2368 AudioSrv - ok
21:35:55.0343 2368 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:35:55.0406 2368 audstub - ok
21:35:55.0453 2368 [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
21:35:55.0453 2368 avast! Antivirus - ok
21:35:55.0453 2368 [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
21:35:55.0468 2368 avast! Mail Scanner - ok
21:35:55.0468 2368 [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Web Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
21:35:55.0468 2368 avast! Web Scanner - ok
21:35:55.0500 2368 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:35:55.0562 2368 Beep - ok
21:35:55.0593 2368 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
21:35:55.0656 2368 BITS - ok
21:35:55.0687 2368 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
21:35:55.0703 2368 Browser - ok
21:35:55.0734 2368 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:35:55.0781 2368 cbidf2k - ok
21:35:55.0796 2368 cd20xrnt - ok
21:35:55.0796 2368 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:35:55.0859 2368 Cdaudio - ok
21:35:55.0875 2368 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:35:55.0937 2368 Cdfs - ok
21:35:55.0937 2368 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:35:56.0000 2368 Cdrom - ok
21:35:56.0000 2368 Changer - ok
21:35:56.0015 2368 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:35:56.0078 2368 CiSvc - ok
21:35:56.0093 2368 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:35:56.0156 2368 ClipSrv - ok
21:35:56.0171 2368 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:35:56.0171 2368 clr_optimization_v2.0.50727_32 - ok
21:35:56.0171 2368 CmdIde - ok
21:35:56.0187 2368 COMSysApp - ok
21:35:56.0187 2368 Cpqarray - ok
21:35:56.0203 2368 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:35:56.0265 2368 CryptSvc - ok
21:35:56.0265 2368 dac2w2k - ok
21:35:56.0281 2368 dac960nt - ok
21:35:56.0312 2368 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:35:56.0328 2368 DcomLaunch - ok
21:35:56.0359 2368 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:35:56.0406 2368 Dhcp - ok
21:35:56.0421 2368 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:35:56.0484 2368 Disk - ok
21:35:56.0500 2368 dmadmin - ok
21:35:56.0531 2368 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:35:56.0593 2368 dmboot - ok
21:35:56.0609 2368 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:35:56.0687 2368 dmio - ok
21:35:56.0703 2368 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:35:56.0765 2368 dmload - ok
21:35:56.0781 2368 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:35:56.0843 2368 dmserver - ok
21:35:56.0875 2368 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:35:56.0921 2368 DMusic - ok
21:35:56.0953 2368 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:35:56.0968 2368 Dnscache - ok
21:35:56.0984 2368 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:35:57.0046 2368 Dot3svc - ok
21:35:57.0062 2368 dpti2o - ok
21:35:57.0078 2368 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:35:57.0125 2368 drmkaud - ok
21:35:57.0171 2368 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
21:35:57.0187 2368 dtsoftbus01 - ok
21:35:57.0203 2368 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:35:57.0250 2368 EapHost - ok
21:35:57.0281 2368 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:35:57.0343 2368 ERSvc - ok
21:35:57.0343 2368 esgiguard - ok
21:35:57.0375 2368 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
21:35:57.0390 2368 Eventlog - ok
21:35:57.0406 2368 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
21:35:57.0421 2368 EventSystem - ok
21:35:57.0421 2368 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:35:57.0500 2368 Fastfat - ok
21:35:57.0531 2368 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:35:57.0546 2368 FastUserSwitchingCompatibility - ok
21:35:57.0546 2368 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
21:35:57.0625 2368 Fdc - ok
21:35:57.0640 2368 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:35:57.0687 2368 Fips - ok
21:35:57.0703 2368 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:35:57.0750 2368 Flpydisk - ok
21:35:57.0765 2368 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:35:57.0843 2368 FltMgr - ok
21:35:57.0890 2368 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:35:57.0890 2368 FontCache3.0.0.0 - ok
21:35:57.0906 2368 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:35:57.0984 2368 Fs_Rec - ok
21:35:58.0000 2368 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:35:58.0046 2368 Ftdisk - ok
21:35:58.0046 2368 gdrv - ok
21:35:58.0078 2368 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:35:58.0125 2368 Gpc - ok
21:35:58.0140 2368 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
21:35:58.0156 2368 hamachi - ok
21:35:58.0265 2368 [ 616399E27A55C97AE859230EB13984D8 ] Hamachi2Svc C:\Programy\LogMeIn Hamachi\hamachi-2.exe
21:35:58.0296 2368 Hamachi2Svc - ok
21:35:58.0328 2368 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:35:58.0390 2368 HDAudBus - ok
21:35:58.0437 2368 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:35:58.0515 2368 helpsvc - ok
21:35:58.0515 2368 HidServ - ok
21:35:58.0546 2368 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:35:58.0593 2368 hidusb - ok
21:35:58.0625 2368 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:35:58.0687 2368 hkmsvc - ok
21:35:58.0687 2368 hpn - ok
21:35:58.0718 2368 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:35:58.0750 2368 HTTP - ok
21:35:58.0765 2368 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:35:58.0828 2368 HTTPFilter - ok
21:35:58.0843 2368 i2omgmt - ok
21:35:58.0843 2368 i2omp - ok
21:35:58.0859 2368 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:35:58.0921 2368 i8042prt - ok
21:35:59.0015 2368 [ A4978E73E18AED6F6765854BA27D674B ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:35:59.0093 2368 ialm - ok
21:35:59.0140 2368 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:35:59.0171 2368 idsvc - ok
21:35:59.0187 2368 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:35:59.0265 2368 Imapi - ok
21:35:59.0281 2368 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
21:35:59.0328 2368 ImapiService - ok
21:35:59.0328 2368 ini910u - ok
21:35:59.0515 2368 [ 791A119641F14706E6687741775AE1AA ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:35:59.0703 2368 IntcAzAudAddService - ok
21:35:59.0765 2368 [ 28B3162EC8D01114313D7F447D8E157E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:35:59.0765 2368 Intel(R) Capability Licensing Service Interface - ok
21:35:59.0781 2368 IntelIde - ok
21:35:59.0796 2368 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:35:59.0859 2368 intelppm - ok
21:35:59.0875 2368 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:35:59.0937 2368 Ip6Fw - ok
21:35:59.0953 2368 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:36:00.0015 2368 IpFilterDriver - ok
21:36:00.0015 2368 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:36:00.0078 2368 IpInIp - ok
21:36:00.0109 2368 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:36:00.0171 2368 IpNat - ok
21:36:00.0187 2368 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:36:00.0250 2368 IPSec - ok
21:36:00.0265 2368 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:36:00.0296 2368 IRENUM - ok
21:36:00.0328 2368 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:36:00.0375 2368 isapnp - ok
21:36:00.0437 2368 [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:36:00.0437 2368 jhi_service - ok
21:36:00.0468 2368 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:36:00.0515 2368 Kbdclass - ok
21:36:00.0546 2368 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:36:00.0609 2368 kmixer - ok
21:36:00.0625 2368 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:36:00.0640 2368 KSecDD - ok
21:36:00.0671 2368 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
21:36:00.0687 2368 LanmanServer - ok
21:36:00.0718 2368 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:36:00.0718 2368 lanmanworkstation - ok
21:36:00.0718 2368 lbrtfdc - ok
21:36:00.0750 2368 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:36:00.0796 2368 LmHosts - ok
21:36:00.0828 2368 [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:36:00.0828 2368 LMS - ok
21:36:00.0843 2368 [ 240D715CFE4FB8F4CDA76F6863E62334 ] MEI C:\WINDOWS\system32\DRIVERS\HECI.sys
21:36:00.0859 2368 MEI - ok
21:36:00.0875 2368 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:36:00.0953 2368 Messenger - ok
21:36:00.0984 2368 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:36:01.0031 2368 mnmdd - ok
21:36:01.0046 2368 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:36:01.0109 2368 mnmsrvc - ok
21:36:01.0140 2368 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:36:01.0187 2368 Modem - ok
21:36:01.0218 2368 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
21:36:01.0250 2368 Monfilt - ok
21:36:01.0281 2368 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:36:01.0359 2368 Mouclass - ok
21:36:01.0375 2368 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:36:01.0453 2368 mouhid - ok
21:36:01.0468 2368 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:36:01.0531 2368 MountMgr - ok
21:36:01.0531 2368 mraid35x - ok
21:36:01.0531 2368 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:36:01.0593 2368 MRxDAV - ok
21:36:01.0625 2368 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:36:01.0640 2368 MRxSmb - ok
21:36:01.0671 2368 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:36:01.0718 2368 MSDTC - ok
21:36:01.0734 2368 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:36:01.0781 2368 Msfs - ok
21:36:01.0781 2368 MSIServer - ok
21:36:01.0796 2368 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:36:01.0875 2368 MSKSSRV - ok
21:36:01.0890 2368 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:36:01.0953 2368 MSPCLOCK - ok
21:36:01.0968 2368 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:36:02.0015 2368 MSPQM - ok
21:36:02.0046 2368 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:36:02.0093 2368 mssmbios - ok
21:36:02.0140 2368 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:36:02.0140 2368 Mup - ok
21:36:02.0171 2368 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
21:36:02.0234 2368 napagent - ok
21:36:02.0250 2368 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:36:02.0328 2368 NDIS - ok
21:36:02.0343 2368 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:36:02.0359 2368 NdisTapi - ok
21:36:02.0375 2368 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:36:02.0421 2368 Ndisuio - ok
21:36:02.0437 2368 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:36:02.0484 2368 NdisWan - ok
21:36:02.0515 2368 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:36:02.0531 2368 NDProxy - ok
21:36:02.0531 2368 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:36:02.0609 2368 NetBIOS - ok
21:36:02.0625 2368 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:36:02.0687 2368 NetBT - ok
21:36:02.0687 2368 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
21:36:02.0750 2368 NetDDE - ok
21:36:02.0765 2368 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:36:02.0812 2368 NetDDEdsdm - ok
21:36:02.0828 2368 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:36:02.0890 2368 Netlogon - ok
21:36:02.0906 2368 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
21:36:02.0968 2368 Netman - ok
21:36:02.0968 2368 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:36:02.0984 2368 NetTcpPortSharing - ok
21:36:03.0000 2368 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
21:36:03.0031 2368 Nla - ok
21:36:03.0046 2368 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:36:03.0109 2368 Npfs - ok
21:36:03.0140 2368 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:36:03.0203 2368 Ntfs - ok
21:36:03.0218 2368 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:36:03.0265 2368 NtLmSsp - ok
21:36:03.0296 2368 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:36:03.0359 2368 NtmsSvc - ok
21:36:03.0375 2368 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:36:03.0453 2368 Null - ok
21:36:03.0453 2368 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:36:03.0531 2368 NwlnkFlt - ok
21:36:03.0531 2368 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:36:03.0593 2368 NwlnkFwd - ok
21:36:03.0609 2368 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
21:36:03.0687 2368 Parport - ok
21:36:03.0703 2368 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:36:03.0765 2368 PartMgr - ok
21:36:03.0796 2368 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:36:03.0843 2368 ParVdm - ok
21:36:03.0859 2368 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:36:03.0906 2368 PCI - ok
21:36:03.0906 2368 PCIDump - ok
21:36:03.0921 2368 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:36:03.0984 2368 PCIIde - ok
21:36:04.0000 2368 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:36:04.0062 2368 Pcmcia - ok
21:36:04.0062 2368 PDCOMP - ok
21:36:04.0062 2368 PDFRAME - ok
21:36:04.0062 2368 PDRELI - ok
21:36:04.0062 2368 PDRFRAME - ok
21:36:04.0078 2368 perc2 - ok
21:36:04.0078 2368 perc2hib - ok
21:36:04.0093 2368 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
21:36:04.0109 2368 PlugPlay - ok
21:36:04.0109 2368 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:36:04.0156 2368 PolicyAgent - ok
21:36:04.0203 2368 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:36:04.0250 2368 PptpMiniport - ok
21:36:04.0265 2368 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:36:04.0312 2368 ProtectedStorage - ok
21:36:04.0312 2368 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:36:04.0375 2368 PSched - ok
21:36:04.0390 2368 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:36:04.0453 2368 Ptilink - ok
21:36:04.0453 2368 ql1080 - ok
21:36:04.0453 2368 Ql10wnt - ok
21:36:04.0453 2368 ql12160 - ok
21:36:04.0453 2368 ql1240 - ok
21:36:04.0453 2368 ql1280 - ok
21:36:04.0468 2368 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:36:04.0546 2368 RasAcd - ok
21:36:04.0562 2368 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:36:04.0625 2368 RasAuto - ok
21:36:04.0640 2368 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:36:04.0687 2368 Rasl2tp - ok
21:36:04.0703 2368 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:36:04.0781 2368 RasMan - ok
21:36:04.0781 2368 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:36:04.0843 2368 RasPppoe - ok
21:36:04.0843 2368 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:36:04.0890 2368 Raspti - ok
21:36:04.0921 2368 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:36:04.0968 2368 Rdbss - ok
21:36:04.0984 2368 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:36:05.0046 2368 RDPCDD - ok
21:36:05.0078 2368 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:36:05.0156 2368 rdpdr - ok
21:36:05.0187 2368 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:36:05.0187 2368 RDPWD - ok
21:36:05.0218 2368 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:36:05.0296 2368 RDSessMgr - ok
21:36:05.0328 2368 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:36:05.0390 2368 redbook - ok
21:36:05.0406 2368 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:36:05.0484 2368 RemoteAccess - ok
21:36:05.0515 2368 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:36:05.0578 2368 RemoteRegistry - ok
21:36:05.0578 2368 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
21:36:05.0640 2368 RpcLocator - ok
21:36:05.0671 2368 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
21:36:05.0687 2368 RpcSs - ok
21:36:05.0718 2368 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:36:05.0781 2368 RSVP - ok
21:36:05.0812 2368 [ 71439E5BF872A91DB450641BE445F51C ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
21:36:05.0812 2368 RTLE8023xp - ok
21:36:05.0828 2368 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
21:36:05.0890 2368 SamSs - ok
21:36:05.0906 2368 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:36:05.0968 2368 SCardSvr - ok
21:36:06.0000 2368 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:36:06.0062 2368 Schedule - ok
21:36:06.0078 2368 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:36:06.0109 2368 Secdrv - ok
21:36:06.0125 2368 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:36:06.0187 2368 seclogon - ok
21:36:06.0203 2368 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
21:36:06.0265 2368 SENS - ok
21:36:06.0281 2368 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
21:36:06.0359 2368 Serial - ok
21:36:06.0375 2368 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:36:06.0437 2368 Sfloppy - ok
21:36:06.0453 2368 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:36:06.0515 2368 SharedAccess - ok
21:36:06.0531 2368 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:36:06.0546 2368 ShellHWDetection - ok
21:36:06.0546 2368 Simbad - ok
21:36:06.0546 2368 Sparrow - ok
21:36:06.0562 2368 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:36:06.0625 2368 splitter - ok
21:36:06.0656 2368 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:36:06.0671 2368 Spooler - ok
21:36:06.0687 2368 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:36:06.0718 2368 sr - ok
21:36:06.0734 2368 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
21:36:06.0781 2368 srservice - ok
21:36:06.0796 2368 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:36:06.0796 2368 Srv - ok
21:36:06.0859 2368 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:36:06.0906 2368 SSDPSRV - ok
21:36:06.0937 2368 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:36:07.0000 2368 stisvc - ok
21:36:07.0000 2368 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:36:07.0062 2368 swenum - ok
21:36:07.0109 2368 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:36:07.0156 2368 swmidi - ok
21:36:07.0156 2368 SwPrv - ok
21:36:07.0156 2368 symc810 - ok
21:36:07.0171 2368 symc8xx - ok
21:36:07.0171 2368 sym_hi - ok
21:36:07.0171 2368 sym_u3 - ok
21:36:07.0187 2368 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:36:07.0234 2368 sysaudio - ok
21:36:07.0265 2368 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:36:07.0328 2368 SysmonLog - ok
21:36:07.0359 2368 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:36:07.0437 2368 TapiSrv - ok
21:36:07.0453 2368 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:36:07.0468 2368 Tcpip - ok
21:36:07.0500 2368 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:36:07.0562 2368 TDPIPE - ok
21:36:07.0578 2368 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:36:07.0656 2368 TDTCP - ok
21:36:07.0687 2368 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:36:07.0734 2368 TermDD - ok
21:36:07.0750 2368 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
21:36:07.0812 2368 TermService - ok
21:36:07.0828 2368 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:36:07.0828 2368 Themes - ok
21:36:07.0859 2368 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
21:36:07.0890 2368 TlntSvr - ok
21:36:07.0890 2368 TosIde - ok
21:36:07.0906 2368 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:36:07.0968 2368 TrkWks - ok
21:36:07.0984 2368 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:36:08.0046 2368 Udfs - ok
21:36:08.0046 2368 ultra - ok
21:36:08.0093 2368 [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:36:08.0109 2368 UNS - ok
21:36:08.0140 2368 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:36:08.0203 2368 Update - ok
21:36:08.0234 2368 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
21:36:08.0281 2368 upnphost - ok
21:36:08.0296 2368 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
21:36:08.0359 2368 UPS - ok
21:36:08.0390 2368 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:36:08.0437 2368 usbehci - ok
21:36:08.0437 2368 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:36:08.0515 2368 usbhub - ok
21:36:08.0531 2368 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:36:08.0593 2368 USBSTOR - ok
21:36:08.0625 2368 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:36:08.0687 2368 VgaSave - ok
21:36:08.0687 2368 ViaIde - ok
21:36:08.0687 2368 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:36:08.0765 2368 VolSnap - ok
21:36:08.0781 2368 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
21:36:08.0812 2368 VSS - ok
21:36:08.0828 2368 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
21:36:08.0890 2368 W32Time - ok
21:36:08.0906 2368 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:36:08.0953 2368 Wanarp - ok
21:36:08.0968 2368 WDICA - ok
21:36:08.0984 2368 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:36:09.0062 2368 wdmaud - ok
21:36:09.0078 2368 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:36:09.0140 2368 WebClient - ok
21:36:09.0187 2368 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:36:09.0250 2368 winmgmt - ok
21:36:09.0281 2368 [ 6199B2AE3F9DB9CB6DB230471A1DC601 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
21:36:09.0343 2368 WmdmPmSN - ok
21:36:09.0359 2368 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:36:09.0375 2368 Wmi - ok
21:36:09.0421 2368 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:36:09.0484 2368 WmiApSrv - ok
21:36:09.0515 2368 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:36:09.0578 2368 WS2IFSL - ok
21:36:09.0609 2368 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:36:09.0671 2368 wscsvc - ok
21:36:09.0703 2368 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:36:09.0765 2368 wuauserv - ok
21:36:09.0796 2368 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:36:09.0859 2368 WZCSVC - ok
21:36:09.0875 2368 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:36:09.0937 2368 xmlprov - ok
21:36:09.0937 2368 ================ Scan global ===============================
21:36:09.0968 2368 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
21:36:10.0000 2368 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
21:36:10.0000 2368 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
21:36:10.0015 2368 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
21:36:10.0015 2368 [Global] - ok
21:36:10.0015 2368 ================ Scan MBR ==================================
21:36:10.0031 2368 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
21:36:10.0296 2368 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:36:10.0296 2368 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:36:10.0296 2368 ================ Scan VBR ==================================
21:36:10.0296 2368 [ 73C1C854615390FC71854F0B566DA2DD ] \Device\Harddisk0\DR0\Partition1
21:36:10.0296 2368 \Device\Harddisk0\DR0\Partition1 - ok
21:36:10.0296 2368 ============================================================
21:36:10.0296 2368 Scan finished
21:36:10.0296 2368 ============================================================
21:36:10.0406 2360 Detected object count: 1
21:36:10.0406 2360 Actual detected object count: 1
21:36:13.0812 2360 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:36:13.0812 2360 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
21:36:16.0000 2216 Deinitialize success

Re: relevantknowledge

Napsal: 09 úno 2013 22:12
od Márty84
Proverime to

:arrow: Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe , ulozte na plochu a spustte.
Kliknete na Scan
Pak kliknete na Save log a ulozte ho treba na plochu
Obsah logu mi sem zkopirujte


:arrow: Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe , ulozte ho na plochu a spustte.
Kliknete na Report
Za chvili vyskoci log s nazvem MBRScan.txt, ten mi sem zkopirujte.

Re: relevantknowledge

Napsal: 09 úno 2013 22:20
od stroupek
aswMBR:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-09 22:16:30
-----------------------------
22:16:30.734 OS Version: Windows 5.1.2600 Service Pack 3
22:16:30.734 Number of processors: 2 586 0x2A07
22:16:30.734 ComputerName: LIBOR-PC UserName: Libor
22:16:31.015 Initialize success
22:16:31.171 AVAST engine defs: 13020900
22:16:32.875 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
22:16:32.875 Disk 0 Vendor: ST380819AS 3.02 Size: 76319MB BusType: 3
22:16:32.890 Disk 0 MBR read successfully
22:16:32.890 Disk 0 MBR scan
22:16:32.890 Disk 0 Windows XP default MBR code
22:16:32.890 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
22:16:32.906 Disk 0 scanning sectors +156280320
22:16:32.937 Disk 0 scanning C:\WINDOWS\system32\drivers
22:16:37.250 Service scanning
22:16:43.515 Modules scanning
22:16:45.906 Disk 0 trace - called modules:
22:16:45.921 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll tsk248.tmp pciide.sys PCIIDEX.SYS
22:16:45.921 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89a7fab8]
22:16:45.921 3 CLASSPNP.SYS[b98e8fd7] -> nt!IofCallDriver -> \Device\00000069[0x89b39f18]
22:16:45.937 5 ACPI.sys[b9751620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89a81940]
22:16:45.937 \Driver\atapi[0x89b24ba8] -> IRP_MJ_CREATE -> tsk248.tmp[0xb96e76f2]
22:16:45.937 \Driver\atapi[0x89b24ba8] -> IRP_MJ_CLOSE -> tsk248.tmp[0xb96e76f2]
22:16:45.937 \Driver\atapi[0x89b24ba8] -> IRP_MJ_DEVICE_CONTROL -> tsk248.tmp[0xb96e7712]
22:16:45.937 \Driver\atapi[0x89b24ba8] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> tsk248.tmp[0xb96e3852]
22:16:45.937 \Driver\atapi[0x89b24ba8] -> IRP_MJ_POWER -> tsk248.tmp[0xb96e773c]
22:16:45.937 \Driver\atapi[0x89b24ba8] -> IRP_MJ_SYSTEM_CONTROL -> tsk248.tmp[0xb96ee336]
22:16:46.171 AVAST engine scan C:\WINDOWS
22:16:48.265 AVAST engine scan C:\WINDOWS\system32
22:17:41.468 AVAST engine scan C:\WINDOWS\system32\drivers
22:17:46.078 AVAST engine scan C:\Documents and Settings\Libor
22:18:17.375 AVAST engine scan C:\Documents and Settings\All Users
22:18:20.609 Scan finished successfully
22:18:30.343 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Libor\Plocha\MBR.dat"
22:18:30.343 The log file has been saved successfully to "C:\Documents and Settings\Libor\Plocha\aswMBR.txt"


MbrScan:

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR      : x86 Family 6 Model 42 Stepping 7, GenuineIntel
BOOT           : Normal Boot
DATE           : 2013/02/09 (ISO 8601) at 22:18:47
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST380819AS (3.02)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	74.53 Go  [Fixed] ==> XP MBR Code

MBR_MD5   : C852B582D49947DE4C32FA6C52D23A0A
MBR_SHA1  : 5388B4D7DD60088D48FA26D1E56E49E8B13915E1

Device\Harddisk0\Partition1	74.52 Go  	0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0xA5C3F000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xB9E44000
SIZE    : 8.0 Ko

DRIVER  : C:\DOCUME~1\Libor\LOCALS~1\Temp\aswMBR.sys => Invisible on the disk
ADDRESS : 0xA4EAC000
SIZE    : 48.0 Ko

SystemStartOptions : NOEXECUTE=OPTIN  FASTDETECT

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.м.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C   .w#r.9F.s.¸..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 4E 65 70 6C   2ä.V.Í.ëÖaùÃNepl
0x00000130   61 74 6E A0 20 74 61 62 75 6C 6B 61 20 6F 64 64   atn. tabulka odd
0x00000140   A1 6C 85 00 43 68 79 62 61 20 70 FD 69 20 6E 61   ¡l..Chyba pýi na
0x00000150   9F A1 74 A0 6E A1 20 6F 70 65 72 61 9F 6E A1 68   .¡t.n¡ opera.n¡h
0x00000160   6F 20 73 79 73 74 82 6D 75 00 4F 70 65 72 61 9F   o syst.mu.Opera.
0x00000170   6E A1 20 73 79 73 74 82 6D 20 6E 65 6E 61 6C 65   n¡ syst.m nenale
0x00000180   7A 65 6E 00 00 00 00 00 00 00 00 00 00 00 00 00   zen.............
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 2C 44 6A E1 E7 E1 E7 00 00 80 01   .....,Djáçáç....
0x000001C0   01 00 07 FE FF FF 3F 00 00 00 C1 A5 50 09 00 00   ...þ..?...Á¥P...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

Re: relevantknowledge

Napsal: 09 úno 2013 22:48
od Márty84
Melo by to byt v poradku.


Zopakujte tyto kroky
:arrow:
vyosek píše::arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.



:arrow: Pak napiste jak se chova pc

Re: relevantknowledge

Napsal: 09 úno 2013 23:21
od stroupek
Vše v pořádku. Nouzový režim už taky funguje.
Moc a moc Vám děkuji za pomoc, za Váš čas a trpělivost a hlavně za úspěšné vyřešení.

Už si opisuji číslo bank. účtu na podporu fóra.

Ještě jednou děkuji :worship:

Re: relevantknowledge

Napsal: 10 úno 2013 08:26
od Márty84
Nemate vubec zac, rado se stalo :)

Za pripadny prispevek dekujeme :worship:

Mejte se a treba zase nekdy :bye:

:closed:

Re: relevantknowledge

Napsal: 10 úno 2013 09:39
od Márty84
Jelikoz me kolega upozornil jeste na jednu nesrovnalost, udelejte prosim jeste jednou sken s TDSSKillerem a aswMBR. Je mozne, ze se ten previt vrati ze zalohy :roll:

Re: relevantknowledge

Napsal: 10 úno 2013 11:34
od stroupek
Zde prosím výsledné logy:
TDSSKiller:

11:28:20.0828 3852 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:28:21.0093 3852 ============================================================
11:28:21.0093 3852 Current date / time: 2013/02/10 11:28:21.0093
11:28:21.0093 3852 SystemInfo:
11:28:21.0093 3852
11:28:21.0093 3852 OS Version: 5.1.2600 ServicePack: 3.0
11:28:21.0093 3852 Product type: Workstation
11:28:21.0093 3852 ComputerName: LIBOR-PC
11:28:21.0093 3852 UserName: Libor
11:28:21.0093 3852 Windows directory: C:\WINDOWS
11:28:21.0093 3852 System windows directory: C:\WINDOWS
11:28:21.0093 3852 Processor architecture: Intel x86
11:28:21.0093 3852 Number of processors: 2
11:28:21.0093 3852 Page size: 0x1000
11:28:21.0093 3852 Boot type: Normal boot
11:28:21.0093 3852 ============================================================
11:28:21.0984 3852 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:28:22.0140 3852 ============================================================
11:28:22.0140 3852 \Device\Harddisk0\DR0:
11:28:22.0140 3852 MBR partitions:
11:28:22.0140 3852 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
11:28:22.0140 3852 ============================================================
11:28:22.0218 3852 C: <-> \Device\Harddisk0\DR0\Partition1
11:28:22.0218 3852 ============================================================
11:28:22.0218 3852 Initialize success
11:28:22.0218 3852 ============================================================
11:28:26.0593 3140 ============================================================
11:28:26.0593 3140 Scan started
11:28:26.0593 3140 Mode: Manual; SigCheck; TDLFS;
11:28:26.0593 3140 ============================================================
11:28:27.0234 3140 ================ Scan system memory ========================
11:28:27.0234 3140 System memory - ok
11:28:27.0234 3140 ================ Scan services =============================
11:28:27.0343 3140 [ 8D488938E2F7048906F1FBD3AF394887 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
11:28:27.0453 3140 Aavmker4 - ok
11:28:27.0468 3140 Abiosdsk - ok
11:28:27.0468 3140 abp480n5 - ok
11:28:27.0500 3140 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:28:28.0296 3140 ACPI - ok
11:28:28.0328 3140 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:28:28.0406 3140 ACPIEC - ok
11:28:28.0406 3140 adpu160m - ok
11:28:28.0437 3140 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:28:28.0484 3140 aec - ok
11:28:28.0531 3140 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:28:28.0578 3140 AFD - ok
11:28:28.0578 3140 Aha154x - ok
11:28:28.0578 3140 aic78u2 - ok
11:28:28.0593 3140 aic78xx - ok
11:28:28.0609 3140 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:28:28.0703 3140 Alerter - ok
11:28:28.0734 3140 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
11:28:28.0765 3140 ALG - ok
11:28:28.0781 3140 AliIde - ok
11:28:28.0828 3140 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
11:28:28.0890 3140 Ambfilt - ok
11:28:28.0906 3140 amsint - ok
11:28:28.0968 3140 [ E592751036C1D0A74EC3E57302A03745 ] AppleCharger C:\WINDOWS\system32\DRIVERS\AppleCharger.sys
11:28:28.0968 3140 AppleCharger - ok
11:28:28.0984 3140 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe
11:28:28.0984 3140 AppleChargerSrv - ok
11:28:29.0000 3140 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:28:29.0046 3140 AppMgmt - ok
11:28:29.0046 3140 asc - ok
11:28:29.0062 3140 asc3350p - ok
11:28:29.0062 3140 asc3550 - ok
11:28:29.0109 3140 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:28:29.0125 3140 aspnet_state - ok
11:28:29.0140 3140 [ A0D86B8AC93EF95620420C7A24AC5344 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
11:28:29.0156 3140 aswFsBlk - ok
11:28:29.0156 3140 [ 7D880C76A285A41284D862E2D798EC0D ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
11:28:29.0156 3140 aswMon2 - ok
11:28:29.0171 3140 [ 69823954BBD461A73D69774928C9737E ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
11:28:29.0171 3140 aswRdr - ok
11:28:29.0187 3140 [ 81F10376AF5F0F466F03CB2C5321B7ED ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
11:28:29.0218 3140 aswSnx - ok
11:28:29.0250 3140 [ 7ECC2776638B04553F9A85BD684C3ABF ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
11:28:29.0265 3140 aswSP - ok
11:28:29.0265 3140 [ 095ED820A926AA8189180B305E1BCFC9 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
11:28:29.0281 3140 aswTdi - ok
11:28:29.0296 3140 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:28:29.0359 3140 AsyncMac - ok
11:28:29.0406 3140 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:28:29.0468 3140 atapi - ok
11:28:29.0484 3140 Atdisk - ok
11:28:29.0484 3140 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:28:29.0531 3140 Atmarpc - ok
11:28:29.0562 3140 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:28:29.0625 3140 AudioSrv - ok
11:28:29.0671 3140 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:28:29.0718 3140 audstub - ok
11:28:29.0796 3140 [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
11:28:29.0812 3140 avast! Antivirus - ok
11:28:29.0812 3140 [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
11:28:29.0828 3140 avast! Mail Scanner - ok
11:28:29.0828 3140 [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Web Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
11:28:29.0828 3140 avast! Web Scanner - ok
11:28:29.0875 3140 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:28:29.0937 3140 Beep - ok
11:28:29.0968 3140 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
11:28:30.0078 3140 BITS - ok
11:28:30.0109 3140 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
11:28:30.0140 3140 Browser - ok
11:28:30.0171 3140 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:28:30.0234 3140 cbidf2k - ok
11:28:30.0234 3140 cd20xrnt - ok
11:28:30.0250 3140 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:28:30.0328 3140 Cdaudio - ok
11:28:30.0359 3140 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:28:30.0421 3140 Cdfs - ok
11:28:30.0437 3140 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:28:30.0500 3140 Cdrom - ok
11:28:30.0500 3140 Changer - ok
11:28:30.0531 3140 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:28:30.0593 3140 CiSvc - ok
11:28:30.0593 3140 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:28:30.0656 3140 ClipSrv - ok
11:28:30.0671 3140 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:28:30.0687 3140 clr_optimization_v2.0.50727_32 - ok
11:28:30.0687 3140 CmdIde - ok
11:28:30.0687 3140 COMSysApp - ok
11:28:30.0703 3140 Cpqarray - ok
11:28:30.0718 3140 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:28:30.0796 3140 CryptSvc - ok
11:28:30.0796 3140 dac2w2k - ok
11:28:30.0796 3140 dac960nt - ok
11:28:30.0843 3140 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:28:30.0875 3140 DcomLaunch - ok
11:28:30.0906 3140 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:28:30.0968 3140 Dhcp - ok
11:28:30.0984 3140 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:28:31.0046 3140 Disk - ok
11:28:31.0046 3140 dmadmin - ok
11:28:31.0093 3140 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:28:31.0171 3140 dmboot - ok
11:28:31.0171 3140 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:28:31.0250 3140 dmio - ok
11:28:31.0265 3140 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:28:31.0312 3140 dmload - ok
11:28:31.0328 3140 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:28:31.0390 3140 dmserver - ok
11:28:31.0421 3140 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:28:31.0500 3140 DMusic - ok
11:28:31.0531 3140 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:28:31.0562 3140 Dnscache - ok
11:28:31.0578 3140 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:28:31.0640 3140 Dot3svc - ok
11:28:31.0640 3140 dpti2o - ok
11:28:31.0687 3140 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:28:31.0734 3140 drmkaud - ok
11:28:31.0781 3140 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
11:28:31.0796 3140 dtsoftbus01 - ok
11:28:31.0828 3140 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:28:31.0875 3140 EapHost - ok
11:28:31.0890 3140 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:28:31.0953 3140 ERSvc - ok
11:28:31.0953 3140 esgiguard - ok
11:28:32.0000 3140 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
11:28:32.0031 3140 Eventlog - ok
11:28:32.0062 3140 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
11:28:32.0093 3140 EventSystem - ok
11:28:32.0125 3140 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:28:32.0203 3140 Fastfat - ok
11:28:32.0234 3140 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:28:32.0265 3140 FastUserSwitchingCompatibility - ok
11:28:32.0281 3140 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
11:28:32.0343 3140 Fdc - ok
11:28:32.0343 3140 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:28:32.0406 3140 Fips - ok
11:28:32.0406 3140 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
11:28:32.0453 3140 Flpydisk - ok
11:28:32.0500 3140 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:28:32.0562 3140 FltMgr - ok
11:28:32.0625 3140 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:28:32.0625 3140 FontCache3.0.0.0 - ok
11:28:32.0640 3140 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:28:32.0703 3140 Fs_Rec - ok
11:28:32.0718 3140 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:28:32.0781 3140 Ftdisk - ok
11:28:32.0781 3140 gdrv - ok
11:28:32.0812 3140 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:28:32.0875 3140 Gpc - ok
11:28:32.0890 3140 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
11:28:32.0906 3140 hamachi - ok
11:28:32.0984 3140 [ 616399E27A55C97AE859230EB13984D8 ] Hamachi2Svc C:\Programy\LogMeIn Hamachi\hamachi-2.exe
11:28:33.0046 3140 Hamachi2Svc - ok
11:28:33.0109 3140 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:28:33.0171 3140 HDAudBus - ok
11:28:33.0218 3140 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:28:33.0296 3140 helpsvc - ok
11:28:33.0296 3140 HidServ - ok
11:28:33.0328 3140 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:28:33.0375 3140 hidusb - ok
11:28:33.0406 3140 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:28:33.0484 3140 hkmsvc - ok
11:28:33.0484 3140 hpn - ok
11:28:33.0515 3140 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:28:33.0531 3140 HTTP - ok
11:28:33.0546 3140 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:28:33.0609 3140 HTTPFilter - ok
11:28:33.0609 3140 i2omgmt - ok
11:28:33.0609 3140 i2omp - ok
11:28:33.0640 3140 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:28:33.0718 3140 i8042prt - ok
11:28:33.0812 3140 [ A4978E73E18AED6F6765854BA27D674B ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:28:33.0968 3140 ialm - ok
11:28:34.0031 3140 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:28:34.0078 3140 idsvc - ok
11:28:34.0109 3140 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:28:34.0187 3140 Imapi - ok
11:28:34.0203 3140 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:28:34.0281 3140 ImapiService - ok
11:28:34.0281 3140 ini910u - ok
11:28:34.0484 3140 [ 791A119641F14706E6687741775AE1AA ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:28:34.0843 3140 IntcAzAudAddService - ok
11:28:34.0906 3140 [ 28B3162EC8D01114313D7F447D8E157E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:28:34.0921 3140 Intel(R) Capability Licensing Service Interface - ok
11:28:34.0921 3140 IntelIde - ok
11:28:34.0953 3140 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:28:35.0015 3140 intelppm - ok
11:28:35.0031 3140 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:28:35.0109 3140 Ip6Fw - ok
11:28:35.0109 3140 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:28:35.0187 3140 IpFilterDriver - ok
11:28:35.0187 3140 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:28:35.0234 3140 IpInIp - ok
11:28:35.0265 3140 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:28:35.0328 3140 IpNat - ok
11:28:35.0328 3140 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:28:35.0390 3140 IPSec - ok
11:28:35.0421 3140 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:28:35.0453 3140 IRENUM - ok
11:28:35.0484 3140 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:28:35.0562 3140 isapnp - ok
11:28:35.0625 3140 [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:28:35.0625 3140 jhi_service - ok
11:28:35.0671 3140 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:28:35.0718 3140 Kbdclass - ok
11:28:35.0765 3140 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:28:35.0828 3140 kmixer - ok
11:28:35.0843 3140 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:28:35.0890 3140 KSecDD - ok
11:28:35.0921 3140 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
11:28:35.0953 3140 LanmanServer - ok
11:28:35.0984 3140 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:28:36.0015 3140 lanmanworkstation - ok
11:28:36.0031 3140 lbrtfdc - ok
11:28:36.0062 3140 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:28:36.0125 3140 LmHosts - ok
11:28:36.0156 3140 [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:28:36.0171 3140 LMS - ok
11:28:36.0203 3140 [ 240D715CFE4FB8F4CDA76F6863E62334 ] MEI C:\WINDOWS\system32\DRIVERS\HECI.sys
11:28:36.0218 3140 MEI - ok
11:28:36.0250 3140 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:28:36.0312 3140 Messenger - ok
11:28:36.0343 3140 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:28:36.0390 3140 mnmdd - ok
11:28:36.0421 3140 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:28:36.0484 3140 mnmsrvc - ok
11:28:36.0500 3140 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:28:36.0562 3140 Modem - ok
11:28:36.0609 3140 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
11:28:36.0656 3140 Monfilt - ok
11:28:36.0703 3140 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:28:36.0750 3140 Mouclass - ok
11:28:36.0796 3140 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:28:36.0843 3140 mouhid - ok
11:28:36.0859 3140 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:28:36.0906 3140 MountMgr - ok
11:28:36.0906 3140 mraid35x - ok
11:28:36.0921 3140 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:28:36.0984 3140 MRxDAV - ok
11:28:37.0000 3140 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:28:37.0031 3140 MRxSmb - ok
11:28:37.0062 3140 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:28:37.0125 3140 MSDTC - ok
11:28:37.0140 3140 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:28:37.0203 3140 Msfs - ok
11:28:37.0203 3140 MSIServer - ok
11:28:37.0218 3140 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:28:37.0265 3140 MSKSSRV - ok
11:28:37.0281 3140 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:28:37.0343 3140 MSPCLOCK - ok
11:28:37.0343 3140 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:28:37.0406 3140 MSPQM - ok
11:28:37.0437 3140 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:28:37.0500 3140 mssmbios - ok
11:28:37.0531 3140 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:28:37.0562 3140 Mup - ok
11:28:37.0593 3140 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:28:37.0656 3140 napagent - ok
11:28:37.0671 3140 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:28:37.0750 3140 NDIS - ok
11:28:37.0781 3140 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:28:37.0796 3140 NdisTapi - ok
11:28:37.0812 3140 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:28:37.0890 3140 Ndisuio - ok
11:28:37.0890 3140 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:28:37.0953 3140 NdisWan - ok
11:28:37.0984 3140 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:28:38.0046 3140 NDProxy - ok
11:28:38.0062 3140 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:28:38.0125 3140 NetBIOS - ok
11:28:38.0140 3140 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:28:38.0203 3140 NetBT - ok
11:28:38.0203 3140 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:28:38.0265 3140 NetDDE - ok
11:28:38.0281 3140 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:28:38.0328 3140 NetDDEdsdm - ok
11:28:38.0343 3140 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:28:38.0421 3140 Netlogon - ok
11:28:38.0437 3140 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
11:28:38.0515 3140 Netman - ok
11:28:38.0515 3140 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:28:38.0531 3140 NetTcpPortSharing - ok
11:28:38.0546 3140 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
11:28:38.0562 3140 Nla - ok
11:28:38.0578 3140 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:28:38.0656 3140 Npfs - ok
11:28:38.0687 3140 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:28:38.0765 3140 Ntfs - ok
11:28:38.0781 3140 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:28:38.0843 3140 NtLmSsp - ok
11:28:38.0875 3140 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:28:38.0937 3140 NtmsSvc - ok
11:28:38.0968 3140 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:28:39.0015 3140 Null - ok
11:28:39.0046 3140 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:28:39.0093 3140 NwlnkFlt - ok
11:28:39.0093 3140 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:28:39.0156 3140 NwlnkFwd - ok
11:28:39.0171 3140 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
11:28:39.0234 3140 Parport - ok
11:28:39.0265 3140 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:28:39.0312 3140 PartMgr - ok
11:28:39.0343 3140 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:28:39.0406 3140 ParVdm - ok
11:28:39.0406 3140 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:28:39.0453 3140 PCI - ok
11:28:39.0468 3140 PCIDump - ok
11:28:39.0484 3140 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:28:39.0546 3140 PCIIde - ok
11:28:39.0562 3140 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:28:39.0609 3140 Pcmcia - ok
11:28:39.0625 3140 PDCOMP - ok
11:28:39.0625 3140 PDFRAME - ok
11:28:39.0625 3140 PDRELI - ok
11:28:39.0625 3140 PDRFRAME - ok
11:28:39.0625 3140 perc2 - ok
11:28:39.0625 3140 perc2hib - ok
11:28:39.0656 3140 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
11:28:39.0671 3140 PlugPlay - ok
11:28:39.0671 3140 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:28:39.0734 3140 PolicyAgent - ok
11:28:39.0765 3140 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:28:39.0812 3140 PptpMiniport - ok
11:28:39.0828 3140 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:28:39.0875 3140 ProtectedStorage - ok
11:28:39.0906 3140 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:28:39.0953 3140 PSched - ok
11:28:39.0968 3140 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:28:40.0031 3140 Ptilink - ok
11:28:40.0046 3140 ql1080 - ok
11:28:40.0046 3140 Ql10wnt - ok
11:28:40.0046 3140 ql12160 - ok
11:28:40.0046 3140 ql1240 - ok
11:28:40.0046 3140 ql1280 - ok
11:28:40.0062 3140 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:28:40.0125 3140 RasAcd - ok
11:28:40.0140 3140 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:28:40.0218 3140 RasAuto - ok
11:28:40.0234 3140 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:28:40.0296 3140 Rasl2tp - ok
11:28:40.0296 3140 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:28:40.0359 3140 RasMan - ok
11:28:40.0359 3140 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:28:40.0421 3140 RasPppoe - ok
11:28:40.0437 3140 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:28:40.0484 3140 Raspti - ok
11:28:40.0515 3140 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:28:40.0578 3140 Rdbss - ok
11:28:40.0593 3140 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:28:40.0656 3140 RDPCDD - ok
11:28:40.0703 3140 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:28:40.0781 3140 rdpdr - ok
11:28:40.0812 3140 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:28:40.0828 3140 RDPWD - ok
11:28:40.0859 3140 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:28:40.0921 3140 RDSessMgr - ok
11:28:40.0968 3140 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:28:41.0015 3140 redbook - ok
11:28:41.0062 3140 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:28:41.0125 3140 RemoteAccess - ok
11:28:41.0171 3140 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:28:41.0218 3140 RemoteRegistry - ok
11:28:41.0218 3140 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
11:28:41.0296 3140 RpcLocator - ok
11:28:41.0312 3140 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
11:28:41.0328 3140 RpcSs - ok
11:28:41.0359 3140 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:28:41.0406 3140 RSVP - ok
11:28:41.0453 3140 [ 71439E5BF872A91DB450641BE445F51C ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
11:28:41.0468 3140 RTLE8023xp - ok
11:28:41.0500 3140 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
11:28:41.0562 3140 SamSs - ok
11:28:41.0578 3140 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:28:41.0640 3140 SCardSvr - ok
11:28:41.0671 3140 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:28:41.0750 3140 Schedule - ok
11:28:41.0750 3140 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:28:41.0781 3140 Secdrv - ok
11:28:41.0812 3140 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:28:41.0875 3140 seclogon - ok
11:28:41.0906 3140 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
11:28:41.0953 3140 SENS - ok
11:28:41.0984 3140 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
11:28:42.0046 3140 Serial - ok
11:28:42.0093 3140 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:28:42.0140 3140 Sfloppy - ok
11:28:42.0171 3140 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:28:42.0234 3140 SharedAccess - ok
11:28:42.0250 3140 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:28:42.0265 3140 ShellHWDetection - ok
11:28:42.0265 3140 Simbad - ok
11:28:42.0265 3140 Sparrow - ok
11:28:42.0296 3140 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:28:42.0359 3140 splitter - ok
11:28:42.0390 3140 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:28:42.0421 3140 Spooler - ok
11:28:42.0453 3140 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:28:42.0484 3140 sr - ok
11:28:42.0515 3140 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
11:28:42.0546 3140 srservice - ok
11:28:42.0562 3140 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:28:42.0609 3140 Srv - ok
11:28:42.0640 3140 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:28:42.0671 3140 SSDPSRV - ok
11:28:42.0703 3140 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:28:42.0765 3140 stisvc - ok
11:28:42.0796 3140 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:28:42.0843 3140 swenum - ok
11:28:42.0890 3140 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:28:42.0953 3140 swmidi - ok
11:28:42.0953 3140 SwPrv - ok
11:28:42.0953 3140 symc810 - ok
11:28:42.0953 3140 symc8xx - ok
11:28:42.0953 3140 sym_hi - ok
11:28:42.0953 3140 sym_u3 - ok
11:28:42.0968 3140 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:28:43.0046 3140 sysaudio - ok
11:28:43.0062 3140 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:28:43.0125 3140 SysmonLog - ok
11:28:43.0171 3140 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:28:43.0250 3140 TapiSrv - ok
11:28:43.0265 3140 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:28:43.0281 3140 Tcpip - ok
11:28:43.0328 3140 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:28:43.0390 3140 TDPIPE - ok
11:28:43.0421 3140 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:28:43.0484 3140 TDTCP - ok
11:28:43.0500 3140 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:28:43.0578 3140 TermDD - ok
11:28:43.0609 3140 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
11:28:43.0671 3140 TermService - ok
11:28:43.0703 3140 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:28:43.0703 3140 Themes - ok
11:28:43.0734 3140 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
11:28:43.0765 3140 TlntSvr - ok
11:28:43.0781 3140 TosIde - ok
11:28:43.0796 3140 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:28:43.0859 3140 TrkWks - ok
11:28:43.0890 3140 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:28:43.0953 3140 Udfs - ok
11:28:43.0953 3140 ultra - ok
11:28:44.0015 3140 [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:28:44.0031 3140 UNS - ok
11:28:44.0093 3140 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:28:44.0156 3140 Update - ok
11:28:44.0187 3140 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
11:28:44.0218 3140 upnphost - ok
11:28:44.0234 3140 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
11:28:44.0296 3140 UPS - ok
11:28:44.0328 3140 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:28:44.0390 3140 usbehci - ok
11:28:44.0390 3140 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:28:44.0468 3140 usbhub - ok
11:28:44.0484 3140 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:28:44.0546 3140 USBSTOR - ok
11:28:44.0593 3140 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:28:44.0656 3140 VgaSave - ok
11:28:44.0656 3140 ViaIde - ok
11:28:44.0687 3140 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:28:44.0750 3140 VolSnap - ok
11:28:44.0781 3140 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
11:28:44.0812 3140 VSS - ok
11:28:44.0843 3140 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
11:28:44.0906 3140 W32Time - ok
11:28:44.0906 3140 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:28:44.0968 3140 Wanarp - ok
11:28:44.0968 3140 WDICA - ok
11:28:45.0015 3140 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:28:45.0093 3140 wdmaud - ok
11:28:45.0109 3140 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:28:45.0171 3140 WebClient - ok
11:28:45.0250 3140 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:28:45.0328 3140 winmgmt - ok
11:28:45.0343 3140 [ 6199B2AE3F9DB9CB6DB230471A1DC601 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
11:28:45.0406 3140 WmdmPmSN - ok
11:28:45.0437 3140 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:28:45.0484 3140 Wmi - ok
11:28:45.0515 3140 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:28:45.0562 3140 WmiApSrv - ok
11:28:45.0593 3140 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:28:45.0656 3140 WS2IFSL - ok
11:28:45.0687 3140 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:28:45.0765 3140 wscsvc - ok
11:28:45.0796 3140 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:28:45.0859 3140 wuauserv - ok
11:28:45.0906 3140 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:28:45.0984 3140 WZCSVC - ok
11:28:46.0000 3140 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:28:46.0109 3140 xmlprov - ok
11:28:46.0109 3140 ================ Scan global ===============================
11:28:46.0140 3140 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
11:28:46.0187 3140 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
11:28:46.0203 3140 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
11:28:46.0203 3140 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
11:28:46.0218 3140 [Global] - ok
11:28:46.0218 3140 ================ Scan MBR ==================================
11:28:46.0234 3140 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
11:28:46.0656 3140 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:28:46.0656 3140 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:28:46.0656 3140 ================ Scan VBR ==================================
11:28:46.0656 3140 [ 73C1C854615390FC71854F0B566DA2DD ] \Device\Harddisk0\DR0\Partition1
11:28:46.0656 3140 \Device\Harddisk0\DR0\Partition1 - ok
11:28:46.0656 3140 ============================================================
11:28:46.0656 3140 Scan finished
11:28:46.0656 3140 ============================================================
11:28:46.0796 3564 Detected object count: 1
11:28:46.0796 3564 Actual detected object count: 1
11:29:07.0609 3564 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:29:07.0609 3564 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:29:12.0406 0156 Deinitialize success

AswMBR:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-10 11:29:19
-----------------------------
11:29:19.593 OS Version: Windows 5.1.2600 Service Pack 3
11:29:19.593 Number of processors: 2 586 0x2A07
11:29:19.593 ComputerName: LIBOR-PC UserName: Libor
11:29:19.953 Initialize success
11:29:21.687 AVAST engine defs: 13021000
11:29:27.000 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:29:27.000 Disk 0 Vendor: ST380819AS 3.02 Size: 76319MB BusType: 3
11:29:27.015 Disk 0 MBR read successfully
11:29:27.015 Disk 0 MBR scan
11:29:27.062 Disk 0 Windows XP default MBR code
11:29:27.078 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
11:29:27.078 Disk 0 scanning sectors +156280320
11:29:27.140 Disk 0 scanning C:\WINDOWS\system32\drivers
11:29:34.640 Service scanning
11:29:43.140 Modules scanning
11:29:46.562 Disk 0 trace - called modules:
11:29:46.578 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
11:29:46.578 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89b24ab8]
11:29:46.593 3 CLASSPNP.SYS[b98e8fd7] -> nt!IofCallDriver -> \Device\0000006a[0x89b01260]
11:29:46.593 5 ACPI.sys[b977f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89b35d98]
11:29:46.781 AVAST engine scan C:\WINDOWS
11:29:49.203 AVAST engine scan C:\WINDOWS\system32
11:30:51.343 AVAST engine scan C:\WINDOWS\system32\drivers
11:30:56.765 AVAST engine scan C:\Documents and Settings\Libor
11:31:24.828 AVAST engine scan C:\Documents and Settings\All Users
11:31:28.734 Scan finished successfully
11:31:36.625 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Libor\Plocha\MBR.dat"
11:31:36.625 The log file has been saved successfully to "C:\Documents and Settings\Libor\Plocha\aswMBR.txt"

Re: relevantknowledge

Napsal: 10 úno 2013 14:08
od Márty84
Vyborne. Je to v poradku. Takze do tretice, tentokrat uz naposled

Zopakujte tyto kroky
:arrow:
vyosek píše::arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.


A ted uz to fakt bude vse, pokud se tedy neobjevi nejaky problem :)

Re: relevantknowledge

Napsal: 10 úno 2013 18:52
od stroupek
Vše bez problémů. Ještě jednou díky :)

Re: relevantknowledge

Napsal: 10 úno 2013 19:27
od Márty84
Jeste jednou neni zac :wink:

A ted uz definitivne :James008:

:closed:
Všechny časy jsou v UTC+01:00
Stránka 3 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz