18:45:09.0312 1748 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
18:45:09.0609 1748 ============================================================
18:45:09.0609 1748 Current date / time: 2012/05/17 18:45:09.0609
18:45:09.0609 1748 SystemInfo:
18:45:09.0609 1748
18:45:09.0609 1748 OS Version: 5.1.2600 ServicePack: 3.0
18:45:09.0609 1748 Product type: Workstation
18:45:09.0609 1748 ComputerName: ANDREJ-PC
18:45:09.0609 1748 UserName: Andrej
18:45:09.0609 1748 Windows directory: C:\WINDOWS
18:45:09.0609 1748 System windows directory: C:\WINDOWS
18:45:09.0609 1748 Processor architecture: Intel x86
18:45:09.0609 1748 Number of processors: 1
18:45:09.0609 1748 Page size: 0x1000
18:45:09.0609 1748 Boot type: Normal boot
18:45:09.0609 1748 ============================================================
18:45:14.0937 1748 Drive \Device\Harddisk0\DR0 - Size: 0x1C9FEF0000 (114.50 Gb), SectorSize: 0x200, Cylinders: 0x3A62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:45:15.0015 1748 ============================================================
18:45:15.0015 1748 \Device\Harddisk0\DR0:
18:45:15.0015 1748 MBR partitions:
18:45:15.0015 1748 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE4F80E2
18:45:15.0015 1748 ============================================================
18:45:15.0031 1748 C: <-> \Device\Harddisk0\DR0\Partition0
18:45:15.0031 1748 ============================================================
18:45:15.0031 1748 Initialize success
18:45:15.0031 1748 ============================================================
18:45:19.0281 3496 ============================================================
18:45:19.0281 3496 Scan started
18:45:19.0281 3496 Mode: Manual;
18:45:19.0281 3496 ============================================================
18:45:19.0921 3496 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
18:45:19.0937 3496 Aavmker4 - ok
18:45:20.0000 3496 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:45:20.0015 3496 ACPI - ok
18:45:20.0062 3496 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:45:20.0078 3496 ACPIEC - ok
18:45:20.0171 3496 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:45:20.0187 3496 AdobeFlashPlayerUpdateSvc - ok
18:45:20.0234 3496 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
18:45:20.0234 3496 aeaudio - ok
18:45:20.0250 3496 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:45:20.0265 3496 aec - ok
18:45:20.0296 3496 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:45:20.0312 3496 AFD - ok
18:45:20.0343 3496 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
18:45:20.0375 3496 Alerter - ok
18:45:20.0421 3496 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
18:45:20.0437 3496 ALG - ok
18:45:20.0484 3496 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
18:45:20.0484 3496 AliIde - ok
18:45:20.0562 3496 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
18:45:20.0578 3496 AmdPPM - ok
18:45:20.0656 3496 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:45:20.0687 3496 Apple Mobile Device - ok
18:45:20.0750 3496 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
18:45:20.0781 3496 AppMgmt - ok
18:45:21.0031 3496 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:45:21.0093 3496 aspnet_state - ok
18:45:21.0218 3496 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:45:21.0234 3496 aswFsBlk - ok
18:45:21.0296 3496 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
18:45:21.0312 3496 aswMon2 - ok
18:45:21.0421 3496 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
18:45:21.0437 3496 aswRdr - ok
18:45:21.0640 3496 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
18:45:22.0078 3496 aswSnx - ok
18:45:22.0140 3496 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
18:45:22.0156 3496 aswSP - ok
18:45:22.0203 3496 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
18:45:22.0203 3496 aswTdi - ok
18:45:22.0250 3496 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:45:22.0281 3496 AsyncMac - ok
18:45:22.0312 3496 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:45:22.0312 3496 atapi - ok
18:45:22.0390 3496 Ati HotKey Poller (df7ce16cff3217e71742e3d700844c07) C:\WINDOWS\system32\Ati2evxx.exe
18:45:22.0421 3496 Ati HotKey Poller - ok
18:45:22.0546 3496 ATI Smart (01b14b2ec8123995e2b961d42bac8ef9) C:\WINDOWS\system32\ati2sgag.exe
18:45:22.0562 3496 ATI Smart - ok
18:45:22.0625 3496 ati2mtag (49c75e63b8b23b0e534447ba25ce2e76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:45:22.0640 3496 ati2mtag - ok
18:45:22.0687 3496 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:45:22.0703 3496 Atmarpc - ok
18:45:22.0750 3496 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
18:45:22.0765 3496 AudioSrv - ok
18:45:22.0828 3496 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:45:22.0828 3496 audstub - ok
18:45:22.0906 3496 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:45:22.0921 3496 avast! Antivirus - ok
18:45:22.0953 3496 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:45:22.0953 3496 Beep - ok
18:45:23.0000 3496 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
18:45:23.0046 3496 BITS - ok
18:45:23.0171 3496 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
18:45:23.0187 3496 Bonjour Service - ok
18:45:23.0218 3496 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
18:45:23.0218 3496 Browser - ok
18:45:23.0250 3496 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:45:23.0265 3496 cbidf2k - ok
18:45:23.0296 3496 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:45:23.0343 3496 Cdaudio - ok
18:45:23.0390 3496 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:45:23.0390 3496 Cdfs - ok
18:45:23.0437 3496 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:45:23.0453 3496 Cdrom - ok
18:45:23.0484 3496 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
18:45:23.0484 3496 CiSvc - ok
18:45:23.0515 3496 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
18:45:23.0546 3496 ClipSrv - ok
18:45:23.0640 3496 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:45:23.0671 3496 clr_optimization_v2.0.50727_32 - ok
18:45:23.0718 3496 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:45:23.0734 3496 clr_optimization_v4.0.30319_32 - ok
18:45:23.0765 3496 COMSysApp - ok
18:45:23.0812 3496 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
18:45:23.0828 3496 CryptSvc - ok
18:45:23.0843 3496 dac2w2k - ok
18:45:23.0890 3496 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
18:45:23.0906 3496 DcomLaunch - ok
18:45:23.0953 3496 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
18:45:23.0968 3496 Dhcp - ok
18:45:24.0000 3496 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:45:24.0000 3496 Disk - ok
18:45:24.0015 3496 dmadmin - ok
18:45:24.0078 3496 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
18:45:24.0125 3496 dmboot - ok
18:45:24.0171 3496 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
18:45:24.0187 3496 dmio - ok
18:45:24.0203 3496 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:45:24.0203 3496 dmload - ok
18:45:24.0234 3496 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
18:45:24.0234 3496 dmserver - ok
18:45:24.0281 3496 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:45:24.0281 3496 DMusic - ok
18:45:24.0312 3496 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
18:45:24.0328 3496 Dnscache - ok
18:45:24.0375 3496 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
18:45:24.0375 3496 Dot3svc - ok
18:45:24.0390 3496 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:45:24.0390 3496 drmkaud - ok
18:45:24.0406 3496 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
18:45:24.0421 3496 EapHost - ok
18:45:24.0421 3496 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
18:45:24.0453 3496 ERSvc - ok
18:45:24.0546 3496 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
18:45:24.0562 3496 Eventlog - ok
18:45:24.0609 3496 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
18:45:24.0625 3496 EventSystem - ok
18:45:24.0671 3496 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:45:24.0671 3496 Fastfat - ok
18:45:24.0718 3496 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
18:45:24.0734 3496 FastUserSwitchingCompatibility - ok
18:45:24.0765 3496 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:45:24.0781 3496 Fdc - ok
18:45:24.0828 3496 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
18:45:24.0828 3496 Fips - ok
18:45:24.0843 3496 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:45:24.0859 3496 Flpydisk - ok
18:45:24.0906 3496 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:45:24.0906 3496 FltMgr - ok
18:45:24.0984 3496 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:45:24.0984 3496 FontCache3.0.0.0 - ok
18:45:25.0015 3496 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:45:25.0015 3496 Fs_Rec - ok
18:45:25.0046 3496 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:45:25.0046 3496 Ftdisk - ok
18:45:25.0093 3496 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:45:25.0109 3496 GEARAspiWDM - ok
18:45:25.0125 3496 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:45:25.0156 3496 Gpc - ok
18:45:25.0203 3496 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:45:25.0218 3496 helpsvc - ok
18:45:25.0250 3496 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
18:45:25.0265 3496 HidServ - ok
18:45:25.0296 3496 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:45:25.0312 3496 hidusb - ok
18:45:25.0343 3496 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
18:45:25.0359 3496 hkmsvc - ok
18:45:25.0406 3496 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:45:25.0421 3496 HTTP - ok
18:45:25.0437 3496 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
18:45:25.0515 3496 HTTPFilter - ok
18:45:25.0546 3496 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\drivers\i8042prt.sys
18:45:25.0562 3496 i8042prt - ok
18:45:25.0640 3496 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:45:25.0640 3496 IDriverT - ok
18:45:25.0734 3496 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:45:25.0796 3496 idsvc - ok
18:45:25.0843 3496 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:45:25.0859 3496 Imapi - ok
18:45:25.0890 3496 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
18:45:25.0906 3496 ImapiService - ok
18:45:25.0937 3496 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:45:25.0953 3496 Ip6Fw - ok
18:45:25.0984 3496 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:45:26.0000 3496 IpFilterDriver - ok
18:45:26.0000 3496 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:45:26.0015 3496 IpInIp - ok
18:45:26.0046 3496 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:45:26.0046 3496 IpNat - ok
18:45:26.0203 3496 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
18:45:26.0234 3496 iPod Service - ok
18:45:26.0265 3496 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:45:26.0281 3496 IPSec - ok
18:45:26.0312 3496 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:45:26.0328 3496 IRENUM - ok
18:45:26.0375 3496 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:45:26.0390 3496 isapnp - ok
18:45:26.0453 3496 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
18:45:26.0468 3496 JavaQuickStarterService - ok
18:45:26.0531 3496 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:45:26.0562 3496 Kbdclass - ok
18:45:26.0562 3496 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:45:26.0578 3496 kbdhid - ok
18:45:26.0640 3496 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:45:26.0640 3496 kmixer - ok
18:45:26.0656 3496 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:45:26.0671 3496 KSecDD - ok
18:45:26.0718 3496 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
18:45:26.0750 3496 LanmanServer - ok
18:45:26.0796 3496 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
18:45:26.0812 3496 lanmanworkstation - ok
18:45:26.0859 3496 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
18:45:26.0875 3496 LmHosts - ok
18:45:26.0890 3496 m5289 (2424b13987360840b4bf4e5fb5a66d3f) C:\WINDOWS\system32\DRIVERS\m5289.sys
18:45:26.0906 3496 m5289 - ok
18:45:26.0968 3496 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
18:45:26.0984 3496 McAfee SiteAdvisor Service - ok
18:45:27.0328 3496 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
18:45:27.0343 3496 McComponentHostService - ok
18:45:27.0390 3496 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
18:45:27.0390 3496 Messenger - ok
18:45:27.0437 3496 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:45:27.0437 3496 mnmdd - ok
18:45:27.0500 3496 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
18:45:27.0515 3496 mnmsrvc - ok
18:45:27.0562 3496 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
18:45:27.0593 3496 Modem - ok
18:45:27.0609 3496 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:45:27.0625 3496 Mouclass - ok
18:45:27.0640 3496 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:45:27.0656 3496 mouhid - ok
18:45:27.0671 3496 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:45:27.0687 3496 MountMgr - ok
18:45:27.0703 3496 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:45:27.0718 3496 MRxDAV - ok
18:45:27.0750 3496 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:45:27.0796 3496 MRxSmb - ok
18:45:27.0843 3496 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
18:45:27.0843 3496 MSDTC - ok
18:45:27.0859 3496 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:45:27.0875 3496 Msfs - ok
18:45:27.0890 3496 MSIServer - ok
18:45:27.0921 3496 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:45:27.0921 3496 MSKSSRV - ok
18:45:27.0937 3496 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:45:27.0937 3496 MSPCLOCK - ok
18:45:27.0953 3496 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:45:27.0953 3496 MSPQM - ok
18:45:27.0984 3496 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:45:28.0000 3496 mssmbios - ok
18:45:28.0031 3496 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:45:28.0046 3496 Mup - ok
18:45:28.0078 3496 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
18:45:28.0093 3496 napagent - ok
18:45:28.0234 3496 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
18:45:28.0250 3496 NAUpdate - ok
18:45:28.0312 3496 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
18:45:28.0343 3496 NBService - ok
18:45:28.0421 3496 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:45:28.0437 3496 NDIS - ok
18:45:28.0484 3496 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:45:28.0500 3496 NdisTapi - ok
18:45:28.0515 3496 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:45:28.0546 3496 Ndisuio - ok
18:45:28.0546 3496 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:45:28.0562 3496 NdisWan - ok
18:45:28.0593 3496 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:45:28.0609 3496 NDProxy - ok
18:45:28.0640 3496 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:45:28.0656 3496 NetBIOS - ok
18:45:28.0671 3496 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:45:28.0687 3496 NetBT - ok
18:45:28.0734 3496 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
18:45:28.0734 3496 NetDDE - ok
18:45:28.0750 3496 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
18:45:28.0750 3496 NetDDEdsdm - ok
18:45:28.0796 3496 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
18:45:28.0796 3496 Netlogon - ok
18:45:28.0828 3496 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
18:45:28.0843 3496 Netman - ok
18:45:28.0937 3496 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:45:28.0937 3496 NetTcpPortSharing - ok
18:45:28.0968 3496 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
18:45:28.0984 3496 Nla - ok
18:45:29.0078 3496 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
18:45:29.0109 3496 NMIndexingService - ok
18:45:29.0125 3496 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:45:29.0140 3496 Npfs - ok
18:45:29.0187 3496 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:45:29.0218 3496 Ntfs - ok
18:45:29.0250 3496 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
18:45:29.0265 3496 NtLmSsp - ok
18:45:29.0312 3496 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
18:45:29.0328 3496 NtmsSvc - ok
18:45:29.0359 3496 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:45:29.0359 3496 Null - ok
18:45:29.0390 3496 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:45:29.0421 3496 NwlnkFlt - ok
18:45:29.0437 3496 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:45:29.0437 3496 NwlnkFwd - ok
18:45:29.0593 3496 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:45:29.0609 3496 odserv - ok
18:45:29.0687 3496 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
18:45:29.0703 3496 OMSI download service - ok
18:45:29.0718 3496 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:45:29.0734 3496 ose - ok
18:45:29.0765 3496 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
18:45:29.0781 3496 Parport - ok
18:45:29.0812 3496 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:45:29.0828 3496 PartMgr - ok
18:45:29.0875 3496 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
18:45:29.0875 3496 ParVdm - ok
18:45:29.0906 3496 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
18:45:29.0906 3496 PCI - ok
18:45:29.0937 3496 PCIDump - ok
18:45:29.0984 3496 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:45:29.0984 3496 Pcmcia - ok
18:45:30.0125 3496 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
18:45:30.0125 3496 PlugPlay - ok
18:45:30.0171 3496 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
18:45:30.0171 3496 PolicyAgent - ok
18:45:30.0234 3496 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:45:30.0265 3496 PptpMiniport - ok
18:45:30.0281 3496 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
18:45:30.0312 3496 Processor - ok
18:45:30.0328 3496 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
18:45:30.0328 3496 ProtectedStorage - ok
18:45:30.0406 3496 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:45:30.0437 3496 PSched - ok
18:45:30.0468 3496 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:45:30.0468 3496 Ptilink - ok
18:45:30.0593 3496 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:45:30.0609 3496 PxHelp20 - ok
18:45:30.0640 3496 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:45:30.0656 3496 RasAcd - ok
18:45:30.0796 3496 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
18:45:30.0828 3496 RasAuto - ok
18:45:30.0921 3496 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:45:30.0953 3496 Rasl2tp - ok
18:45:31.0109 3496 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
18:45:31.0250 3496 RasMan - ok
18:45:31.0250 3496 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:45:31.0328 3496 RasPppoe - ok
18:45:31.0328 3496 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:45:31.0359 3496 Raspti - ok
18:45:31.0421 3496 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:45:31.0515 3496 Rdbss - ok
18:45:31.0515 3496 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:45:31.0515 3496 RDPCDD - ok
18:45:31.0640 3496 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:45:31.0656 3496 rdpdr - ok
18:45:31.0750 3496 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
18:45:31.0812 3496 RDPWD - ok
18:45:31.0921 3496 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
18:45:31.0984 3496 RDSessMgr - ok
18:45:32.0062 3496 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:45:32.0093 3496 redbook - ok
18:45:32.0125 3496 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
18:45:32.0156 3496 RemoteAccess - ok
18:45:32.0187 3496 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
18:45:32.0218 3496 RemoteRegistry - ok
18:45:32.0234 3496 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
18:45:32.0250 3496 RpcLocator - ok
18:45:32.0296 3496 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
18:45:32.0312 3496 RpcSs - ok
18:45:32.0343 3496 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
18:45:32.0359 3496 RSVP - ok
18:45:32.0375 3496 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
18:45:32.0390 3496 SamSs - ok
18:45:32.0406 3496 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
18:45:32.0421 3496 SCardSvr - ok
18:45:32.0718 3496 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
18:45:33.0234 3496 Schedule - ok
18:45:33.0390 3496 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:45:33.0421 3496 Secdrv - ok
18:45:33.0453 3496 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
18:45:33.0500 3496 seclogon - ok
18:45:33.0562 3496 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
18:45:33.0656 3496 seehcri - ok
18:45:33.0734 3496 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
18:45:33.0781 3496 SENS - ok
18:45:33.0906 3496 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:45:33.0921 3496 serenum - ok
18:45:34.0093 3496 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
18:45:34.0125 3496 Serial - ok
18:45:34.0250 3496 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:45:34.0281 3496 Sfloppy - ok
18:45:34.0625 3496 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
18:45:34.0703 3496 SharedAccess - ok
18:45:34.0796 3496 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
18:45:34.0890 3496 ShellHWDetection - ok
18:45:35.0203 3496 smwdm (f1b8248d5d7e151b8934cdef4424fb6e) C:\WINDOWS\system32\drivers\smwdm.sys
18:45:35.0234 3496 smwdm - ok
18:45:35.0328 3496 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
18:45:35.0328 3496 SoundMAX Agent Service (default) - ok
18:45:35.0375 3496 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:45:35.0375 3496 splitter - ok
18:45:35.0453 3496 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
18:45:35.0546 3496 Spooler - ok
18:45:35.0609 3496 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
18:45:35.0640 3496 sr - ok
18:45:35.0703 3496 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
18:45:35.0812 3496 srservice - ok
18:45:35.0921 3496 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:45:35.0953 3496 Srv - ok
18:45:36.0000 3496 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
18:45:36.0062 3496 SSDPSRV - ok
18:45:36.0125 3496 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
18:45:36.0187 3496 stisvc - ok
18:45:36.0218 3496 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:45:36.0250 3496 swenum - ok
18:45:36.0328 3496 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:45:36.0328 3496 swmidi - ok
18:45:36.0343 3496 SwPrv - ok
18:45:36.0406 3496 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:45:36.0437 3496 sysaudio - ok
18:45:36.0515 3496 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
18:45:36.0578 3496 SysmonLog - ok
18:45:36.0734 3496 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
18:45:36.0921 3496 TapiSrv - ok
18:45:37.0109 3496 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:45:37.0125 3496 Tcpip - ok
18:45:37.0171 3496 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:45:37.0171 3496 TDPIPE - ok
18:45:37.0234 3496 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:45:37.0234 3496 TDTCP - ok
18:45:37.0312 3496 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:45:37.0328 3496 TermDD - ok
18:45:37.0468 3496 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
18:45:37.0578 3496 TermService - ok
18:45:37.0671 3496 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
18:45:37.0765 3496 Themes - ok
18:45:37.0828 3496 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
18:45:37.0953 3496 TlntSvr - ok
18:45:38.0062 3496 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
18:45:38.0156 3496 TrkWks - ok
18:45:38.0281 3496 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:45:38.0296 3496 Udfs - ok
18:45:38.0343 3496 ULI5261 (564f1f82fb5c0249be0cfee4c826be95) C:\WINDOWS\system32\DRIVERS\ULILAN.SYS
18:45:38.0343 3496 ULI5261 - ok
18:45:38.0390 3496 uliagpkx (4acecaa41d5f1a4cd3c78afc4de0a8c3) C:\WINDOWS\system32\DRIVERS\agpkx.sys
18:45:38.0421 3496 uliagpkx - ok
18:45:38.0562 3496 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:45:38.0593 3496 Update - ok
18:45:38.0687 3496 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
18:45:38.0734 3496 upnphost - ok
18:45:38.0750 3496 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
18:45:38.0781 3496 UPS - ok
18:45:38.0843 3496 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:45:38.0859 3496 usbccgp - ok
18:45:38.0906 3496 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:45:38.0906 3496 usbehci - ok
18:45:38.0937 3496 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:45:38.0968 3496 usbhub - ok
18:45:38.0984 3496 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:45:38.0984 3496 usbohci - ok
18:45:39.0031 3496 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:45:39.0046 3496 usbprint - ok
18:45:39.0093 3496 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:45:39.0093 3496 usbscan - ok
18:45:39.0125 3496 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
18:45:39.0125 3496 usbser - ok
18:45:39.0140 3496 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:45:39.0156 3496 USBSTOR - ok
18:45:39.0171 3496 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:45:39.0187 3496 VgaSave - ok
18:45:39.0218 3496 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
18:45:39.0234 3496 VolSnap - ok
18:45:39.0281 3496 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
18:45:39.0296 3496 VSS - ok
18:45:39.0328 3496 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
18:45:39.0343 3496 W32Time - ok
18:45:39.0375 3496 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:45:39.0390 3496 Wanarp - ok
18:45:39.0437 3496 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:45:39.0437 3496 wdmaud - ok
18:45:39.0515 3496 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
18:45:39.0531 3496 WebClient - ok
18:45:39.0625 3496 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
18:45:39.0656 3496 winmgmt - ok
18:45:39.0734 3496 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
18:45:39.0843 3496 WinRM - ok
18:45:39.0937 3496 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
18:45:39.0953 3496 WmdmPmSN - ok
18:45:40.0015 3496 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
18:45:40.0031 3496 Wmi - ok
18:45:40.0093 3496 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:45:40.0109 3496 WmiApSrv - ok
18:45:40.0203 3496 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
18:45:40.0218 3496 WMPNetworkSvc - ok
18:45:40.0281 3496 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:45:40.0281 3496 WpdUsb - ok
18:45:40.0453 3496 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:45:40.0578 3496 WPFFontCache_v0400 - ok
18:45:40.0718 3496 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:45:40.0718 3496 WS2IFSL - ok
18:45:40.0765 3496 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
18:45:40.0796 3496 wscsvc - ok
18:45:40.0812 3496 WSearch - ok
18:45:40.0890 3496 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
18:45:40.0890 3496 wuauserv - ok
18:45:40.0921 3496 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:45:40.0937 3496 WudfPf - ok
18:45:40.0968 3496 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:45:40.0984 3496 WudfRd - ok
18:45:41.0015 3496 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
18:45:41.0046 3496 WudfSvc - ok
18:45:41.0078 3496 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
18:45:41.0093 3496 WZCSVC - ok
18:45:41.0140 3496 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
18:45:41.0156 3496 xmlprov - ok
18:45:41.0171 3496 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
18:45:41.0562 3496 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
18:45:41.0562 3496 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
18:45:41.0578 3496 Boot (0x1200) (9be5d266fcadabcb49b4955ca74310d9) \Device\Harddisk0\DR0\Partition0
18:45:41.0578 3496 \Device\Harddisk0\DR0\Partition0 - ok
18:45:41.0578 3496 ============================================================
18:45:41.0578 3496 Scan finished
18:45:41.0578 3496 ============================================================
18:45:41.0593 1288 Detected object count: 1
18:45:41.0593 1288 Actual detected object count: 1
18:46:00.0484 1288 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
18:46:00.0484 1288 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu Logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu Logu
Volam sa Andrea 
a som tu, od poslednej odpovede som sa neodhlasila. Kedze studujem v inom meste mozem to riesit len ked som doma, kedze PC s ktorym mam problem nie je prenosny notebook ale pevna, velka bedna. Ospravedlnujem, sa. Uz na tom pracujem, musim stiahnut najskor Nero
a som tu, od poslednej odpovede som sa neodhlasila. Kedze studujem v inom meste mozem to riesit len ked som doma, kedze PC s ktorym mam problem nie je prenosny notebook ale pevna, velka bedna. Ospravedlnujem, sa. Uz na tom pracujem, musim stiahnut najskor Nero Re: Prosím o kontrolu Logu
Nic sa nestalo Nero tu nakoniec mam... este mi stahuje ten Hirens..... Z toho linku to nejak neslo stale ma odkazalo len na nejake forum a ani odtial to neslo stiahnut hodilo mi ze mi dakuju za stiahnutie ale ziaden subor mi to nestihlo. Nasla som ale to iste na inej stranke. Ked sa mi podari to dostahovat, vypalit a spravit vsetko ostatne ozvem sa
Nero tu nakoniec mam... este mi stahuje ten Hirens..... Z toho linku to nejak neslo stale ma odkazalo len na nejake forum a ani odtial to neslo stiahnut hodilo mi ze mi dakuju za stiahnutie ale ziaden subor mi to nestihlo. Nasla som ale to iste na inej stranke. Ked sa mi podari to dostahovat, vypalit a spravit vsetko ostatne ozvem sa -
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu Logu
Naughty promine 
addulka - možná bude jednodušší použít http://www.stahuj.centrum.cz/multimedia ... iso-burner
Nero je moloch
addulka - možná bude jednodušší použít http://www.stahuj.centrum.cz/multimedia ... iso-burner
Nero je moloch
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosím o kontrolu Logu
20:46:24.0500 3872 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
20:46:24.0656 3872 ============================================================
20:46:24.0656 3872 Current date / time: 2012/05/17 20:46:24.0656
20:46:24.0656 3872 SystemInfo:
20:46:24.0656 3872
20:46:24.0656 3872 OS Version: 5.1.2600 ServicePack: 3.0
20:46:24.0656 3872 Product type: Workstation
20:46:24.0656 3872 ComputerName: ANDREJ-PC
20:46:24.0656 3872 UserName: Andrej
20:46:24.0656 3872 Windows directory: C:\WINDOWS
20:46:24.0656 3872 System windows directory: C:\WINDOWS
20:46:24.0656 3872 Processor architecture: Intel x86
20:46:24.0656 3872 Number of processors: 1
20:46:24.0656 3872 Page size: 0x1000
20:46:24.0656 3872 Boot type: Normal boot
20:46:24.0656 3872 ============================================================
20:46:32.0109 3872 Drive \Device\Harddisk0\DR0 - Size: 0x1C9FEF0000 (114.50 Gb), SectorSize: 0x200, Cylinders: 0x3A62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:46:32.0140 3872 ============================================================
20:46:32.0140 3872 \Device\Harddisk0\DR0:
20:46:32.0156 3872 MBR partitions:
20:46:32.0156 3872 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE4F80E2
20:46:32.0156 3872 ============================================================
20:46:32.0203 3872 C: <-> \Device\Harddisk0\DR0\Partition0
20:46:32.0203 3872 ============================================================
20:46:32.0203 3872 Initialize success
20:46:32.0203 3872 ============================================================
20:46:33.0859 3940 ============================================================
20:46:33.0859 3940 Scan started
20:46:33.0859 3940 Mode: Manual;
20:46:33.0859 3940 ============================================================
20:46:36.0046 3940 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
20:46:36.0062 3940 Aavmker4 - ok
20:46:36.0187 3940 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:46:36.0218 3940 ACPI - ok
20:46:36.0359 3940 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:46:36.0375 3940 ACPIEC - ok
20:46:36.0484 3940 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:46:36.0531 3940 AdobeFlashPlayerUpdateSvc - ok
20:46:36.0625 3940 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
20:46:36.0625 3940 aeaudio - ok
20:46:36.0734 3940 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:46:36.0750 3940 aec - ok
20:46:38.0375 3940 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:46:38.0406 3940 AFD - ok
20:46:38.0593 3940 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
20:46:38.0625 3940 Alerter - ok
20:46:38.0687 3940 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
20:46:38.0703 3940 ALG - ok
20:46:38.0750 3940 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
20:46:38.0750 3940 AliIde - ok
20:46:38.0812 3940 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
20:46:38.0828 3940 AmdPPM - ok
20:46:39.0000 3940 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:46:39.0015 3940 Apple Mobile Device - ok
20:46:39.0203 3940 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
20:46:39.0328 3940 AppMgmt - ok
20:46:39.0796 3940 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:46:39.0843 3940 aspnet_state - ok
20:46:39.0953 3940 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
20:46:39.0984 3940 aswFsBlk - ok
20:46:40.0093 3940 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
20:46:40.0109 3940 aswMon2 - ok
20:46:40.0140 3940 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
20:46:40.0156 3940 aswRdr - ok
20:46:40.0437 3940 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
20:46:40.0671 3940 aswSnx - ok
20:46:41.0093 3940 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
20:46:41.0171 3940 aswSP - ok
20:46:41.0421 3940 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
20:46:41.0453 3940 aswTdi - ok
20:46:41.0578 3940 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:46:41.0625 3940 AsyncMac - ok
20:46:41.0718 3940 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:46:41.0734 3940 atapi - ok
20:46:41.0890 3940 Ati HotKey Poller (df7ce16cff3217e71742e3d700844c07) C:\WINDOWS\system32\Ati2evxx.exe
20:46:41.0968 3940 Ati HotKey Poller - ok
20:46:42.0156 3940 ATI Smart (01b14b2ec8123995e2b961d42bac8ef9) C:\WINDOWS\system32\ati2sgag.exe
20:46:42.0328 3940 ATI Smart - ok
20:46:42.0703 3940 ati2mtag (49c75e63b8b23b0e534447ba25ce2e76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:46:42.0781 3940 ati2mtag - ok
20:46:42.0828 3940 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:46:42.0843 3940 Atmarpc - ok
20:46:42.0890 3940 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
20:46:42.0906 3940 AudioSrv - ok
20:46:42.0953 3940 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:46:42.0953 3940 audstub - ok
20:46:43.0046 3940 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:46:43.0062 3940 avast! Antivirus - ok
20:46:43.0109 3940 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:46:43.0109 3940 Beep - ok
20:46:43.0156 3940 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
20:46:43.0203 3940 BITS - ok
20:46:43.0343 3940 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:46:43.0390 3940 Bonjour Service - ok
20:46:43.0437 3940 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
20:46:43.0453 3940 Browser - ok
20:46:43.0515 3940 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:46:43.0531 3940 cbidf2k - ok
20:46:43.0546 3940 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:46:43.0562 3940 Cdaudio - ok
20:46:43.0578 3940 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:46:43.0578 3940 Cdfs - ok
20:46:43.0625 3940 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:46:43.0640 3940 Cdrom - ok
20:46:43.0656 3940 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
20:46:43.0671 3940 CiSvc - ok
20:46:43.0687 3940 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
20:46:43.0703 3940 ClipSrv - ok
20:46:43.0765 3940 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:46:43.0812 3940 clr_optimization_v2.0.50727_32 - ok
20:46:43.0859 3940 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:46:43.0890 3940 clr_optimization_v4.0.30319_32 - ok
20:46:43.0906 3940 COMSysApp - ok
20:46:43.0968 3940 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
20:46:43.0984 3940 CryptSvc - ok
20:46:43.0984 3940 dac2w2k - ok
20:46:44.0046 3940 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
20:46:44.0078 3940 DcomLaunch - ok
20:46:44.0109 3940 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
20:46:44.0125 3940 Dhcp - ok
20:46:44.0171 3940 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:46:44.0171 3940 Disk - ok
20:46:44.0187 3940 dmadmin - ok
20:46:44.0234 3940 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
20:46:44.0312 3940 dmboot - ok
20:46:44.0328 3940 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
20:46:44.0343 3940 dmio - ok
20:46:44.0375 3940 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:46:44.0375 3940 dmload - ok
20:46:44.0390 3940 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
20:46:44.0406 3940 dmserver - ok
20:46:44.0453 3940 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:46:44.0468 3940 DMusic - ok
20:46:44.0531 3940 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
20:46:44.0562 3940 Dnscache - ok
20:46:44.0593 3940 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
20:46:44.0625 3940 Dot3svc - ok
20:46:44.0625 3940 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:46:44.0640 3940 drmkaud - ok
20:46:44.0656 3940 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
20:46:44.0671 3940 EapHost - ok
20:46:44.0703 3940 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
20:46:44.0703 3940 ERSvc - ok
20:46:44.0750 3940 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
20:46:44.0765 3940 Eventlog - ok
20:46:44.0828 3940 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
20:46:44.0843 3940 EventSystem - ok
20:46:44.0890 3940 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:46:44.0906 3940 Fastfat - ok
20:46:44.0937 3940 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
20:46:44.0953 3940 FastUserSwitchingCompatibility - ok
20:46:44.0984 3940 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:46:45.0000 3940 Fdc - ok
20:46:45.0015 3940 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
20:46:45.0031 3940 Fips - ok
20:46:45.0046 3940 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:46:45.0062 3940 Flpydisk - ok
20:46:45.0093 3940 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:46:45.0109 3940 FltMgr - ok
20:46:45.0187 3940 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:46:45.0203 3940 FontCache3.0.0.0 - ok
20:46:45.0218 3940 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:46:45.0218 3940 Fs_Rec - ok
20:46:45.0250 3940 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:46:45.0296 3940 Ftdisk - ok
20:46:45.0343 3940 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:46:45.0343 3940 GEARAspiWDM - ok
20:46:45.0390 3940 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:46:45.0390 3940 Gpc - ok
20:46:45.0406 3940 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:46:45.0421 3940 helpsvc - ok
20:46:45.0453 3940 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
20:46:45.0531 3940 HidServ - ok
20:46:45.0578 3940 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:46:45.0593 3940 hidusb - ok
20:46:45.0625 3940 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
20:46:45.0640 3940 hkmsvc - ok
20:46:45.0671 3940 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:46:45.0687 3940 HTTP - ok
20:46:45.0734 3940 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
20:46:45.0750 3940 HTTPFilter - ok
20:46:45.0796 3940 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\drivers\i8042prt.sys
20:46:45.0796 3940 i8042prt - ok
20:46:45.0906 3940 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
20:46:45.0906 3940 IDriverT - ok
20:46:46.0015 3940 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:46:46.0062 3940 idsvc - ok
20:46:46.0109 3940 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:46:46.0125 3940 Imapi - ok
20:46:46.0156 3940 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
20:46:46.0171 3940 ImapiService - ok
20:46:46.0218 3940 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:46:46.0234 3940 Ip6Fw - ok
20:46:46.0265 3940 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:46:46.0281 3940 IpFilterDriver - ok
20:46:46.0296 3940 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:46:46.0296 3940 IpInIp - ok
20:46:46.0328 3940 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:46:46.0328 3940 IpNat - ok
20:46:46.0421 3940 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
20:46:46.0453 3940 iPod Service - ok
20:46:46.0515 3940 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:46:46.0515 3940 IPSec - ok
20:46:46.0562 3940 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:46:46.0578 3940 IRENUM - ok
20:46:46.0640 3940 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:46:46.0640 3940 isapnp - ok
20:46:46.0718 3940 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
20:46:46.0734 3940 JavaQuickStarterService - ok
20:46:46.0750 3940 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:46:46.0765 3940 Kbdclass - ok
20:46:46.0781 3940 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:46:46.0781 3940 kbdhid - ok
20:46:46.0828 3940 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:46:46.0843 3940 kmixer - ok
20:46:46.0875 3940 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:46:46.0890 3940 KSecDD - ok
20:46:46.0937 3940 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
20:46:46.0953 3940 LanmanServer - ok
20:46:47.0000 3940 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
20:46:47.0015 3940 lanmanworkstation - ok
20:46:47.0062 3940 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
20:46:47.0078 3940 LmHosts - ok
20:46:47.0109 3940 m5289 (2424b13987360840b4bf4e5fb5a66d3f) C:\WINDOWS\system32\DRIVERS\m5289.sys
20:46:47.0125 3940 m5289 - ok
20:46:47.0281 3940 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
20:46:47.0312 3940 McAfee SiteAdvisor Service - ok
20:46:47.0421 3940 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
20:46:47.0437 3940 McComponentHostService - ok
20:46:47.0468 3940 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
20:46:47.0500 3940 Messenger - ok
20:46:47.0546 3940 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:46:47.0546 3940 mnmdd - ok
20:46:47.0578 3940 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
20:46:47.0593 3940 mnmsrvc - ok
20:46:47.0625 3940 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
20:46:47.0640 3940 Modem - ok
20:46:47.0656 3940 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:46:47.0671 3940 Mouclass - ok
20:46:47.0750 3940 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:46:47.0765 3940 mouhid - ok
20:46:47.0781 3940 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:46:47.0796 3940 MountMgr - ok
20:46:47.0812 3940 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:46:47.0828 3940 MRxDAV - ok
20:46:47.0875 3940 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:46:47.0906 3940 MRxSmb - ok
20:46:47.0921 3940 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
20:46:47.0921 3940 MSDTC - ok
20:46:47.0953 3940 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:46:47.0984 3940 Msfs - ok
20:46:47.0984 3940 MSIServer - ok
20:46:48.0031 3940 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:46:48.0031 3940 MSKSSRV - ok
20:46:48.0031 3940 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:46:48.0031 3940 MSPCLOCK - ok
20:46:48.0046 3940 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:46:48.0046 3940 MSPQM - ok
20:46:48.0078 3940 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:46:48.0109 3940 mssmbios - ok
20:46:48.0125 3940 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:46:48.0156 3940 Mup - ok
20:46:48.0187 3940 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
20:46:48.0203 3940 napagent - ok
20:46:48.0343 3940 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
20:46:48.0375 3940 NAUpdate - ok
20:46:48.0453 3940 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
20:46:48.0484 3940 NBService - ok
20:46:48.0593 3940 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:46:48.0609 3940 NDIS - ok
20:46:48.0656 3940 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:46:48.0671 3940 NdisTapi - ok
20:46:48.0687 3940 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:46:48.0703 3940 Ndisuio - ok
20:46:48.0718 3940 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:46:48.0718 3940 NdisWan - ok
20:46:48.0765 3940 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:46:48.0781 3940 NDProxy - ok
20:46:48.0796 3940 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:46:48.0812 3940 NetBIOS - ok
20:46:48.0843 3940 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:46:48.0843 3940 NetBT - ok
20:46:48.0890 3940 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
20:46:48.0906 3940 NetDDE - ok
20:46:48.0906 3940 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
20:46:48.0921 3940 NetDDEdsdm - ok
20:46:48.0953 3940 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:46:48.0968 3940 Netlogon - ok
20:46:48.0984 3940 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
20:46:49.0000 3940 Netman - ok
20:46:49.0109 3940 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:46:49.0109 3940 NetTcpPortSharing - ok
20:46:49.0156 3940 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
20:46:49.0171 3940 Nla - ok
20:46:49.0328 3940 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
20:46:49.0359 3940 NMIndexingService - ok
20:46:49.0375 3940 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:46:49.0390 3940 Npfs - ok
20:46:49.0437 3940 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:46:49.0484 3940 Ntfs - ok
20:46:49.0515 3940 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:46:49.0515 3940 NtLmSsp - ok
20:46:49.0562 3940 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
20:46:49.0578 3940 NtmsSvc - ok
20:46:49.0625 3940 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:46:49.0625 3940 Null - ok
20:46:49.0656 3940 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:46:49.0671 3940 NwlnkFlt - ok
20:46:49.0687 3940 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:46:49.0687 3940 NwlnkFwd - ok
20:46:49.0781 3940 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:46:49.0812 3940 odserv - ok
20:46:49.0890 3940 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
20:46:49.0906 3940 OMSI download service - ok
20:46:49.0937 3940 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:46:49.0937 3940 ose - ok
20:46:50.0000 3940 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
20:46:50.0015 3940 Parport - ok
20:46:50.0031 3940 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:46:50.0046 3940 PartMgr - ok
20:46:50.0093 3940 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
20:46:50.0093 3940 ParVdm - ok
20:46:50.0109 3940 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
20:46:50.0140 3940 PCI - ok
20:46:50.0156 3940 PCIDump - ok
20:46:50.0187 3940 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:46:50.0203 3940 Pcmcia - ok
20:46:50.0328 3940 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
20:46:50.0328 3940 PlugPlay - ok
20:46:50.0375 3940 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:46:50.0375 3940 PolicyAgent - ok
20:46:50.0406 3940 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:46:50.0406 3940 PptpMiniport - ok
20:46:50.0421 3940 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
20:46:50.0437 3940 Processor - ok
20:46:50.0453 3940 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:46:50.0453 3940 ProtectedStorage - ok
20:46:50.0468 3940 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:46:50.0531 3940 PSched - ok
20:46:50.0562 3940 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:46:50.0593 3940 Ptilink - ok
20:46:50.0656 3940 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:46:50.0671 3940 PxHelp20 - ok
20:46:50.0687 3940 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:46:50.0703 3940 RasAcd - ok
20:46:50.0750 3940 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
20:46:50.0765 3940 RasAuto - ok
20:46:50.0796 3940 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:46:50.0812 3940 Rasl2tp - ok
20:46:50.0843 3940 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
20:46:50.0859 3940 RasMan - ok
20:46:50.0875 3940 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:46:50.0875 3940 RasPppoe - ok
20:46:50.0890 3940 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:46:50.0906 3940 Raspti - ok
20:46:50.0921 3940 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:46:50.0937 3940 Rdbss - ok
20:46:50.0937 3940 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:46:50.0937 3940 RDPCDD - ok
20:46:50.0984 3940 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:46:51.0000 3940 rdpdr - ok
20:46:51.0062 3940 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:46:51.0078 3940 RDPWD - ok
20:46:51.0093 3940 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
20:46:51.0109 3940 RDSessMgr - ok
20:46:51.0140 3940 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:46:51.0156 3940 redbook - ok
20:46:51.0187 3940 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
20:46:51.0187 3940 RemoteAccess - ok
20:46:51.0234 3940 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
20:46:51.0312 3940 RemoteRegistry - ok
20:46:51.0328 3940 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
20:46:51.0390 3940 RpcLocator - ok
20:46:51.0437 3940 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
20:46:51.0453 3940 RpcSs - ok
20:46:51.0484 3940 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
20:46:51.0500 3940 RSVP - ok
20:46:51.0531 3940 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:46:51.0531 3940 SamSs - ok
20:46:51.0546 3940 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
20:46:51.0578 3940 SCardSvr - ok
20:46:51.0671 3940 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
20:46:51.0687 3940 Schedule - ok
20:46:51.0718 3940 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:46:51.0718 3940 Secdrv - ok
20:46:51.0750 3940 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
20:46:51.0765 3940 seclogon - ok
20:46:51.0796 3940 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
20:46:51.0812 3940 seehcri - ok
20:46:51.0828 3940 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
20:46:51.0843 3940 SENS - ok
20:46:51.0890 3940 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:46:51.0906 3940 serenum - ok
20:46:51.0921 3940 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
20:46:51.0921 3940 Serial - ok
20:46:51.0968 3940 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:46:51.0968 3940 Sfloppy - ok
20:46:52.0015 3940 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
20:46:52.0031 3940 SharedAccess - ok
20:46:52.0078 3940 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
20:46:52.0078 3940 ShellHWDetection - ok
20:46:52.0125 3940 smwdm (f1b8248d5d7e151b8934cdef4424fb6e) C:\WINDOWS\system32\drivers\smwdm.sys
20:46:52.0156 3940 smwdm - ok
20:46:52.0218 3940 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
20:46:52.0218 3940 SoundMAX Agent Service (default) - ok
20:46:52.0265 3940 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:46:52.0265 3940 splitter - ok
20:46:52.0359 3940 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:46:52.0375 3940 Spooler - ok
20:46:52.0453 3940 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
20:46:52.0453 3940 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
20:46:52.0453 3940 sptd ( LockedFile.Multi.Generic ) - warning
20:46:52.0453 3940 sptd - detected LockedFile.Multi.Generic (1)
20:46:52.0531 3940 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
20:46:52.0546 3940 sr - ok
20:46:52.0578 3940 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
20:46:52.0593 3940 srservice - ok
20:46:52.0625 3940 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:46:52.0656 3940 Srv - ok
20:46:52.0718 3940 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
20:46:52.0734 3940 SSDPSRV - ok
20:46:52.0765 3940 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
20:46:52.0781 3940 stisvc - ok
20:46:52.0828 3940 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:46:52.0828 3940 swenum - ok
20:46:52.0859 3940 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:46:52.0875 3940 swmidi - ok
20:46:52.0890 3940 SwPrv - ok
20:46:52.0906 3940 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:46:52.0921 3940 sysaudio - ok
20:46:52.0953 3940 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
20:46:52.0953 3940 SysmonLog - ok
20:46:52.0984 3940 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
20:46:53.0000 3940 TapiSrv - ok
20:46:53.0046 3940 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:46:53.0062 3940 Tcpip - ok
20:46:53.0125 3940 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:46:53.0140 3940 TDPIPE - ok
20:46:53.0156 3940 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:46:53.0171 3940 TDTCP - ok
20:46:53.0218 3940 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:46:53.0234 3940 TermDD - ok
20:46:53.0343 3940 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
20:46:53.0375 3940 TermService - ok
20:46:53.0421 3940 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
20:46:53.0421 3940 Themes - ok
20:46:53.0453 3940 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
20:46:53.0453 3940 TlntSvr - ok
20:46:53.0500 3940 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
20:46:53.0515 3940 TrkWks - ok
20:46:53.0546 3940 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:46:53.0546 3940 Udfs - ok
20:46:53.0609 3940 ULI5261 (564f1f82fb5c0249be0cfee4c826be95) C:\WINDOWS\system32\DRIVERS\ULILAN.SYS
20:46:53.0625 3940 ULI5261 - ok
20:46:53.0640 3940 uliagpkx (4acecaa41d5f1a4cd3c78afc4de0a8c3) C:\WINDOWS\system32\DRIVERS\agpkx.sys
20:46:53.0656 3940 uliagpkx - ok
20:46:53.0687 3940 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:46:53.0703 3940 Update - ok
20:46:53.0734 3940 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
20:46:53.0750 3940 upnphost - ok
20:46:53.0765 3940 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
20:46:53.0781 3940 UPS - ok
20:46:53.0812 3940 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:46:53.0828 3940 usbccgp - ok
20:46:53.0843 3940 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:46:53.0859 3940 usbehci - ok
20:46:53.0875 3940 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:46:53.0906 3940 usbhub - ok
20:46:53.0921 3940 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:46:53.0937 3940 usbohci - ok
20:46:53.0968 3940 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:46:54.0000 3940 usbprint - ok
20:46:54.0031 3940 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:46:54.0031 3940 usbscan - ok
20:46:54.0031 3940 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
20:46:54.0062 3940 usbser - ok
20:46:54.0078 3940 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:46:54.0109 3940 USBSTOR - ok
20:46:54.0140 3940 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:46:54.0156 3940 VgaSave - ok
20:46:54.0171 3940 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
20:46:54.0187 3940 VolSnap - ok
20:46:54.0234 3940 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
20:46:54.0265 3940 VSS - ok
20:46:54.0343 3940 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
20:46:54.0359 3940 W32Time - ok
20:46:54.0390 3940 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:46:54.0390 3940 Wanarp - ok
20:46:54.0437 3940 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:46:54.0468 3940 wdmaud - ok
20:46:54.0593 3940 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
20:46:54.0625 3940 WebClient - ok
20:46:54.0703 3940 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:46:54.0718 3940 winmgmt - ok
20:46:54.0953 3940 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
20:46:55.0015 3940 WinRM - ok
20:46:55.0078 3940 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:46:55.0125 3940 WmdmPmSN - ok
20:46:55.0171 3940 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
20:46:55.0250 3940 Wmi - ok
20:46:55.0359 3940 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:46:55.0375 3940 WmiApSrv - ok
20:46:55.0484 3940 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
20:46:55.0546 3940 WMPNetworkSvc - ok
20:46:55.0593 3940 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:46:55.0609 3940 WpdUsb - ok
20:46:55.0734 3940 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:46:55.0796 3940 WPFFontCache_v0400 - ok
20:46:55.0828 3940 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:46:55.0843 3940 WS2IFSL - ok
20:46:55.0890 3940 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
20:46:55.0906 3940 wscsvc - ok
20:46:55.0921 3940 WSearch - ok
20:46:55.0984 3940 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
20:46:56.0000 3940 wuauserv - ok
20:46:56.0140 3940 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:46:56.0171 3940 WudfPf - ok
20:46:56.0296 3940 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:46:56.0343 3940 WudfRd - ok
20:46:56.0390 3940 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:46:56.0421 3940 WudfSvc - ok
20:46:56.0484 3940 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
20:46:56.0531 3940 WZCSVC - ok
20:46:56.0546 3940 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
20:46:56.0562 3940 xmlprov - ok
20:46:56.0593 3940 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:46:56.0968 3940 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
20:46:56.0968 3940 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
20:46:56.0984 3940 Boot (0x1200) (9be5d266fcadabcb49b4955ca74310d9) \Device\Harddisk0\DR0\Partition0
20:46:56.0984 3940 \Device\Harddisk0\DR0\Partition0 - ok
20:46:57.0000 3940 ============================================================
20:46:57.0000 3940 Scan finished
20:46:57.0000 3940 ============================================================
20:46:57.0015 3932 Detected object count: 2
20:46:57.0015 3932 Actual detected object count: 2
20:47:27.0484 3932 sptd ( LockedFile.Multi.Generic ) - skipped by user
20:47:27.0484 3932 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
20:47:27.0484 3932 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
20:47:27.0484 3932 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
20:46:24.0656 3872 ============================================================
20:46:24.0656 3872 Current date / time: 2012/05/17 20:46:24.0656
20:46:24.0656 3872 SystemInfo:
20:46:24.0656 3872
20:46:24.0656 3872 OS Version: 5.1.2600 ServicePack: 3.0
20:46:24.0656 3872 Product type: Workstation
20:46:24.0656 3872 ComputerName: ANDREJ-PC
20:46:24.0656 3872 UserName: Andrej
20:46:24.0656 3872 Windows directory: C:\WINDOWS
20:46:24.0656 3872 System windows directory: C:\WINDOWS
20:46:24.0656 3872 Processor architecture: Intel x86
20:46:24.0656 3872 Number of processors: 1
20:46:24.0656 3872 Page size: 0x1000
20:46:24.0656 3872 Boot type: Normal boot
20:46:24.0656 3872 ============================================================
20:46:32.0109 3872 Drive \Device\Harddisk0\DR0 - Size: 0x1C9FEF0000 (114.50 Gb), SectorSize: 0x200, Cylinders: 0x3A62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:46:32.0140 3872 ============================================================
20:46:32.0140 3872 \Device\Harddisk0\DR0:
20:46:32.0156 3872 MBR partitions:
20:46:32.0156 3872 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE4F80E2
20:46:32.0156 3872 ============================================================
20:46:32.0203 3872 C: <-> \Device\Harddisk0\DR0\Partition0
20:46:32.0203 3872 ============================================================
20:46:32.0203 3872 Initialize success
20:46:32.0203 3872 ============================================================
20:46:33.0859 3940 ============================================================
20:46:33.0859 3940 Scan started
20:46:33.0859 3940 Mode: Manual;
20:46:33.0859 3940 ============================================================
20:46:36.0046 3940 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
20:46:36.0062 3940 Aavmker4 - ok
20:46:36.0187 3940 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:46:36.0218 3940 ACPI - ok
20:46:36.0359 3940 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:46:36.0375 3940 ACPIEC - ok
20:46:36.0484 3940 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:46:36.0531 3940 AdobeFlashPlayerUpdateSvc - ok
20:46:36.0625 3940 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
20:46:36.0625 3940 aeaudio - ok
20:46:36.0734 3940 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:46:36.0750 3940 aec - ok
20:46:38.0375 3940 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:46:38.0406 3940 AFD - ok
20:46:38.0593 3940 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
20:46:38.0625 3940 Alerter - ok
20:46:38.0687 3940 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
20:46:38.0703 3940 ALG - ok
20:46:38.0750 3940 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
20:46:38.0750 3940 AliIde - ok
20:46:38.0812 3940 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
20:46:38.0828 3940 AmdPPM - ok
20:46:39.0000 3940 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:46:39.0015 3940 Apple Mobile Device - ok
20:46:39.0203 3940 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
20:46:39.0328 3940 AppMgmt - ok
20:46:39.0796 3940 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:46:39.0843 3940 aspnet_state - ok
20:46:39.0953 3940 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
20:46:39.0984 3940 aswFsBlk - ok
20:46:40.0093 3940 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
20:46:40.0109 3940 aswMon2 - ok
20:46:40.0140 3940 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
20:46:40.0156 3940 aswRdr - ok
20:46:40.0437 3940 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
20:46:40.0671 3940 aswSnx - ok
20:46:41.0093 3940 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
20:46:41.0171 3940 aswSP - ok
20:46:41.0421 3940 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
20:46:41.0453 3940 aswTdi - ok
20:46:41.0578 3940 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:46:41.0625 3940 AsyncMac - ok
20:46:41.0718 3940 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:46:41.0734 3940 atapi - ok
20:46:41.0890 3940 Ati HotKey Poller (df7ce16cff3217e71742e3d700844c07) C:\WINDOWS\system32\Ati2evxx.exe
20:46:41.0968 3940 Ati HotKey Poller - ok
20:46:42.0156 3940 ATI Smart (01b14b2ec8123995e2b961d42bac8ef9) C:\WINDOWS\system32\ati2sgag.exe
20:46:42.0328 3940 ATI Smart - ok
20:46:42.0703 3940 ati2mtag (49c75e63b8b23b0e534447ba25ce2e76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:46:42.0781 3940 ati2mtag - ok
20:46:42.0828 3940 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:46:42.0843 3940 Atmarpc - ok
20:46:42.0890 3940 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
20:46:42.0906 3940 AudioSrv - ok
20:46:42.0953 3940 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:46:42.0953 3940 audstub - ok
20:46:43.0046 3940 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:46:43.0062 3940 avast! Antivirus - ok
20:46:43.0109 3940 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:46:43.0109 3940 Beep - ok
20:46:43.0156 3940 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
20:46:43.0203 3940 BITS - ok
20:46:43.0343 3940 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:46:43.0390 3940 Bonjour Service - ok
20:46:43.0437 3940 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
20:46:43.0453 3940 Browser - ok
20:46:43.0515 3940 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:46:43.0531 3940 cbidf2k - ok
20:46:43.0546 3940 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:46:43.0562 3940 Cdaudio - ok
20:46:43.0578 3940 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:46:43.0578 3940 Cdfs - ok
20:46:43.0625 3940 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:46:43.0640 3940 Cdrom - ok
20:46:43.0656 3940 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
20:46:43.0671 3940 CiSvc - ok
20:46:43.0687 3940 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
20:46:43.0703 3940 ClipSrv - ok
20:46:43.0765 3940 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:46:43.0812 3940 clr_optimization_v2.0.50727_32 - ok
20:46:43.0859 3940 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:46:43.0890 3940 clr_optimization_v4.0.30319_32 - ok
20:46:43.0906 3940 COMSysApp - ok
20:46:43.0968 3940 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
20:46:43.0984 3940 CryptSvc - ok
20:46:43.0984 3940 dac2w2k - ok
20:46:44.0046 3940 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
20:46:44.0078 3940 DcomLaunch - ok
20:46:44.0109 3940 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
20:46:44.0125 3940 Dhcp - ok
20:46:44.0171 3940 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:46:44.0171 3940 Disk - ok
20:46:44.0187 3940 dmadmin - ok
20:46:44.0234 3940 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
20:46:44.0312 3940 dmboot - ok
20:46:44.0328 3940 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
20:46:44.0343 3940 dmio - ok
20:46:44.0375 3940 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:46:44.0375 3940 dmload - ok
20:46:44.0390 3940 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
20:46:44.0406 3940 dmserver - ok
20:46:44.0453 3940 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:46:44.0468 3940 DMusic - ok
20:46:44.0531 3940 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
20:46:44.0562 3940 Dnscache - ok
20:46:44.0593 3940 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
20:46:44.0625 3940 Dot3svc - ok
20:46:44.0625 3940 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:46:44.0640 3940 drmkaud - ok
20:46:44.0656 3940 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
20:46:44.0671 3940 EapHost - ok
20:46:44.0703 3940 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
20:46:44.0703 3940 ERSvc - ok
20:46:44.0750 3940 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
20:46:44.0765 3940 Eventlog - ok
20:46:44.0828 3940 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
20:46:44.0843 3940 EventSystem - ok
20:46:44.0890 3940 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:46:44.0906 3940 Fastfat - ok
20:46:44.0937 3940 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
20:46:44.0953 3940 FastUserSwitchingCompatibility - ok
20:46:44.0984 3940 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:46:45.0000 3940 Fdc - ok
20:46:45.0015 3940 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
20:46:45.0031 3940 Fips - ok
20:46:45.0046 3940 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:46:45.0062 3940 Flpydisk - ok
20:46:45.0093 3940 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:46:45.0109 3940 FltMgr - ok
20:46:45.0187 3940 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:46:45.0203 3940 FontCache3.0.0.0 - ok
20:46:45.0218 3940 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:46:45.0218 3940 Fs_Rec - ok
20:46:45.0250 3940 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:46:45.0296 3940 Ftdisk - ok
20:46:45.0343 3940 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:46:45.0343 3940 GEARAspiWDM - ok
20:46:45.0390 3940 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:46:45.0390 3940 Gpc - ok
20:46:45.0406 3940 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:46:45.0421 3940 helpsvc - ok
20:46:45.0453 3940 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
20:46:45.0531 3940 HidServ - ok
20:46:45.0578 3940 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:46:45.0593 3940 hidusb - ok
20:46:45.0625 3940 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
20:46:45.0640 3940 hkmsvc - ok
20:46:45.0671 3940 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:46:45.0687 3940 HTTP - ok
20:46:45.0734 3940 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
20:46:45.0750 3940 HTTPFilter - ok
20:46:45.0796 3940 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\drivers\i8042prt.sys
20:46:45.0796 3940 i8042prt - ok
20:46:45.0906 3940 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
20:46:45.0906 3940 IDriverT - ok
20:46:46.0015 3940 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:46:46.0062 3940 idsvc - ok
20:46:46.0109 3940 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:46:46.0125 3940 Imapi - ok
20:46:46.0156 3940 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
20:46:46.0171 3940 ImapiService - ok
20:46:46.0218 3940 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:46:46.0234 3940 Ip6Fw - ok
20:46:46.0265 3940 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:46:46.0281 3940 IpFilterDriver - ok
20:46:46.0296 3940 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:46:46.0296 3940 IpInIp - ok
20:46:46.0328 3940 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:46:46.0328 3940 IpNat - ok
20:46:46.0421 3940 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
20:46:46.0453 3940 iPod Service - ok
20:46:46.0515 3940 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:46:46.0515 3940 IPSec - ok
20:46:46.0562 3940 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:46:46.0578 3940 IRENUM - ok
20:46:46.0640 3940 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:46:46.0640 3940 isapnp - ok
20:46:46.0718 3940 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
20:46:46.0734 3940 JavaQuickStarterService - ok
20:46:46.0750 3940 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:46:46.0765 3940 Kbdclass - ok
20:46:46.0781 3940 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:46:46.0781 3940 kbdhid - ok
20:46:46.0828 3940 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:46:46.0843 3940 kmixer - ok
20:46:46.0875 3940 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:46:46.0890 3940 KSecDD - ok
20:46:46.0937 3940 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
20:46:46.0953 3940 LanmanServer - ok
20:46:47.0000 3940 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
20:46:47.0015 3940 lanmanworkstation - ok
20:46:47.0062 3940 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
20:46:47.0078 3940 LmHosts - ok
20:46:47.0109 3940 m5289 (2424b13987360840b4bf4e5fb5a66d3f) C:\WINDOWS\system32\DRIVERS\m5289.sys
20:46:47.0125 3940 m5289 - ok
20:46:47.0281 3940 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
20:46:47.0312 3940 McAfee SiteAdvisor Service - ok
20:46:47.0421 3940 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
20:46:47.0437 3940 McComponentHostService - ok
20:46:47.0468 3940 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
20:46:47.0500 3940 Messenger - ok
20:46:47.0546 3940 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:46:47.0546 3940 mnmdd - ok
20:46:47.0578 3940 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
20:46:47.0593 3940 mnmsrvc - ok
20:46:47.0625 3940 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
20:46:47.0640 3940 Modem - ok
20:46:47.0656 3940 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:46:47.0671 3940 Mouclass - ok
20:46:47.0750 3940 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:46:47.0765 3940 mouhid - ok
20:46:47.0781 3940 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:46:47.0796 3940 MountMgr - ok
20:46:47.0812 3940 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:46:47.0828 3940 MRxDAV - ok
20:46:47.0875 3940 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:46:47.0906 3940 MRxSmb - ok
20:46:47.0921 3940 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
20:46:47.0921 3940 MSDTC - ok
20:46:47.0953 3940 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:46:47.0984 3940 Msfs - ok
20:46:47.0984 3940 MSIServer - ok
20:46:48.0031 3940 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:46:48.0031 3940 MSKSSRV - ok
20:46:48.0031 3940 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:46:48.0031 3940 MSPCLOCK - ok
20:46:48.0046 3940 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:46:48.0046 3940 MSPQM - ok
20:46:48.0078 3940 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:46:48.0109 3940 mssmbios - ok
20:46:48.0125 3940 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:46:48.0156 3940 Mup - ok
20:46:48.0187 3940 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
20:46:48.0203 3940 napagent - ok
20:46:48.0343 3940 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
20:46:48.0375 3940 NAUpdate - ok
20:46:48.0453 3940 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
20:46:48.0484 3940 NBService - ok
20:46:48.0593 3940 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:46:48.0609 3940 NDIS - ok
20:46:48.0656 3940 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:46:48.0671 3940 NdisTapi - ok
20:46:48.0687 3940 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:46:48.0703 3940 Ndisuio - ok
20:46:48.0718 3940 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:46:48.0718 3940 NdisWan - ok
20:46:48.0765 3940 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:46:48.0781 3940 NDProxy - ok
20:46:48.0796 3940 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:46:48.0812 3940 NetBIOS - ok
20:46:48.0843 3940 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:46:48.0843 3940 NetBT - ok
20:46:48.0890 3940 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
20:46:48.0906 3940 NetDDE - ok
20:46:48.0906 3940 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
20:46:48.0921 3940 NetDDEdsdm - ok
20:46:48.0953 3940 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:46:48.0968 3940 Netlogon - ok
20:46:48.0984 3940 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
20:46:49.0000 3940 Netman - ok
20:46:49.0109 3940 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:46:49.0109 3940 NetTcpPortSharing - ok
20:46:49.0156 3940 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
20:46:49.0171 3940 Nla - ok
20:46:49.0328 3940 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
20:46:49.0359 3940 NMIndexingService - ok
20:46:49.0375 3940 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:46:49.0390 3940 Npfs - ok
20:46:49.0437 3940 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:46:49.0484 3940 Ntfs - ok
20:46:49.0515 3940 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:46:49.0515 3940 NtLmSsp - ok
20:46:49.0562 3940 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
20:46:49.0578 3940 NtmsSvc - ok
20:46:49.0625 3940 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:46:49.0625 3940 Null - ok
20:46:49.0656 3940 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:46:49.0671 3940 NwlnkFlt - ok
20:46:49.0687 3940 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:46:49.0687 3940 NwlnkFwd - ok
20:46:49.0781 3940 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:46:49.0812 3940 odserv - ok
20:46:49.0890 3940 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
20:46:49.0906 3940 OMSI download service - ok
20:46:49.0937 3940 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:46:49.0937 3940 ose - ok
20:46:50.0000 3940 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
20:46:50.0015 3940 Parport - ok
20:46:50.0031 3940 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:46:50.0046 3940 PartMgr - ok
20:46:50.0093 3940 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
20:46:50.0093 3940 ParVdm - ok
20:46:50.0109 3940 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
20:46:50.0140 3940 PCI - ok
20:46:50.0156 3940 PCIDump - ok
20:46:50.0187 3940 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:46:50.0203 3940 Pcmcia - ok
20:46:50.0328 3940 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
20:46:50.0328 3940 PlugPlay - ok
20:46:50.0375 3940 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:46:50.0375 3940 PolicyAgent - ok
20:46:50.0406 3940 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:46:50.0406 3940 PptpMiniport - ok
20:46:50.0421 3940 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
20:46:50.0437 3940 Processor - ok
20:46:50.0453 3940 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:46:50.0453 3940 ProtectedStorage - ok
20:46:50.0468 3940 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:46:50.0531 3940 PSched - ok
20:46:50.0562 3940 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:46:50.0593 3940 Ptilink - ok
20:46:50.0656 3940 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:46:50.0671 3940 PxHelp20 - ok
20:46:50.0687 3940 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:46:50.0703 3940 RasAcd - ok
20:46:50.0750 3940 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
20:46:50.0765 3940 RasAuto - ok
20:46:50.0796 3940 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:46:50.0812 3940 Rasl2tp - ok
20:46:50.0843 3940 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
20:46:50.0859 3940 RasMan - ok
20:46:50.0875 3940 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:46:50.0875 3940 RasPppoe - ok
20:46:50.0890 3940 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:46:50.0906 3940 Raspti - ok
20:46:50.0921 3940 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:46:50.0937 3940 Rdbss - ok
20:46:50.0937 3940 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:46:50.0937 3940 RDPCDD - ok
20:46:50.0984 3940 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:46:51.0000 3940 rdpdr - ok
20:46:51.0062 3940 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:46:51.0078 3940 RDPWD - ok
20:46:51.0093 3940 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
20:46:51.0109 3940 RDSessMgr - ok
20:46:51.0140 3940 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:46:51.0156 3940 redbook - ok
20:46:51.0187 3940 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
20:46:51.0187 3940 RemoteAccess - ok
20:46:51.0234 3940 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
20:46:51.0312 3940 RemoteRegistry - ok
20:46:51.0328 3940 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
20:46:51.0390 3940 RpcLocator - ok
20:46:51.0437 3940 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
20:46:51.0453 3940 RpcSs - ok
20:46:51.0484 3940 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
20:46:51.0500 3940 RSVP - ok
20:46:51.0531 3940 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:46:51.0531 3940 SamSs - ok
20:46:51.0546 3940 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
20:46:51.0578 3940 SCardSvr - ok
20:46:51.0671 3940 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
20:46:51.0687 3940 Schedule - ok
20:46:51.0718 3940 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:46:51.0718 3940 Secdrv - ok
20:46:51.0750 3940 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
20:46:51.0765 3940 seclogon - ok
20:46:51.0796 3940 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
20:46:51.0812 3940 seehcri - ok
20:46:51.0828 3940 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
20:46:51.0843 3940 SENS - ok
20:46:51.0890 3940 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:46:51.0906 3940 serenum - ok
20:46:51.0921 3940 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
20:46:51.0921 3940 Serial - ok
20:46:51.0968 3940 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:46:51.0968 3940 Sfloppy - ok
20:46:52.0015 3940 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
20:46:52.0031 3940 SharedAccess - ok
20:46:52.0078 3940 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
20:46:52.0078 3940 ShellHWDetection - ok
20:46:52.0125 3940 smwdm (f1b8248d5d7e151b8934cdef4424fb6e) C:\WINDOWS\system32\drivers\smwdm.sys
20:46:52.0156 3940 smwdm - ok
20:46:52.0218 3940 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
20:46:52.0218 3940 SoundMAX Agent Service (default) - ok
20:46:52.0265 3940 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:46:52.0265 3940 splitter - ok
20:46:52.0359 3940 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:46:52.0375 3940 Spooler - ok
20:46:52.0453 3940 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
20:46:52.0453 3940 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
20:46:52.0453 3940 sptd ( LockedFile.Multi.Generic ) - warning
20:46:52.0453 3940 sptd - detected LockedFile.Multi.Generic (1)
20:46:52.0531 3940 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
20:46:52.0546 3940 sr - ok
20:46:52.0578 3940 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
20:46:52.0593 3940 srservice - ok
20:46:52.0625 3940 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:46:52.0656 3940 Srv - ok
20:46:52.0718 3940 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
20:46:52.0734 3940 SSDPSRV - ok
20:46:52.0765 3940 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
20:46:52.0781 3940 stisvc - ok
20:46:52.0828 3940 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:46:52.0828 3940 swenum - ok
20:46:52.0859 3940 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:46:52.0875 3940 swmidi - ok
20:46:52.0890 3940 SwPrv - ok
20:46:52.0906 3940 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:46:52.0921 3940 sysaudio - ok
20:46:52.0953 3940 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
20:46:52.0953 3940 SysmonLog - ok
20:46:52.0984 3940 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
20:46:53.0000 3940 TapiSrv - ok
20:46:53.0046 3940 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:46:53.0062 3940 Tcpip - ok
20:46:53.0125 3940 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:46:53.0140 3940 TDPIPE - ok
20:46:53.0156 3940 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:46:53.0171 3940 TDTCP - ok
20:46:53.0218 3940 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:46:53.0234 3940 TermDD - ok
20:46:53.0343 3940 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
20:46:53.0375 3940 TermService - ok
20:46:53.0421 3940 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
20:46:53.0421 3940 Themes - ok
20:46:53.0453 3940 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
20:46:53.0453 3940 TlntSvr - ok
20:46:53.0500 3940 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
20:46:53.0515 3940 TrkWks - ok
20:46:53.0546 3940 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:46:53.0546 3940 Udfs - ok
20:46:53.0609 3940 ULI5261 (564f1f82fb5c0249be0cfee4c826be95) C:\WINDOWS\system32\DRIVERS\ULILAN.SYS
20:46:53.0625 3940 ULI5261 - ok
20:46:53.0640 3940 uliagpkx (4acecaa41d5f1a4cd3c78afc4de0a8c3) C:\WINDOWS\system32\DRIVERS\agpkx.sys
20:46:53.0656 3940 uliagpkx - ok
20:46:53.0687 3940 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:46:53.0703 3940 Update - ok
20:46:53.0734 3940 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
20:46:53.0750 3940 upnphost - ok
20:46:53.0765 3940 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
20:46:53.0781 3940 UPS - ok
20:46:53.0812 3940 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:46:53.0828 3940 usbccgp - ok
20:46:53.0843 3940 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:46:53.0859 3940 usbehci - ok
20:46:53.0875 3940 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:46:53.0906 3940 usbhub - ok
20:46:53.0921 3940 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:46:53.0937 3940 usbohci - ok
20:46:53.0968 3940 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:46:54.0000 3940 usbprint - ok
20:46:54.0031 3940 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:46:54.0031 3940 usbscan - ok
20:46:54.0031 3940 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
20:46:54.0062 3940 usbser - ok
20:46:54.0078 3940 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:46:54.0109 3940 USBSTOR - ok
20:46:54.0140 3940 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:46:54.0156 3940 VgaSave - ok
20:46:54.0171 3940 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
20:46:54.0187 3940 VolSnap - ok
20:46:54.0234 3940 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
20:46:54.0265 3940 VSS - ok
20:46:54.0343 3940 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
20:46:54.0359 3940 W32Time - ok
20:46:54.0390 3940 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:46:54.0390 3940 Wanarp - ok
20:46:54.0437 3940 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:46:54.0468 3940 wdmaud - ok
20:46:54.0593 3940 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
20:46:54.0625 3940 WebClient - ok
20:46:54.0703 3940 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:46:54.0718 3940 winmgmt - ok
20:46:54.0953 3940 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
20:46:55.0015 3940 WinRM - ok
20:46:55.0078 3940 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:46:55.0125 3940 WmdmPmSN - ok
20:46:55.0171 3940 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
20:46:55.0250 3940 Wmi - ok
20:46:55.0359 3940 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:46:55.0375 3940 WmiApSrv - ok
20:46:55.0484 3940 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
20:46:55.0546 3940 WMPNetworkSvc - ok
20:46:55.0593 3940 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:46:55.0609 3940 WpdUsb - ok
20:46:55.0734 3940 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:46:55.0796 3940 WPFFontCache_v0400 - ok
20:46:55.0828 3940 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:46:55.0843 3940 WS2IFSL - ok
20:46:55.0890 3940 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
20:46:55.0906 3940 wscsvc - ok
20:46:55.0921 3940 WSearch - ok
20:46:55.0984 3940 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
20:46:56.0000 3940 wuauserv - ok
20:46:56.0140 3940 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:46:56.0171 3940 WudfPf - ok
20:46:56.0296 3940 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:46:56.0343 3940 WudfRd - ok
20:46:56.0390 3940 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:46:56.0421 3940 WudfSvc - ok
20:46:56.0484 3940 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
20:46:56.0531 3940 WZCSVC - ok
20:46:56.0546 3940 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
20:46:56.0562 3940 xmlprov - ok
20:46:56.0593 3940 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:46:56.0968 3940 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
20:46:56.0968 3940 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
20:46:56.0984 3940 Boot (0x1200) (9be5d266fcadabcb49b4955ca74310d9) \Device\Harddisk0\DR0\Partition0
20:46:56.0984 3940 \Device\Harddisk0\DR0\Partition0 - ok
20:46:57.0000 3940 ============================================================
20:46:57.0000 3940 Scan finished
20:46:57.0000 3940 ============================================================
20:46:57.0015 3932 Detected object count: 2
20:46:57.0015 3932 Actual detected object count: 2
20:47:27.0484 3932 sptd ( LockedFile.Multi.Generic ) - skipped by user
20:47:27.0484 3932 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
20:47:27.0484 3932 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
20:47:27.0484 3932 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
Re: Prosím o kontrolu Logu
dosla som k casti ze som vyprala v menu partition/boot/mbr - podmenu commandline - mbrfix.. otvorilo mi poznámkový blok, a čierne okno DOS-u. V tom DOSe bolo kopec udajov, ktore mi nic nehovorili nejake skratky a tak... tak som nevedela ci to mbrfix/drive O fixmr mám napisat do toho, alebo otvorit nanovo DOS a napisat to tam. Ked som to dala do toho uz otvoreneho a zaentrovala mala som vybrat bud ano alebo nie na netusim co... skusila som to otvorit v novom DOS-ovom okne a tam som to len napisala a tam mi nic nevyskocilo tak som dufala ze to bude uz fayn... ale asi nie je... Mozem to skusit znovu. Len kam mam napisat ten prikaz? a co ked mi vyhodi moznost y/n?
Re: Prosím o kontrolu Logu
Okey v poriadku
Re: Prosím o kontrolu Logu
Skusila som to znovu. Ta hlaska bola You are about to Fix MBR are you sure(Y/N)? dala som teda to Y a vyhodilo B:\Temp\HBCD>potom som dala start restartovat a spustila TDSSKiller, ale znovu mi naslo to iste ako predtym.
15:05:41.0921 3192 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
15:05:42.0109 3192 ============================================================
15:05:42.0109 3192 Current date / time: 2012/05/18 15:05:42.0109
15:05:42.0109 3192 SystemInfo:
15:05:42.0109 3192
15:05:42.0109 3192 OS Version: 5.1.2600 ServicePack: 3.0
15:05:42.0109 3192 Product type: Workstation
15:05:42.0109 3192 ComputerName: ANDREJ-PC
15:05:42.0109 3192 UserName: Andrej
15:05:42.0109 3192 Windows directory: C:\WINDOWS
15:05:42.0109 3192 System windows directory: C:\WINDOWS
15:05:42.0109 3192 Processor architecture: Intel x86
15:05:42.0109 3192 Number of processors: 1
15:05:42.0109 3192 Page size: 0x1000
15:05:42.0109 3192 Boot type: Normal boot
15:05:42.0109 3192 ============================================================
15:05:44.0750 3192 Drive \Device\Harddisk0\DR0 - Size: 0x1C9FEF0000 (114.50 Gb), SectorSize: 0x200, Cylinders: 0x3A62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:05:44.0750 3192 ============================================================
15:05:44.0750 3192 \Device\Harddisk0\DR0:
15:05:44.0750 3192 MBR partitions:
15:05:44.0750 3192 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE4F80E2
15:05:44.0750 3192 ============================================================
15:05:44.0781 3192 C: <-> \Device\Harddisk0\DR0\Partition0
15:05:44.0781 3192 ============================================================
15:05:44.0781 3192 Initialize success
15:05:44.0781 3192 ============================================================
15:05:46.0218 3356 ============================================================
15:05:46.0218 3356 Scan started
15:05:46.0218 3356 Mode: Manual;
15:05:46.0218 3356 ============================================================
15:05:47.0265 3356 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
15:05:47.0281 3356 Aavmker4 - ok
15:05:47.0375 3356 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:05:47.0375 3356 ACPI - ok
15:05:47.0421 3356 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:05:47.0421 3356 ACPIEC - ok
15:05:47.0500 3356 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:05:47.0515 3356 AdobeFlashPlayerUpdateSvc - ok
15:05:47.0562 3356 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
15:05:47.0562 3356 aeaudio - ok
15:05:47.0578 3356 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:05:47.0593 3356 aec - ok
15:05:47.0640 3356 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:05:47.0640 3356 AFD - ok
15:05:47.0671 3356 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
15:05:47.0687 3356 Alerter - ok
15:05:47.0718 3356 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
15:05:47.0734 3356 ALG - ok
15:05:47.0750 3356 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
15:05:47.0750 3356 AliIde - ok
15:05:47.0781 3356 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
15:05:47.0796 3356 AmdPPM - ok
15:05:47.0890 3356 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:05:47.0906 3356 Apple Mobile Device - ok
15:05:47.0953 3356 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
15:05:47.0968 3356 AppMgmt - ok
15:05:48.0046 3356 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:05:48.0062 3356 aspnet_state - ok
15:05:48.0093 3356 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
15:05:48.0109 3356 aswFsBlk - ok
15:05:48.0140 3356 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
15:05:48.0156 3356 aswMon2 - ok
15:05:48.0171 3356 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
15:05:48.0187 3356 aswRdr - ok
15:05:48.0218 3356 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
15:05:48.0250 3356 aswSnx - ok
15:05:48.0265 3356 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
15:05:48.0312 3356 aswSP - ok
15:05:48.0328 3356 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
15:05:48.0328 3356 aswTdi - ok
15:05:48.0375 3356 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:05:48.0375 3356 AsyncMac - ok
15:05:48.0406 3356 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:05:48.0406 3356 atapi - ok
15:05:48.0453 3356 Ati HotKey Poller (df7ce16cff3217e71742e3d700844c07) C:\WINDOWS\system32\Ati2evxx.exe
15:05:48.0468 3356 Ati HotKey Poller - ok
15:05:48.0500 3356 ATI Smart (01b14b2ec8123995e2b961d42bac8ef9) C:\WINDOWS\system32\ati2sgag.exe
15:05:48.0531 3356 ATI Smart - ok
15:05:48.0562 3356 ati2mtag (49c75e63b8b23b0e534447ba25ce2e76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:05:48.0593 3356 ati2mtag - ok
15:05:48.0609 3356 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:05:48.0640 3356 Atmarpc - ok
15:05:48.0656 3356 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
15:05:48.0671 3356 AudioSrv - ok
15:05:48.0718 3356 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:05:48.0718 3356 audstub - ok
15:05:48.0796 3356 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:05:48.0812 3356 avast! Antivirus - ok
15:05:49.0781 3356 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:05:49.0781 3356 Beep - ok
15:05:49.0843 3356 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
15:05:49.0890 3356 BITS - ok
15:05:49.0937 3356 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:05:49.0953 3356 Bonjour Service - ok
15:05:50.0000 3356 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
15:05:50.0015 3356 Browser - ok
15:05:50.0031 3356 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:05:50.0046 3356 cbidf2k - ok
15:05:50.0093 3356 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:05:50.0109 3356 Cdaudio - ok
15:05:50.0125 3356 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:05:50.0125 3356 Cdfs - ok
15:05:50.0171 3356 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:05:50.0187 3356 Cdrom - ok
15:05:50.0203 3356 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
15:05:50.0203 3356 CiSvc - ok
15:05:50.0218 3356 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
15:05:50.0234 3356 ClipSrv - ok
15:05:50.0312 3356 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:05:50.0359 3356 clr_optimization_v2.0.50727_32 - ok
15:05:50.0406 3356 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:05:50.0437 3356 clr_optimization_v4.0.30319_32 - ok
15:05:50.0437 3356 COMSysApp - ok
15:05:50.0468 3356 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
15:05:50.0484 3356 CryptSvc - ok
15:05:50.0500 3356 dac2w2k - ok
15:05:50.0546 3356 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
15:05:50.0578 3356 DcomLaunch - ok
15:05:50.0625 3356 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
15:05:50.0640 3356 Dhcp - ok
15:05:50.0687 3356 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:05:50.0687 3356 Disk - ok
15:05:50.0703 3356 dmadmin - ok
15:05:50.0765 3356 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
15:05:50.0781 3356 dmboot - ok
15:05:50.0796 3356 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
15:05:50.0828 3356 dmio - ok
15:05:50.0843 3356 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:05:50.0843 3356 dmload - ok
15:05:50.0875 3356 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
15:05:50.0875 3356 dmserver - ok
15:05:50.0921 3356 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:05:50.0937 3356 DMusic - ok
15:05:51.0000 3356 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
15:05:51.0015 3356 Dnscache - ok
15:05:51.0062 3356 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
15:05:51.0062 3356 Dot3svc - ok
15:05:51.0078 3356 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:05:51.0078 3356 drmkaud - ok
15:05:51.0093 3356 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
15:05:51.0109 3356 EapHost - ok
15:05:51.0140 3356 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
15:05:51.0140 3356 ERSvc - ok
15:05:51.0203 3356 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
15:05:51.0218 3356 Eventlog - ok
15:05:51.0265 3356 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
15:05:51.0296 3356 EventSystem - ok
15:05:51.0328 3356 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:05:51.0343 3356 Fastfat - ok
15:05:51.0375 3356 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
15:05:51.0390 3356 FastUserSwitchingCompatibility - ok
15:05:51.0421 3356 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:05:51.0437 3356 Fdc - ok
15:05:51.0453 3356 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
15:05:51.0468 3356 Fips - ok
15:05:51.0484 3356 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:05:51.0500 3356 Flpydisk - ok
15:05:51.0546 3356 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:05:51.0546 3356 FltMgr - ok
15:05:51.0640 3356 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:05:51.0640 3356 FontCache3.0.0.0 - ok
15:05:51.0656 3356 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:05:51.0656 3356 Fs_Rec - ok
15:05:51.0687 3356 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:05:51.0703 3356 Ftdisk - ok
15:05:51.0734 3356 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:05:51.0750 3356 GEARAspiWDM - ok
15:05:51.0796 3356 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:05:51.0812 3356 Gpc - ok
15:05:51.0828 3356 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:05:51.0843 3356 helpsvc - ok
15:05:51.0875 3356 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
15:05:51.0890 3356 HidServ - ok
15:05:51.0937 3356 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:05:51.0953 3356 hidusb - ok
15:05:52.0000 3356 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
15:05:52.0000 3356 hkmsvc - ok
15:05:52.0046 3356 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:05:52.0062 3356 HTTP - ok
15:05:52.0093 3356 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
15:05:52.0093 3356 HTTPFilter - ok
15:05:52.0125 3356 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\drivers\i8042prt.sys
15:05:52.0140 3356 i8042prt - ok
15:05:52.0218 3356 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
15:05:52.0234 3356 IDriverT - ok
15:05:52.0359 3356 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:05:52.0375 3356 idsvc - ok
15:05:52.0421 3356 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:05:52.0437 3356 Imapi - ok
15:05:52.0468 3356 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
15:05:52.0468 3356 ImapiService - ok
15:05:52.0515 3356 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:05:52.0531 3356 Ip6Fw - ok
15:05:52.0562 3356 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:05:52.0578 3356 IpFilterDriver - ok
15:05:52.0593 3356 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:05:52.0593 3356 IpInIp - ok
15:05:52.0625 3356 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:05:52.0640 3356 IpNat - ok
15:05:52.0734 3356 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
15:05:52.0750 3356 iPod Service - ok
15:05:52.0796 3356 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:05:52.0812 3356 IPSec - ok
15:05:52.0843 3356 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:05:52.0859 3356 IRENUM - ok
15:05:52.0906 3356 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:05:52.0906 3356 isapnp - ok
15:05:52.0984 3356 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
15:05:53.0031 3356 JavaQuickStarterService - ok
15:05:53.0062 3356 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:05:53.0078 3356 Kbdclass - ok
15:05:53.0109 3356 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:05:53.0125 3356 kbdhid - ok
15:05:53.0203 3356 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:05:53.0281 3356 kmixer - ok
15:05:53.0312 3356 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:05:53.0328 3356 KSecDD - ok
15:05:53.0375 3356 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
15:05:53.0390 3356 LanmanServer - ok
15:05:53.0437 3356 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
15:05:53.0468 3356 lanmanworkstation - ok
15:05:53.0515 3356 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
15:05:53.0531 3356 LmHosts - ok
15:05:53.0562 3356 m5289 (2424b13987360840b4bf4e5fb5a66d3f) C:\WINDOWS\system32\DRIVERS\m5289.sys
15:05:53.0578 3356 m5289 - ok
15:05:53.0656 3356 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
15:05:53.0656 3356 McAfee SiteAdvisor Service - ok
15:05:53.0734 3356 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
15:05:53.0750 3356 McComponentHostService - ok
15:05:53.0765 3356 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
15:05:53.0796 3356 Messenger - ok
15:05:53.0828 3356 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:05:53.0843 3356 mnmdd - ok
15:05:53.0875 3356 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
15:05:53.0890 3356 mnmsrvc - ok
15:05:53.0906 3356 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
15:05:53.0921 3356 Modem - ok
15:05:53.0984 3356 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:05:54.0000 3356 Mouclass - ok
15:05:54.0015 3356 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:05:54.0046 3356 mouhid - ok
15:05:54.0062 3356 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:05:54.0078 3356 MountMgr - ok
15:05:54.0093 3356 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:05:54.0109 3356 MRxDAV - ok
15:05:54.0140 3356 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:05:54.0187 3356 MRxSmb - ok
15:05:54.0218 3356 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
15:05:54.0234 3356 MSDTC - ok
15:05:54.0265 3356 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:05:54.0281 3356 Msfs - ok
15:05:54.0281 3356 MSIServer - ok
15:05:54.0375 3356 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:05:54.0375 3356 MSKSSRV - ok
15:05:54.0375 3356 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:05:54.0375 3356 MSPCLOCK - ok
15:05:54.0390 3356 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:05:54.0390 3356 MSPQM - ok
15:05:54.0421 3356 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:05:54.0453 3356 mssmbios - ok
15:05:54.0468 3356 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:05:54.0500 3356 Mup - ok
15:05:54.0531 3356 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
15:05:54.0546 3356 napagent - ok
15:05:54.0656 3356 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
15:05:54.0687 3356 NAUpdate - ok
15:05:54.0765 3356 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
15:05:54.0781 3356 NBService - ok
15:05:54.0890 3356 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:05:54.0906 3356 NDIS - ok
15:05:54.0953 3356 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:05:54.0968 3356 NdisTapi - ok
15:05:55.0015 3356 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:05:55.0015 3356 Ndisuio - ok
15:05:55.0031 3356 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:05:55.0046 3356 NdisWan - ok
15:05:55.0093 3356 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:05:55.0109 3356 NDProxy - ok
15:05:55.0125 3356 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:05:55.0125 3356 NetBIOS - ok
15:05:55.0156 3356 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:05:55.0156 3356 NetBT - ok
15:05:55.0203 3356 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
15:05:55.0218 3356 NetDDE - ok
15:05:55.0218 3356 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
15:05:55.0218 3356 NetDDEdsdm - ok
15:05:55.0250 3356 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:05:55.0265 3356 Netlogon - ok
15:05:55.0375 3356 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
15:05:55.0406 3356 Netman - ok
15:05:55.0500 3356 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:05:55.0500 3356 NetTcpPortSharing - ok
15:05:55.0546 3356 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
15:05:55.0562 3356 Nla - ok
15:05:55.0671 3356 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
15:05:55.0703 3356 NMIndexingService - ok
15:05:55.0718 3356 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:05:55.0734 3356 Npfs - ok
15:05:55.0796 3356 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:05:55.0828 3356 Ntfs - ok
15:05:55.0859 3356 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:05:55.0859 3356 NtLmSsp - ok
15:05:55.0906 3356 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
15:05:55.0921 3356 NtmsSvc - ok
15:05:55.0968 3356 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:05:55.0968 3356 Null - ok
15:05:56.0000 3356 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:05:56.0015 3356 NwlnkFlt - ok
15:05:56.0046 3356 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:05:56.0046 3356 NwlnkFwd - ok
15:05:56.0140 3356 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:05:56.0156 3356 odserv - ok
15:05:56.0218 3356 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
15:05:56.0234 3356 OMSI download service - ok
15:05:56.0265 3356 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:05:56.0265 3356 ose - ok
15:05:56.0343 3356 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
15:05:56.0359 3356 Parport - ok
15:05:56.0375 3356 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:05:56.0390 3356 PartMgr - ok
15:05:56.0421 3356 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
15:05:56.0421 3356 ParVdm - ok
15:05:56.0453 3356 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
15:05:56.0468 3356 PCI - ok
15:05:56.0484 3356 PCIDump - ok
15:05:56.0515 3356 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:05:56.0531 3356 Pcmcia - ok
15:05:56.0593 3356 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
15:05:56.0593 3356 PlugPlay - ok
15:05:56.0640 3356 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:05:56.0640 3356 PolicyAgent - ok
15:05:56.0656 3356 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:05:56.0671 3356 PptpMiniport - ok
15:05:56.0687 3356 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
15:05:56.0703 3356 Processor - ok
15:05:56.0718 3356 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:05:56.0718 3356 ProtectedStorage - ok
15:05:56.0734 3356 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:05:56.0734 3356 PSched - ok
15:05:56.0781 3356 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:05:56.0796 3356 Ptilink - ok
15:05:56.0843 3356 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:05:56.0859 3356 PxHelp20 - ok
15:05:56.0859 3356 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:05:56.0875 3356 RasAcd - ok
15:05:56.0921 3356 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
15:05:56.0937 3356 RasAuto - ok
15:05:56.0968 3356 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:05:56.0984 3356 Rasl2tp - ok
15:05:57.0015 3356 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
15:05:57.0031 3356 RasMan - ok
15:05:57.0046 3356 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:05:57.0062 3356 RasPppoe - ok
15:05:57.0062 3356 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:05:57.0078 3356 Raspti - ok
15:05:57.0109 3356 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:05:57.0109 3356 Rdbss - ok
15:05:57.0109 3356 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:05:57.0125 3356 RDPCDD - ok
15:05:57.0156 3356 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:05:57.0171 3356 rdpdr - ok
15:05:57.0218 3356 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
15:05:57.0234 3356 RDPWD - ok
15:05:57.0250 3356 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
15:05:57.0265 3356 RDSessMgr - ok
15:05:57.0328 3356 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:05:57.0343 3356 redbook - ok
15:05:57.0390 3356 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
15:05:57.0390 3356 RemoteAccess - ok
15:05:57.0437 3356 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
15:05:57.0453 3356 RemoteRegistry - ok
15:05:57.0468 3356 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
15:05:57.0484 3356 RpcLocator - ok
15:05:57.0531 3356 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
15:05:57.0546 3356 RpcSs - ok
15:05:57.0578 3356 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
15:05:57.0593 3356 RSVP - ok
15:05:57.0625 3356 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:05:57.0625 3356 SamSs - ok
15:05:57.0656 3356 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
15:05:57.0671 3356 SCardSvr - ok
15:05:57.0703 3356 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
15:05:57.0718 3356 Schedule - ok
15:05:57.0734 3356 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:05:57.0750 3356 Secdrv - ok
15:05:57.0765 3356 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
15:05:57.0781 3356 seclogon - ok
15:05:57.0828 3356 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
15:05:57.0843 3356 seehcri - ok
15:05:57.0859 3356 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
15:05:57.0859 3356 SENS - ok
15:05:57.0906 3356 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:05:57.0921 3356 serenum - ok
15:05:57.0937 3356 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
15:05:57.0937 3356 Serial - ok
15:05:57.0984 3356 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:05:58.0000 3356 Sfloppy - ok
15:05:58.0046 3356 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
15:05:58.0062 3356 SharedAccess - ok
15:05:58.0093 3356 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
15:05:58.0109 3356 ShellHWDetection - ok
15:05:58.0156 3356 smwdm (f1b8248d5d7e151b8934cdef4424fb6e) C:\WINDOWS\system32\drivers\smwdm.sys
15:05:58.0187 3356 smwdm - ok
15:05:58.0234 3356 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
15:05:58.0250 3356 SoundMAX Agent Service (default) - ok
15:05:58.0265 3356 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:05:58.0265 3356 splitter - ok
15:05:58.0359 3356 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:05:58.0375 3356 Spooler - ok
15:05:58.0437 3356 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
15:05:58.0437 3356 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
15:05:58.0453 3356 sptd ( LockedFile.Multi.Generic ) - warning
15:05:58.0453 3356 sptd - detected LockedFile.Multi.Generic (1)
15:05:58.0500 3356 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
15:05:58.0515 3356 sr - ok
15:05:58.0531 3356 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
15:05:58.0546 3356 srservice - ok
15:05:58.0593 3356 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:05:58.0625 3356 Srv - ok
15:05:58.0671 3356 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
15:05:58.0687 3356 SSDPSRV - ok
15:05:58.0718 3356 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
15:05:58.0734 3356 stisvc - ok
15:05:58.0781 3356 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:05:58.0781 3356 swenum - ok
15:05:58.0828 3356 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:05:58.0843 3356 swmidi - ok
15:05:58.0859 3356 SwPrv - ok
15:05:58.0890 3356 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:05:58.0906 3356 sysaudio - ok
15:05:58.0937 3356 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
15:05:58.0968 3356 SysmonLog - ok
15:05:59.0000 3356 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
15:05:59.0015 3356 TapiSrv - ok
15:05:59.0062 3356 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:05:59.0078 3356 Tcpip - ok
15:05:59.0125 3356 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:05:59.0140 3356 TDPIPE - ok
15:05:59.0171 3356 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:05:59.0171 3356 TDTCP - ok
15:05:59.0218 3356 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:05:59.0234 3356 TermDD - ok
15:05:59.0265 3356 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
15:05:59.0359 3356 TermService - ok
15:05:59.0406 3356 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
15:05:59.0406 3356 Themes - ok
15:05:59.0437 3356 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
15:05:59.0453 3356 TlntSvr - ok
15:05:59.0484 3356 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
15:05:59.0500 3356 TrkWks - ok
15:05:59.0531 3356 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:05:59.0531 3356 Udfs - ok
15:05:59.0593 3356 ULI5261 (564f1f82fb5c0249be0cfee4c826be95) C:\WINDOWS\system32\DRIVERS\ULILAN.SYS
15:05:59.0609 3356 ULI5261 - ok
15:05:59.0640 3356 uliagpkx (4acecaa41d5f1a4cd3c78afc4de0a8c3) C:\WINDOWS\system32\DRIVERS\agpkx.sys
15:05:59.0640 3356 uliagpkx - ok
15:05:59.0671 3356 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:05:59.0687 3356 Update - ok
15:05:59.0718 3356 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
15:05:59.0734 3356 upnphost - ok
15:05:59.0750 3356 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
15:05:59.0750 3356 UPS - ok
15:05:59.0796 3356 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:05:59.0812 3356 usbccgp - ok
15:05:59.0828 3356 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:05:59.0828 3356 usbehci - ok
15:05:59.0859 3356 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:05:59.0890 3356 usbhub - ok
15:05:59.0890 3356 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:05:59.0906 3356 usbohci - ok
15:05:59.0937 3356 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:05:59.0953 3356 usbprint - ok
15:05:59.0984 3356 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:05:59.0984 3356 usbscan - ok
15:06:00.0000 3356 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
15:06:00.0015 3356 usbser - ok
15:06:00.0046 3356 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:06:00.0062 3356 USBSTOR - ok
15:06:00.0093 3356 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:06:00.0109 3356 VgaSave - ok
15:06:00.0140 3356 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
15:06:00.0140 3356 VolSnap - ok
15:06:00.0187 3356 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
15:06:00.0203 3356 VSS - ok
15:06:00.0234 3356 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
15:06:00.0250 3356 W32Time - ok
15:06:00.0328 3356 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:06:00.0359 3356 Wanarp - ok
15:06:00.0406 3356 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:06:00.0421 3356 wdmaud - ok
15:06:00.0437 3356 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
15:06:00.0453 3356 WebClient - ok
15:06:00.0546 3356 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:06:00.0562 3356 winmgmt - ok
15:06:00.0640 3356 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
15:06:00.0687 3356 WinRM - ok
15:06:00.0734 3356 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:06:00.0750 3356 WmdmPmSN - ok
15:06:00.0796 3356 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
15:06:00.0828 3356 Wmi - ok
15:06:00.0890 3356 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:06:00.0921 3356 WmiApSrv - ok
15:06:01.0015 3356 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
15:06:01.0046 3356 WMPNetworkSvc - ok
15:06:01.0078 3356 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:06:01.0078 3356 WpdUsb - ok
15:06:01.0203 3356 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:06:01.0250 3356 WPFFontCache_v0400 - ok
15:06:01.0328 3356 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:06:01.0343 3356 WS2IFSL - ok
15:06:01.0406 3356 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
15:06:01.0421 3356 wscsvc - ok
15:06:01.0437 3356 WSearch - ok
15:06:01.0484 3356 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
15:06:01.0484 3356 wuauserv - ok
15:06:01.0546 3356 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:06:01.0562 3356 WudfPf - ok
15:06:01.0578 3356 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:06:01.0593 3356 WudfRd - ok
15:06:01.0625 3356 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:06:01.0656 3356 WudfSvc - ok
15:06:01.0687 3356 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
15:06:01.0703 3356 WZCSVC - ok
15:06:01.0750 3356 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
15:06:01.0765 3356 xmlprov - ok
15:06:01.0796 3356 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:06:02.0156 3356 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
15:06:02.0156 3356 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
15:06:02.0171 3356 Boot (0x1200) (9be5d266fcadabcb49b4955ca74310d9) \Device\Harddisk0\DR0\Partition0
15:06:02.0171 3356 \Device\Harddisk0\DR0\Partition0 - ok
15:06:02.0171 3356 ============================================================
15:06:02.0171 3356 Scan finished
15:06:02.0171 3356 ============================================================
15:06:02.0187 3348 Detected object count: 2
15:06:02.0187 3348 Actual detected object count: 2
15:06:24.0562 3348 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:06:24.0562 3348 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:06:24.0562 3348 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
15:06:24.0562 3348 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
15:05:41.0921 3192 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
15:05:42.0109 3192 ============================================================
15:05:42.0109 3192 Current date / time: 2012/05/18 15:05:42.0109
15:05:42.0109 3192 SystemInfo:
15:05:42.0109 3192
15:05:42.0109 3192 OS Version: 5.1.2600 ServicePack: 3.0
15:05:42.0109 3192 Product type: Workstation
15:05:42.0109 3192 ComputerName: ANDREJ-PC
15:05:42.0109 3192 UserName: Andrej
15:05:42.0109 3192 Windows directory: C:\WINDOWS
15:05:42.0109 3192 System windows directory: C:\WINDOWS
15:05:42.0109 3192 Processor architecture: Intel x86
15:05:42.0109 3192 Number of processors: 1
15:05:42.0109 3192 Page size: 0x1000
15:05:42.0109 3192 Boot type: Normal boot
15:05:42.0109 3192 ============================================================
15:05:44.0750 3192 Drive \Device\Harddisk0\DR0 - Size: 0x1C9FEF0000 (114.50 Gb), SectorSize: 0x200, Cylinders: 0x3A62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:05:44.0750 3192 ============================================================
15:05:44.0750 3192 \Device\Harddisk0\DR0:
15:05:44.0750 3192 MBR partitions:
15:05:44.0750 3192 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE4F80E2
15:05:44.0750 3192 ============================================================
15:05:44.0781 3192 C: <-> \Device\Harddisk0\DR0\Partition0
15:05:44.0781 3192 ============================================================
15:05:44.0781 3192 Initialize success
15:05:44.0781 3192 ============================================================
15:05:46.0218 3356 ============================================================
15:05:46.0218 3356 Scan started
15:05:46.0218 3356 Mode: Manual;
15:05:46.0218 3356 ============================================================
15:05:47.0265 3356 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
15:05:47.0281 3356 Aavmker4 - ok
15:05:47.0375 3356 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:05:47.0375 3356 ACPI - ok
15:05:47.0421 3356 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:05:47.0421 3356 ACPIEC - ok
15:05:47.0500 3356 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:05:47.0515 3356 AdobeFlashPlayerUpdateSvc - ok
15:05:47.0562 3356 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
15:05:47.0562 3356 aeaudio - ok
15:05:47.0578 3356 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:05:47.0593 3356 aec - ok
15:05:47.0640 3356 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:05:47.0640 3356 AFD - ok
15:05:47.0671 3356 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
15:05:47.0687 3356 Alerter - ok
15:05:47.0718 3356 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
15:05:47.0734 3356 ALG - ok
15:05:47.0750 3356 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
15:05:47.0750 3356 AliIde - ok
15:05:47.0781 3356 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
15:05:47.0796 3356 AmdPPM - ok
15:05:47.0890 3356 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:05:47.0906 3356 Apple Mobile Device - ok
15:05:47.0953 3356 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
15:05:47.0968 3356 AppMgmt - ok
15:05:48.0046 3356 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:05:48.0062 3356 aspnet_state - ok
15:05:48.0093 3356 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
15:05:48.0109 3356 aswFsBlk - ok
15:05:48.0140 3356 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
15:05:48.0156 3356 aswMon2 - ok
15:05:48.0171 3356 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
15:05:48.0187 3356 aswRdr - ok
15:05:48.0218 3356 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
15:05:48.0250 3356 aswSnx - ok
15:05:48.0265 3356 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
15:05:48.0312 3356 aswSP - ok
15:05:48.0328 3356 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
15:05:48.0328 3356 aswTdi - ok
15:05:48.0375 3356 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:05:48.0375 3356 AsyncMac - ok
15:05:48.0406 3356 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:05:48.0406 3356 atapi - ok
15:05:48.0453 3356 Ati HotKey Poller (df7ce16cff3217e71742e3d700844c07) C:\WINDOWS\system32\Ati2evxx.exe
15:05:48.0468 3356 Ati HotKey Poller - ok
15:05:48.0500 3356 ATI Smart (01b14b2ec8123995e2b961d42bac8ef9) C:\WINDOWS\system32\ati2sgag.exe
15:05:48.0531 3356 ATI Smart - ok
15:05:48.0562 3356 ati2mtag (49c75e63b8b23b0e534447ba25ce2e76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:05:48.0593 3356 ati2mtag - ok
15:05:48.0609 3356 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:05:48.0640 3356 Atmarpc - ok
15:05:48.0656 3356 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
15:05:48.0671 3356 AudioSrv - ok
15:05:48.0718 3356 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:05:48.0718 3356 audstub - ok
15:05:48.0796 3356 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:05:48.0812 3356 avast! Antivirus - ok
15:05:49.0781 3356 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:05:49.0781 3356 Beep - ok
15:05:49.0843 3356 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
15:05:49.0890 3356 BITS - ok
15:05:49.0937 3356 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:05:49.0953 3356 Bonjour Service - ok
15:05:50.0000 3356 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
15:05:50.0015 3356 Browser - ok
15:05:50.0031 3356 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:05:50.0046 3356 cbidf2k - ok
15:05:50.0093 3356 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:05:50.0109 3356 Cdaudio - ok
15:05:50.0125 3356 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:05:50.0125 3356 Cdfs - ok
15:05:50.0171 3356 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:05:50.0187 3356 Cdrom - ok
15:05:50.0203 3356 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
15:05:50.0203 3356 CiSvc - ok
15:05:50.0218 3356 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
15:05:50.0234 3356 ClipSrv - ok
15:05:50.0312 3356 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:05:50.0359 3356 clr_optimization_v2.0.50727_32 - ok
15:05:50.0406 3356 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:05:50.0437 3356 clr_optimization_v4.0.30319_32 - ok
15:05:50.0437 3356 COMSysApp - ok
15:05:50.0468 3356 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
15:05:50.0484 3356 CryptSvc - ok
15:05:50.0500 3356 dac2w2k - ok
15:05:50.0546 3356 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
15:05:50.0578 3356 DcomLaunch - ok
15:05:50.0625 3356 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
15:05:50.0640 3356 Dhcp - ok
15:05:50.0687 3356 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:05:50.0687 3356 Disk - ok
15:05:50.0703 3356 dmadmin - ok
15:05:50.0765 3356 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
15:05:50.0781 3356 dmboot - ok
15:05:50.0796 3356 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
15:05:50.0828 3356 dmio - ok
15:05:50.0843 3356 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:05:50.0843 3356 dmload - ok
15:05:50.0875 3356 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
15:05:50.0875 3356 dmserver - ok
15:05:50.0921 3356 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:05:50.0937 3356 DMusic - ok
15:05:51.0000 3356 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
15:05:51.0015 3356 Dnscache - ok
15:05:51.0062 3356 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
15:05:51.0062 3356 Dot3svc - ok
15:05:51.0078 3356 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:05:51.0078 3356 drmkaud - ok
15:05:51.0093 3356 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
15:05:51.0109 3356 EapHost - ok
15:05:51.0140 3356 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
15:05:51.0140 3356 ERSvc - ok
15:05:51.0203 3356 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
15:05:51.0218 3356 Eventlog - ok
15:05:51.0265 3356 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
15:05:51.0296 3356 EventSystem - ok
15:05:51.0328 3356 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:05:51.0343 3356 Fastfat - ok
15:05:51.0375 3356 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
15:05:51.0390 3356 FastUserSwitchingCompatibility - ok
15:05:51.0421 3356 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:05:51.0437 3356 Fdc - ok
15:05:51.0453 3356 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
15:05:51.0468 3356 Fips - ok
15:05:51.0484 3356 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:05:51.0500 3356 Flpydisk - ok
15:05:51.0546 3356 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:05:51.0546 3356 FltMgr - ok
15:05:51.0640 3356 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:05:51.0640 3356 FontCache3.0.0.0 - ok
15:05:51.0656 3356 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:05:51.0656 3356 Fs_Rec - ok
15:05:51.0687 3356 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:05:51.0703 3356 Ftdisk - ok
15:05:51.0734 3356 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:05:51.0750 3356 GEARAspiWDM - ok
15:05:51.0796 3356 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:05:51.0812 3356 Gpc - ok
15:05:51.0828 3356 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:05:51.0843 3356 helpsvc - ok
15:05:51.0875 3356 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
15:05:51.0890 3356 HidServ - ok
15:05:51.0937 3356 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:05:51.0953 3356 hidusb - ok
15:05:52.0000 3356 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
15:05:52.0000 3356 hkmsvc - ok
15:05:52.0046 3356 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:05:52.0062 3356 HTTP - ok
15:05:52.0093 3356 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
15:05:52.0093 3356 HTTPFilter - ok
15:05:52.0125 3356 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\drivers\i8042prt.sys
15:05:52.0140 3356 i8042prt - ok
15:05:52.0218 3356 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
15:05:52.0234 3356 IDriverT - ok
15:05:52.0359 3356 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:05:52.0375 3356 idsvc - ok
15:05:52.0421 3356 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:05:52.0437 3356 Imapi - ok
15:05:52.0468 3356 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
15:05:52.0468 3356 ImapiService - ok
15:05:52.0515 3356 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:05:52.0531 3356 Ip6Fw - ok
15:05:52.0562 3356 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:05:52.0578 3356 IpFilterDriver - ok
15:05:52.0593 3356 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:05:52.0593 3356 IpInIp - ok
15:05:52.0625 3356 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:05:52.0640 3356 IpNat - ok
15:05:52.0734 3356 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
15:05:52.0750 3356 iPod Service - ok
15:05:52.0796 3356 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:05:52.0812 3356 IPSec - ok
15:05:52.0843 3356 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:05:52.0859 3356 IRENUM - ok
15:05:52.0906 3356 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:05:52.0906 3356 isapnp - ok
15:05:52.0984 3356 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
15:05:53.0031 3356 JavaQuickStarterService - ok
15:05:53.0062 3356 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:05:53.0078 3356 Kbdclass - ok
15:05:53.0109 3356 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:05:53.0125 3356 kbdhid - ok
15:05:53.0203 3356 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:05:53.0281 3356 kmixer - ok
15:05:53.0312 3356 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:05:53.0328 3356 KSecDD - ok
15:05:53.0375 3356 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
15:05:53.0390 3356 LanmanServer - ok
15:05:53.0437 3356 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
15:05:53.0468 3356 lanmanworkstation - ok
15:05:53.0515 3356 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
15:05:53.0531 3356 LmHosts - ok
15:05:53.0562 3356 m5289 (2424b13987360840b4bf4e5fb5a66d3f) C:\WINDOWS\system32\DRIVERS\m5289.sys
15:05:53.0578 3356 m5289 - ok
15:05:53.0656 3356 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
15:05:53.0656 3356 McAfee SiteAdvisor Service - ok
15:05:53.0734 3356 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
15:05:53.0750 3356 McComponentHostService - ok
15:05:53.0765 3356 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
15:05:53.0796 3356 Messenger - ok
15:05:53.0828 3356 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:05:53.0843 3356 mnmdd - ok
15:05:53.0875 3356 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
15:05:53.0890 3356 mnmsrvc - ok
15:05:53.0906 3356 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
15:05:53.0921 3356 Modem - ok
15:05:53.0984 3356 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:05:54.0000 3356 Mouclass - ok
15:05:54.0015 3356 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:05:54.0046 3356 mouhid - ok
15:05:54.0062 3356 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:05:54.0078 3356 MountMgr - ok
15:05:54.0093 3356 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:05:54.0109 3356 MRxDAV - ok
15:05:54.0140 3356 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:05:54.0187 3356 MRxSmb - ok
15:05:54.0218 3356 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
15:05:54.0234 3356 MSDTC - ok
15:05:54.0265 3356 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:05:54.0281 3356 Msfs - ok
15:05:54.0281 3356 MSIServer - ok
15:05:54.0375 3356 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:05:54.0375 3356 MSKSSRV - ok
15:05:54.0375 3356 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:05:54.0375 3356 MSPCLOCK - ok
15:05:54.0390 3356 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:05:54.0390 3356 MSPQM - ok
15:05:54.0421 3356 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:05:54.0453 3356 mssmbios - ok
15:05:54.0468 3356 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:05:54.0500 3356 Mup - ok
15:05:54.0531 3356 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
15:05:54.0546 3356 napagent - ok
15:05:54.0656 3356 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
15:05:54.0687 3356 NAUpdate - ok
15:05:54.0765 3356 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
15:05:54.0781 3356 NBService - ok
15:05:54.0890 3356 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:05:54.0906 3356 NDIS - ok
15:05:54.0953 3356 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:05:54.0968 3356 NdisTapi - ok
15:05:55.0015 3356 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:05:55.0015 3356 Ndisuio - ok
15:05:55.0031 3356 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:05:55.0046 3356 NdisWan - ok
15:05:55.0093 3356 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:05:55.0109 3356 NDProxy - ok
15:05:55.0125 3356 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:05:55.0125 3356 NetBIOS - ok
15:05:55.0156 3356 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:05:55.0156 3356 NetBT - ok
15:05:55.0203 3356 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
15:05:55.0218 3356 NetDDE - ok
15:05:55.0218 3356 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
15:05:55.0218 3356 NetDDEdsdm - ok
15:05:55.0250 3356 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:05:55.0265 3356 Netlogon - ok
15:05:55.0375 3356 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
15:05:55.0406 3356 Netman - ok
15:05:55.0500 3356 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:05:55.0500 3356 NetTcpPortSharing - ok
15:05:55.0546 3356 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
15:05:55.0562 3356 Nla - ok
15:05:55.0671 3356 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
15:05:55.0703 3356 NMIndexingService - ok
15:05:55.0718 3356 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:05:55.0734 3356 Npfs - ok
15:05:55.0796 3356 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:05:55.0828 3356 Ntfs - ok
15:05:55.0859 3356 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:05:55.0859 3356 NtLmSsp - ok
15:05:55.0906 3356 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
15:05:55.0921 3356 NtmsSvc - ok
15:05:55.0968 3356 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:05:55.0968 3356 Null - ok
15:05:56.0000 3356 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:05:56.0015 3356 NwlnkFlt - ok
15:05:56.0046 3356 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:05:56.0046 3356 NwlnkFwd - ok
15:05:56.0140 3356 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:05:56.0156 3356 odserv - ok
15:05:56.0218 3356 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
15:05:56.0234 3356 OMSI download service - ok
15:05:56.0265 3356 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:05:56.0265 3356 ose - ok
15:05:56.0343 3356 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
15:05:56.0359 3356 Parport - ok
15:05:56.0375 3356 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:05:56.0390 3356 PartMgr - ok
15:05:56.0421 3356 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
15:05:56.0421 3356 ParVdm - ok
15:05:56.0453 3356 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
15:05:56.0468 3356 PCI - ok
15:05:56.0484 3356 PCIDump - ok
15:05:56.0515 3356 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:05:56.0531 3356 Pcmcia - ok
15:05:56.0593 3356 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
15:05:56.0593 3356 PlugPlay - ok
15:05:56.0640 3356 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:05:56.0640 3356 PolicyAgent - ok
15:05:56.0656 3356 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:05:56.0671 3356 PptpMiniport - ok
15:05:56.0687 3356 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
15:05:56.0703 3356 Processor - ok
15:05:56.0718 3356 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:05:56.0718 3356 ProtectedStorage - ok
15:05:56.0734 3356 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:05:56.0734 3356 PSched - ok
15:05:56.0781 3356 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:05:56.0796 3356 Ptilink - ok
15:05:56.0843 3356 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:05:56.0859 3356 PxHelp20 - ok
15:05:56.0859 3356 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:05:56.0875 3356 RasAcd - ok
15:05:56.0921 3356 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
15:05:56.0937 3356 RasAuto - ok
15:05:56.0968 3356 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:05:56.0984 3356 Rasl2tp - ok
15:05:57.0015 3356 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
15:05:57.0031 3356 RasMan - ok
15:05:57.0046 3356 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:05:57.0062 3356 RasPppoe - ok
15:05:57.0062 3356 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:05:57.0078 3356 Raspti - ok
15:05:57.0109 3356 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:05:57.0109 3356 Rdbss - ok
15:05:57.0109 3356 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:05:57.0125 3356 RDPCDD - ok
15:05:57.0156 3356 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:05:57.0171 3356 rdpdr - ok
15:05:57.0218 3356 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
15:05:57.0234 3356 RDPWD - ok
15:05:57.0250 3356 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
15:05:57.0265 3356 RDSessMgr - ok
15:05:57.0328 3356 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:05:57.0343 3356 redbook - ok
15:05:57.0390 3356 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
15:05:57.0390 3356 RemoteAccess - ok
15:05:57.0437 3356 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
15:05:57.0453 3356 RemoteRegistry - ok
15:05:57.0468 3356 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
15:05:57.0484 3356 RpcLocator - ok
15:05:57.0531 3356 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
15:05:57.0546 3356 RpcSs - ok
15:05:57.0578 3356 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
15:05:57.0593 3356 RSVP - ok
15:05:57.0625 3356 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:05:57.0625 3356 SamSs - ok
15:05:57.0656 3356 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
15:05:57.0671 3356 SCardSvr - ok
15:05:57.0703 3356 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
15:05:57.0718 3356 Schedule - ok
15:05:57.0734 3356 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:05:57.0750 3356 Secdrv - ok
15:05:57.0765 3356 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
15:05:57.0781 3356 seclogon - ok
15:05:57.0828 3356 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
15:05:57.0843 3356 seehcri - ok
15:05:57.0859 3356 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
15:05:57.0859 3356 SENS - ok
15:05:57.0906 3356 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:05:57.0921 3356 serenum - ok
15:05:57.0937 3356 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
15:05:57.0937 3356 Serial - ok
15:05:57.0984 3356 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:05:58.0000 3356 Sfloppy - ok
15:05:58.0046 3356 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
15:05:58.0062 3356 SharedAccess - ok
15:05:58.0093 3356 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
15:05:58.0109 3356 ShellHWDetection - ok
15:05:58.0156 3356 smwdm (f1b8248d5d7e151b8934cdef4424fb6e) C:\WINDOWS\system32\drivers\smwdm.sys
15:05:58.0187 3356 smwdm - ok
15:05:58.0234 3356 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
15:05:58.0250 3356 SoundMAX Agent Service (default) - ok
15:05:58.0265 3356 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:05:58.0265 3356 splitter - ok
15:05:58.0359 3356 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:05:58.0375 3356 Spooler - ok
15:05:58.0437 3356 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
15:05:58.0437 3356 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
15:05:58.0453 3356 sptd ( LockedFile.Multi.Generic ) - warning
15:05:58.0453 3356 sptd - detected LockedFile.Multi.Generic (1)
15:05:58.0500 3356 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
15:05:58.0515 3356 sr - ok
15:05:58.0531 3356 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
15:05:58.0546 3356 srservice - ok
15:05:58.0593 3356 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:05:58.0625 3356 Srv - ok
15:05:58.0671 3356 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
15:05:58.0687 3356 SSDPSRV - ok
15:05:58.0718 3356 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
15:05:58.0734 3356 stisvc - ok
15:05:58.0781 3356 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:05:58.0781 3356 swenum - ok
15:05:58.0828 3356 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:05:58.0843 3356 swmidi - ok
15:05:58.0859 3356 SwPrv - ok
15:05:58.0890 3356 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:05:58.0906 3356 sysaudio - ok
15:05:58.0937 3356 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
15:05:58.0968 3356 SysmonLog - ok
15:05:59.0000 3356 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
15:05:59.0015 3356 TapiSrv - ok
15:05:59.0062 3356 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:05:59.0078 3356 Tcpip - ok
15:05:59.0125 3356 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:05:59.0140 3356 TDPIPE - ok
15:05:59.0171 3356 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:05:59.0171 3356 TDTCP - ok
15:05:59.0218 3356 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:05:59.0234 3356 TermDD - ok
15:05:59.0265 3356 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
15:05:59.0359 3356 TermService - ok
15:05:59.0406 3356 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
15:05:59.0406 3356 Themes - ok
15:05:59.0437 3356 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
15:05:59.0453 3356 TlntSvr - ok
15:05:59.0484 3356 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
15:05:59.0500 3356 TrkWks - ok
15:05:59.0531 3356 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:05:59.0531 3356 Udfs - ok
15:05:59.0593 3356 ULI5261 (564f1f82fb5c0249be0cfee4c826be95) C:\WINDOWS\system32\DRIVERS\ULILAN.SYS
15:05:59.0609 3356 ULI5261 - ok
15:05:59.0640 3356 uliagpkx (4acecaa41d5f1a4cd3c78afc4de0a8c3) C:\WINDOWS\system32\DRIVERS\agpkx.sys
15:05:59.0640 3356 uliagpkx - ok
15:05:59.0671 3356 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:05:59.0687 3356 Update - ok
15:05:59.0718 3356 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
15:05:59.0734 3356 upnphost - ok
15:05:59.0750 3356 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
15:05:59.0750 3356 UPS - ok
15:05:59.0796 3356 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:05:59.0812 3356 usbccgp - ok
15:05:59.0828 3356 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:05:59.0828 3356 usbehci - ok
15:05:59.0859 3356 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:05:59.0890 3356 usbhub - ok
15:05:59.0890 3356 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:05:59.0906 3356 usbohci - ok
15:05:59.0937 3356 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:05:59.0953 3356 usbprint - ok
15:05:59.0984 3356 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:05:59.0984 3356 usbscan - ok
15:06:00.0000 3356 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
15:06:00.0015 3356 usbser - ok
15:06:00.0046 3356 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:06:00.0062 3356 USBSTOR - ok
15:06:00.0093 3356 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:06:00.0109 3356 VgaSave - ok
15:06:00.0140 3356 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
15:06:00.0140 3356 VolSnap - ok
15:06:00.0187 3356 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
15:06:00.0203 3356 VSS - ok
15:06:00.0234 3356 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
15:06:00.0250 3356 W32Time - ok
15:06:00.0328 3356 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:06:00.0359 3356 Wanarp - ok
15:06:00.0406 3356 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:06:00.0421 3356 wdmaud - ok
15:06:00.0437 3356 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
15:06:00.0453 3356 WebClient - ok
15:06:00.0546 3356 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:06:00.0562 3356 winmgmt - ok
15:06:00.0640 3356 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
15:06:00.0687 3356 WinRM - ok
15:06:00.0734 3356 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:06:00.0750 3356 WmdmPmSN - ok
15:06:00.0796 3356 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
15:06:00.0828 3356 Wmi - ok
15:06:00.0890 3356 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:06:00.0921 3356 WmiApSrv - ok
15:06:01.0015 3356 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
15:06:01.0046 3356 WMPNetworkSvc - ok
15:06:01.0078 3356 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:06:01.0078 3356 WpdUsb - ok
15:06:01.0203 3356 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:06:01.0250 3356 WPFFontCache_v0400 - ok
15:06:01.0328 3356 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:06:01.0343 3356 WS2IFSL - ok
15:06:01.0406 3356 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
15:06:01.0421 3356 wscsvc - ok
15:06:01.0437 3356 WSearch - ok
15:06:01.0484 3356 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
15:06:01.0484 3356 wuauserv - ok
15:06:01.0546 3356 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:06:01.0562 3356 WudfPf - ok
15:06:01.0578 3356 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:06:01.0593 3356 WudfRd - ok
15:06:01.0625 3356 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:06:01.0656 3356 WudfSvc - ok
15:06:01.0687 3356 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
15:06:01.0703 3356 WZCSVC - ok
15:06:01.0750 3356 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
15:06:01.0765 3356 xmlprov - ok
15:06:01.0796 3356 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:06:02.0156 3356 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
15:06:02.0156 3356 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
15:06:02.0171 3356 Boot (0x1200) (9be5d266fcadabcb49b4955ca74310d9) \Device\Harddisk0\DR0\Partition0
15:06:02.0171 3356 \Device\Harddisk0\DR0\Partition0 - ok
15:06:02.0171 3356 ============================================================
15:06:02.0171 3356 Scan finished
15:06:02.0171 3356 ============================================================
15:06:02.0187 3348 Detected object count: 2
15:06:02.0187 3348 Actual detected object count: 2
15:06:24.0562 3348 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:06:24.0562 3348 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:06:24.0562 3348 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
15:06:24.0562 3348 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
Re: Prosím o kontrolu Logu
Kód: Vybrat vše
MBRScan v1.1.1
OS : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR : x86 Family 15 Model 44 Stepping 2, AuthenticAMD
BOOT : Normal Boot
DATE : 2012/05/18 (ISO 8601) at 17:29:04
________________________________________________________________________________
DISK : Device\Harddisk0\DR0 __Maxtor 6L120P0 (BAJ41G20)
BUS_TYPE : (0x03) P-ATA
USE_PIO : YES
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
Device\Harddisk0\DR0 114.5 Go [Fixed] ==> XP MBR Code
MBR_MD5 : B5612D2663288CDE1870C791DEF84AB8
MBR_SHA1 : F3846671D4E3AF0D349DD5EBFCCAB0B6B73DE5D5
Device\Harddisk0\Partition1 114.5 Go 0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________
############################### Additional scan ################################
SystemStartOptions : NOEXECUTE=OPTIN FASTDETECT
________________________________________________________________________________
_______MBR \Device\Harddisk0\DR0
0x00000000 33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C 3À.м.|ûP.P.ü¾.|
0x00000010 BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04 ¿..PW¹å.ó¤Ë½¾.±.
0x00000020 38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5 8n.|.u..Å.âôÍ..õ
0x00000030 83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B .Æ.It.8,tö.µ.´..
0x00000040 F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88 ð¬<.tü»..´.Í.ëò.
0x00000050 4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B N.èF.s*þF..~..t.
0x00000060 80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83 .~..t..¶.uÒ.F...
0x00000070 46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB F...V..è!.s..¶.ë
0x00000080 BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0 ¼.>þ}Uªt..~..tÈ.
0x00000090 B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56 ·.ë©.ü.W.õË¿...V
0x000000A0 00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC .´.Í.r#.Á$?..Þ.ü
0x000000B0 43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56 C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0 0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C .w#r.9F.s.¸..».|
0x000000D0 8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A .N..V.Í.sQOtN2ä.
0x000000E0 56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD V.Í.ëä.V.`»ªU´AÍ
0x000000F0 13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60 .r6.ûUªu0öÁ.t+a`
0x00000100 6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A j.j..v..v.j.h.|j
0x00000110 01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B .j.´B.ôÍ.aas.Ot.
0x00000120 32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 49 6E 76 61 2ä.V.Í.ëÖaùÃInva
0x00000130 6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61 lid partition ta
0x00000140 62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E ble.Error loadin
0x00000150 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x00000160 65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61 em.Missing opera
0x00000170 74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00 ting system.....
0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 2C 44 63 FA B2 FA B2 00 00 80 01 .....,Dcú²ú²....
0x000001C0 01 00 07 FE FF FF 3F 00 00 00 E2 80 4F 0E 00 00 ...þ..?...â.O...
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
__________________________16_BIT_ASM_CODE
0x0000 33c0 XOR AX, AX
0x0002 8ed0 MOV SS, AX
0x0004 bc 007c MOV SP, 0x7c00
0x0007 fb STI
0x0008 50 PUSH AX
0x0009 07 POP ES
0x000A 50 PUSH AX
0x000B 1f POP DS
0x000C fc CLD
0x000D be 1b7c MOV SI, 0x7c1b
0x0010 bf 1b06 MOV DI, 0x61b
0x0013 50 PUSH AX
0x0014 57 PUSH DI
0x0015 b9 e501 MOV CX, 0x1e5
0x0018 f3 a4 REP MOVSB
0x001A cb RETF
0x001B bd be07 MOV BP, 0x7be
0x001E b1 04 MOV CL, 0x4
0x0020 386e 00 CMP [BP+0x0], CH
0x0023 7c 09 JL 0x2e
0x0025 75 13 JNZ 0x3a
0x0027 83c5 10 ADD BP, 0x10
0x002A e2 f4 LOOP 0x20
0x002C cd 18 INT 0x18
0x002E 8bf5 MOV SI, BP
0x0030 83c6 10 ADD SI, 0x10
0x0033 49 DEC CX
0x0034 74 19 JZ 0x4f
0x0036 382c CMP [SI], CH
0x0038 74 f6 JZ 0x30
0x003A a0 b507 MOV AL, [0x7b5]
0x003D b4 07 MOV AH, 0x7
0x003F 8bf0 MOV SI, AX
0x0041 ac LODSB
0x0042 3c 00 CMP AL, 0x0
0x0044 74 fc JZ 0x42
0x0046 bb 0700 MOV BX, 0x7
0x0049 b4 0e MOV AH, 0xe
0x004B cd 10 INT 0x10
0x004D eb f2 JMP 0x41
0x004F 884e 10 MOV [BP+0x10], CL
0x0052 e8 4600 CALL 0x9b
0x0055 73 2a JAE 0x81
0x0057 fe46 10 INC BYTE [BP+0x10]
0x005A 807e 04 0b CMP BYTE [BP+0x4], 0xb
0x005E 74 0b JZ 0x6b
0x0060 807e 04 0c CMP BYTE [BP+0x4], 0xc
0x0064 74 05 JZ 0x6b
0x0066 a0 b607 MOV AL, [0x7b6]
0x0069 75 d2 JNZ 0x3d
0x006B 8046 02 06 ADD BYTE [BP+0x2], 0x6
0x006F 8346 08 06 ADD WORD [BP+0x8], 0x6
0x0073 8356 0a 00 ADC WORD [BP+0xa], 0x0
0x0077 e8 2100 CALL 0x9b
0x007A 73 05 JAE 0x81
0x007C a0 b607 MOV AL, [0x7b6]
0x007F eb bc JMP 0x3d
0x0081 813e fe7d 55aa CMP WORD [0x7dfe], 0xaa55
0x0087 74 0b JZ 0x94
0x0089 807e 10 00 CMP BYTE [BP+0x10], 0x0
0x008D 74 c8 JZ 0x57
0x008F a0 b707 MOV AL, [0x7b7]
0x0092 eb a9 JMP 0x3d
0x0094 8bfc MOV DI, SP
0x0096 1e PUSH DS
0x0097 57 PUSH DI
0x0098 8bf5 MOV SI, BP
0x009A cb RETF
0x009B bf 0500 MOV DI, 0x5
0x009E 8a56 00 MOV DL, [BP+0x0]
0x00A1 b4 08 MOV AH, 0x8
0x00A3 cd 13 INT 0x13
0x00A5 72 23 JB 0xca
0x00A7 8ac1 MOV AL, CL
0x00A9 24 3f AND AL, 0x3f
0x00AB 98 CBW
0x00AC 8ade MOV BL, DH
0x00AE 8afc MOV BH, AH
0x00B0 43 INC BX
0x00B1 f7e3 MUL BX
0x00B3 8bd1 MOV DX, CX
0x00B5 86d6 XCHG DH, DL
0x00B7 b1 06 MOV CL, 0x6
0x00B9 d2ee SHR DH, CL
0x00BB 42 INC DX
0x00BC f7e2 MUL DX
0x00BE 3956 0a CMP [BP+0xa], DX
0x00C1 77 23 JA 0xe6
0x00C3 72 05 JB 0xca
0x00C5 3946 08 CMP [BP+0x8], AX
0x00C8 73 1c JAE 0xe6
0x00CA b8 0102 MOV AX, 0x201
0x00CD bb 007c MOV BX, 0x7c00
0x00D0 8b4e 02 MOV CX, [BP+0x2]
0x00D3 8b56 00 MOV DX, [BP+0x0]
0x00D6 cd 13 INT 0x13
0x00D8 73 51 JAE 0x12b
0x00DA 4f DEC DI
0x00DB 74 4e JZ 0x12b
0x00DD 32e4 XOR AH, AH
0x00DF 8a56 00 MOV DL, [BP+0x0]
0x00E2 cd 13 INT 0x13
0x00E4 eb e4 JMP 0xca
0x00E6 8a56 00 MOV DL, [BP+0x0]
0x00E9 60 PUSHA
0x00EA bb aa55 MOV BX, 0x55aa
0x00ED b4 41 MOV AH, 0x41
0x00EF cd 13 INT 0x13
0x00F1 72 36 JB 0x129
0x00F3 81fb 55aa CMP BX, 0xaa55
0x00F7 75 30 JNZ 0x129
0x00F9 f6c1 01 TEST CL, 0x1
0x00FC 74 2b JZ 0x129
0x00FE 61 POPA
0x00FF 60 PUSHA
0x0100 6a 00 PUSH 0x0
0x0102 6a 00 PUSH 0x0
0x0104 ff76 0a PUSH WORD [BP+0xa]
0x0107 ff76 08 PUSH WORD [BP+0x8]
0x010A 6a 00 PUSH 0x0
0x010C 68 007c PUSH 0x7c00
0x010F 6a 01 PUSH 0x1
0x0111 6a 10 PUSH 0x10
0x0113 b4 42 MOV AH, 0x42
0x0115 8bf4 MOV SI, SP
0x0117 cd 13 INT 0x13
0x0119 61 POPA
0x011A 61 POPA
0x011B 73 0e JAE 0x12b
0x011D 4f DEC DI
0x011E 74 0b JZ 0x12b
0x0120 32e4 XOR AH, AH
0x0122 8a56 00 MOV DL, [BP+0x0]
0x0125 cd 13 INT 0x13
0x0127 eb d6 JMP 0xff
0x0129 61 POPA
0x012A f9 STC
0x012B c3 RET
0x012C 49 DEC CX
0x012D 6e OUTSB
0x012E 76 61 JBE 0x191
0x0130 6c INSB
0x0131 6964 20 7061 IMUL SP, [SI+0x20], 0x6170
0x0136 72 74 JB 0x1ac
0x0138 6974 69 6f6e IMUL SI, [SI+0x69], 0x6e6f
0x013D 2074 61 AND [SI+0x61], DH
0x0140 626c 65 BOUND BP, [SI+0x65]
0x0143 0045 72 ADD [DI+0x72], AL
0x0146 72 6f JB 0x1b7
0x0148 72 20 JB 0x16a
0x014A 6c INSB
0x014B 6f OUTSW
0x014C 61 POPA
0x014D 64 696e 67 206f IMUL BP, FS:[BP+0x67], 0x6f20
0x0153 70 65 JO 0x1ba
0x0155 72 61 JB 0x1b8
0x0157 74 69 JZ 0x1c2
0x0159 6e OUTSB
0x015A 67 2073 79 AND [EBX+0x79], DH
0x015E 73 74 JAE 0x1d4
0x0160 65 6d INS WORD GS:[DI], DX
0x0162 004d 69 ADD [DI+0x69], CL
0x0165 73 73 JAE 0x1da
0x0167 696e 67 206f IMUL BP, [BP+0x67], 0x6f20
0x016C 70 65 JO 0x1d3
0x016E 72 61 JB 0x1d1
0x0170 74 69 JZ 0x1db
0x0172 6e OUTSB
0x0173 67 2073 79 AND [EBX+0x79], DH
0x0177 73 74 JAE 0x1ed
0x0179 65 6d INS WORD GS:[DI], DX
0x017B 0000 ADD [BX+SI], AL
0x017D 0000 ADD [BX+SI], AL
0x017F 0000 ADD [BX+SI], AL
0x0181 0000 ADD [BX+SI], AL
0x0183 0000 ADD [BX+SI], AL
0x0185 0000 ADD [BX+SI], AL
0x0187 0000 ADD [BX+SI], AL
0x0189 0000 ADD [BX+SI], AL
0x018B 0000 ADD [BX+SI], AL
0x018D 0000 ADD [BX+SI], AL
0x018F 0000 ADD [BX+SI], AL
0x0191 0000 ADD [BX+SI], AL
0x0193 0000 ADD [BX+SI], AL
0x0195 0000 ADD [BX+SI], AL
0x0197 0000 ADD [BX+SI], AL
0x0199 0000 ADD [BX+SI], AL
0x019B 0000 ADD [BX+SI], AL
0x019D 0000 ADD [BX+SI], AL
0x019F 0000 ADD [BX+SI], AL
0x01A1 0000 ADD [BX+SI], AL
0x01A3 0000 ADD [BX+SI], AL
0x01A5 0000 ADD [BX+SI], AL
0x01A7 0000 ADD [BX+SI], AL
0x01A9 0000 ADD [BX+SI], AL
0x01AB 0000 ADD [BX+SI], AL
0x01AD 0000 ADD [BX+SI], AL
0x01AF 0000 ADD [BX+SI], AL
0x01B1 0000 ADD [BX+SI], AL
0x01B3 0000 ADD [BX+SI], AL
0x01B5 2c 44 SUB AL, 0x44
0x01B7 63fa ARPL DX, DI
0x01B9 b2 fa MOV DL, 0xfa
0x01BB b2 00 MOV DL, 0x0
0x01BD 0080 0101 ADD [BX+SI+0x101], AL
0x01C1 0007 ADD [BX], AL
0x01C3 fe DB 0xfe
0x01C4 ff DB 0xff
0x01C5 ff DB 0xff
0x01C6 3f AAS
0x01C7 0000 ADD [BX+SI], AL
0x01C9 00e2 ADD DL, AH
0x01CB 804f 0e 00 OR BYTE [BX+0xe], 0x0
0x01CF 0000 ADD [BX+SI], AL
0x01D1 0000 ADD [BX+SI], AL
0x01D3 0000 ADD [BX+SI], AL
0x01D5 0000 ADD [BX+SI], AL
0x01D7 0000 ADD [BX+SI], AL
0x01D9 0000 ADD [BX+SI], AL
0x01DB 0000 ADD [BX+SI], AL
0x01DD 0000 ADD [BX+SI], AL
0x01DF 0000 ADD [BX+SI], AL
0x01E1 0000 ADD [BX+SI], AL
0x01E3 0000 ADD [BX+SI], AL
0x01E5 0000 ADD [BX+SI], AL
0x01E7 0000 ADD [BX+SI], AL
0x01E9 0000 ADD [BX+SI], AL
0x01EB 0000 ADD [BX+SI], AL
0x01ED 0000 ADD [BX+SI], AL
0x01EF 0000 ADD [BX+SI], AL
0x01F1 0000 ADD [BX+SI], AL
0x01F3 0000 ADD [BX+SI], AL
0x01F5 0000 ADD [BX+SI], AL
0x01F7 0000 ADD [BX+SI], AL
0x01F9 0000 ADD [BX+SI], AL
0x01FB 0000 ADD [BX+SI], AL
0x01FD 0055 aa ADD [DI-0x56], DL
Re: Prosím o kontrolu Logu
Pise mi to tu za pripona dat nie je povolena.
Re: Prosím o kontrolu Logu
Ziadna zmena
19:34:57.0531 2536 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
19:34:57.0796 2536 ============================================================
19:34:57.0796 2536 Current date / time: 2012/05/18 19:34:57.0796
19:34:57.0796 2536 SystemInfo:
19:34:57.0796 2536
19:34:57.0796 2536 OS Version: 5.1.2600 ServicePack: 3.0
19:34:57.0796 2536 Product type: Workstation
19:34:57.0796 2536 ComputerName: ANDREJ-PC
19:34:57.0796 2536 UserName: Andrej
19:34:57.0796 2536 Windows directory: C:\WINDOWS
19:34:57.0796 2536 System windows directory: C:\WINDOWS
19:34:57.0796 2536 Processor architecture: Intel x86
19:34:57.0796 2536 Number of processors: 1
19:34:57.0796 2536 Page size: 0x1000
19:34:57.0796 2536 Boot type: Normal boot
19:34:57.0796 2536 ============================================================
19:35:03.0531 2536 Drive \Device\Harddisk0\DR0 - Size: 0x1C9FEF0000 (114.50 Gb), SectorSize: 0x200, Cylinders: 0x3A62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:35:03.0609 2536 ============================================================
19:35:03.0609 2536 \Device\Harddisk0\DR0:
19:35:03.0609 2536 MBR partitions:
19:35:03.0609 2536 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE4F80E2
19:35:03.0609 2536 ============================================================
19:35:03.0625 2536 C: <-> \Device\Harddisk0\DR0\Partition0
19:35:03.0625 2536 ============================================================
19:35:03.0625 2536 Initialize success
19:35:03.0625 2536 ============================================================
19:35:05.0203 3752 ============================================================
19:35:05.0203 3752 Scan started
19:35:05.0203 3752 Mode: Manual;
19:35:05.0203 3752 ============================================================
19:35:06.0546 3752 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
19:35:06.0562 3752 Aavmker4 - ok
19:35:06.0625 3752 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:35:06.0640 3752 ACPI - ok
19:35:06.0671 3752 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:35:06.0687 3752 ACPIEC - ok
19:35:06.0765 3752 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:35:06.0812 3752 AdobeFlashPlayerUpdateSvc - ok
19:35:06.0875 3752 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
19:35:06.0875 3752 aeaudio - ok
19:35:06.0890 3752 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:35:06.0906 3752 aec - ok
19:35:06.0953 3752 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:35:06.0968 3752 AFD - ok
19:35:07.0000 3752 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
19:35:07.0015 3752 Alerter - ok
19:35:07.0093 3752 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
19:35:07.0140 3752 ALG - ok
19:35:07.0171 3752 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:35:07.0171 3752 AliIde - ok
19:35:07.0234 3752 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
19:35:07.0250 3752 AmdPPM - ok
19:35:07.0343 3752 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:35:07.0359 3752 Apple Mobile Device - ok
19:35:07.0390 3752 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
19:35:07.0437 3752 AppMgmt - ok
19:35:07.0562 3752 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:35:07.0609 3752 aspnet_state - ok
19:35:07.0656 3752 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:35:07.0671 3752 aswFsBlk - ok
19:35:07.0718 3752 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
19:35:07.0734 3752 aswMon2 - ok
19:35:07.0750 3752 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
19:35:07.0765 3752 aswRdr - ok
19:35:07.0843 3752 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
19:35:07.0859 3752 aswSnx - ok
19:35:07.0890 3752 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
19:35:07.0906 3752 aswSP - ok
19:35:07.0921 3752 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
19:35:07.0921 3752 aswTdi - ok
19:35:07.0968 3752 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:35:07.0968 3752 AsyncMac - ok
19:35:08.0000 3752 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:35:08.0000 3752 atapi - ok
19:35:08.0046 3752 Ati HotKey Poller (df7ce16cff3217e71742e3d700844c07) C:\WINDOWS\system32\Ati2evxx.exe
19:35:08.0062 3752 Ati HotKey Poller - ok
19:35:08.0093 3752 ATI Smart (01b14b2ec8123995e2b961d42bac8ef9) C:\WINDOWS\system32\ati2sgag.exe
19:35:08.0125 3752 ATI Smart - ok
19:35:08.0156 3752 ati2mtag (49c75e63b8b23b0e534447ba25ce2e76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:35:08.0187 3752 ati2mtag - ok
19:35:08.0218 3752 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:35:08.0234 3752 Atmarpc - ok
19:35:08.0250 3752 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
19:35:08.0265 3752 AudioSrv - ok
19:35:08.0312 3752 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:35:08.0312 3752 audstub - ok
19:35:08.0406 3752 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:35:08.0421 3752 avast! Antivirus - ok
19:35:08.0515 3752 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:35:08.0515 3752 Beep - ok
19:35:08.0578 3752 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
19:35:08.0625 3752 BITS - ok
19:35:08.0703 3752 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:35:08.0718 3752 Bonjour Service - ok
19:35:08.0750 3752 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
19:35:08.0765 3752 Browser - ok
19:35:08.0828 3752 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:35:08.0843 3752 cbidf2k - ok
19:35:08.0859 3752 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:35:08.0875 3752 Cdaudio - ok
19:35:08.0890 3752 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:35:08.0890 3752 Cdfs - ok
19:35:08.0937 3752 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:35:08.0953 3752 Cdrom - ok
19:35:08.0984 3752 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
19:35:08.0984 3752 CiSvc - ok
19:35:09.0000 3752 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
19:35:09.0015 3752 ClipSrv - ok
19:35:09.0109 3752 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:35:09.0203 3752 clr_optimization_v2.0.50727_32 - ok
19:35:09.0531 3752 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:35:09.0562 3752 clr_optimization_v4.0.30319_32 - ok
19:35:09.0578 3752 COMSysApp - ok
19:35:09.0625 3752 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
19:35:09.0640 3752 CryptSvc - ok
19:35:09.0640 3752 dac2w2k - ok
19:35:09.0703 3752 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
19:35:09.0734 3752 DcomLaunch - ok
19:35:09.0765 3752 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
19:35:09.0812 3752 Dhcp - ok
19:35:09.0859 3752 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:35:09.0875 3752 Disk - ok
19:35:09.0875 3752 dmadmin - ok
19:35:09.0937 3752 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
19:35:09.0968 3752 dmboot - ok
19:35:09.0984 3752 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
19:35:10.0000 3752 dmio - ok
19:35:10.0031 3752 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:35:10.0031 3752 dmload - ok
19:35:10.0062 3752 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
19:35:10.0062 3752 dmserver - ok
19:35:10.0109 3752 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:35:10.0125 3752 DMusic - ok
19:35:10.0171 3752 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
19:35:10.0187 3752 Dnscache - ok
19:35:10.0234 3752 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
19:35:10.0234 3752 Dot3svc - ok
19:35:10.0250 3752 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:35:10.0250 3752 drmkaud - ok
19:35:10.0296 3752 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
19:35:10.0312 3752 EapHost - ok
19:35:10.0359 3752 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
19:35:10.0375 3752 ERSvc - ok
19:35:10.0437 3752 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
19:35:10.0453 3752 Eventlog - ok
19:35:10.0500 3752 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
19:35:10.0515 3752 EventSystem - ok
19:35:10.0562 3752 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:35:10.0562 3752 Fastfat - ok
19:35:10.0593 3752 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
19:35:10.0609 3752 FastUserSwitchingCompatibility - ok
19:35:10.0640 3752 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:35:10.0656 3752 Fdc - ok
19:35:10.0671 3752 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
19:35:10.0703 3752 Fips - ok
19:35:10.0718 3752 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:35:10.0734 3752 Flpydisk - ok
19:35:10.0765 3752 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:35:10.0781 3752 FltMgr - ok
19:35:10.0875 3752 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:35:10.0875 3752 FontCache3.0.0.0 - ok
19:35:10.0906 3752 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:35:10.0906 3752 Fs_Rec - ok
19:35:10.0937 3752 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:35:10.0937 3752 Ftdisk - ok
19:35:11.0000 3752 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:35:11.0000 3752 GEARAspiWDM - ok
19:35:11.0031 3752 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:35:11.0046 3752 Gpc - ok
19:35:11.0062 3752 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:35:11.0078 3752 helpsvc - ok
19:35:11.0109 3752 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
19:35:11.0140 3752 HidServ - ok
19:35:11.0187 3752 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:35:11.0187 3752 hidusb - ok
19:35:11.0234 3752 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
19:35:11.0250 3752 hkmsvc - ok
19:35:11.0296 3752 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:35:11.0312 3752 HTTP - ok
19:35:11.0359 3752 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
19:35:11.0390 3752 HTTPFilter - ok
19:35:11.0453 3752 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\drivers\i8042prt.sys
19:35:11.0484 3752 i8042prt - ok
19:35:11.0578 3752 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
19:35:11.0578 3752 IDriverT - ok
19:35:11.0687 3752 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:35:11.0734 3752 idsvc - ok
19:35:11.0765 3752 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:35:11.0796 3752 Imapi - ok
19:35:11.0859 3752 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
19:35:11.0875 3752 ImapiService - ok
19:35:11.0921 3752 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:35:11.0937 3752 Ip6Fw - ok
19:35:11.0968 3752 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:35:11.0984 3752 IpFilterDriver - ok
19:35:11.0984 3752 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:35:12.0000 3752 IpInIp - ok
19:35:12.0015 3752 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:35:12.0031 3752 IpNat - ok
19:35:12.0140 3752 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
19:35:12.0171 3752 iPod Service - ok
19:35:12.0203 3752 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:35:12.0218 3752 IPSec - ok
19:35:12.0250 3752 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:35:12.0265 3752 IRENUM - ok
19:35:12.0343 3752 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:35:12.0343 3752 isapnp - ok
19:35:12.0515 3752 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
19:35:12.0562 3752 JavaQuickStarterService - ok
19:35:12.0593 3752 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:35:12.0609 3752 Kbdclass - ok
19:35:12.0625 3752 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:35:12.0625 3752 kbdhid - ok
19:35:12.0671 3752 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:35:12.0671 3752 kmixer - ok
19:35:12.0718 3752 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:35:12.0734 3752 KSecDD - ok
19:35:12.0781 3752 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
19:35:12.0828 3752 LanmanServer - ok
19:35:12.0890 3752 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
19:35:12.0906 3752 lanmanworkstation - ok
19:35:12.0953 3752 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
19:35:12.0968 3752 LmHosts - ok
19:35:13.0000 3752 m5289 (2424b13987360840b4bf4e5fb5a66d3f) C:\WINDOWS\system32\DRIVERS\m5289.sys
19:35:13.0015 3752 m5289 - ok
19:35:13.0093 3752 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
19:35:13.0093 3752 McAfee SiteAdvisor Service - ok
19:35:13.0203 3752 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
19:35:13.0218 3752 McComponentHostService - ok
19:35:13.0234 3752 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
19:35:13.0250 3752 Messenger - ok
19:35:13.0296 3752 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:35:13.0296 3752 mnmdd - ok
19:35:13.0343 3752 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
19:35:13.0343 3752 mnmsrvc - ok
19:35:13.0375 3752 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
19:35:13.0390 3752 Modem - ok
19:35:13.0453 3752 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:35:13.0484 3752 Mouclass - ok
19:35:13.0500 3752 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:35:13.0515 3752 mouhid - ok
19:35:13.0531 3752 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:35:13.0562 3752 MountMgr - ok
19:35:13.0578 3752 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:35:13.0578 3752 MRxDAV - ok
19:35:13.0625 3752 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:35:13.0656 3752 MRxSmb - ok
19:35:13.0703 3752 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
19:35:13.0703 3752 MSDTC - ok
19:35:13.0750 3752 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:35:13.0781 3752 Msfs - ok
19:35:13.0781 3752 MSIServer - ok
19:35:13.0828 3752 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:35:13.0828 3752 MSKSSRV - ok
19:35:13.0843 3752 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:35:13.0843 3752 MSPCLOCK - ok
19:35:13.0843 3752 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:35:13.0859 3752 MSPQM - ok
19:35:13.0890 3752 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:35:13.0906 3752 mssmbios - ok
19:35:13.0937 3752 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:35:13.0953 3752 Mup - ok
19:35:14.0000 3752 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
19:35:14.0015 3752 napagent - ok
19:35:14.0140 3752 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
19:35:14.0156 3752 NAUpdate - ok
19:35:14.0234 3752 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
19:35:14.0265 3752 NBService - ok
19:35:14.0375 3752 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:35:14.0390 3752 NDIS - ok
19:35:14.0453 3752 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:35:14.0484 3752 NdisTapi - ok
19:35:14.0531 3752 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:35:14.0531 3752 Ndisuio - ok
19:35:14.0546 3752 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:35:14.0562 3752 NdisWan - ok
19:35:14.0609 3752 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:35:14.0625 3752 NDProxy - ok
19:35:14.0640 3752 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:35:14.0656 3752 NetBIOS - ok
19:35:14.0671 3752 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:35:14.0671 3752 NetBT - ok
19:35:14.0718 3752 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
19:35:14.0734 3752 NetDDE - ok
19:35:14.0734 3752 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
19:35:14.0750 3752 NetDDEdsdm - ok
19:35:14.0765 3752 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:35:14.0781 3752 Netlogon - ok
19:35:14.0812 3752 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
19:35:14.0828 3752 Netman - ok
19:35:14.0937 3752 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:35:14.0937 3752 NetTcpPortSharing - ok
19:35:14.0984 3752 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
19:35:15.0000 3752 Nla - ok
19:35:15.0109 3752 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
19:35:15.0140 3752 NMIndexingService - ok
19:35:15.0171 3752 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:35:15.0171 3752 Npfs - ok
19:35:15.0250 3752 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:35:15.0281 3752 Ntfs - ok
19:35:15.0312 3752 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:35:15.0312 3752 NtLmSsp - ok
19:35:15.0359 3752 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
19:35:15.0437 3752 NtmsSvc - ok
19:35:15.0468 3752 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:35:15.0468 3752 Null - ok
19:35:15.0531 3752 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:35:15.0546 3752 NwlnkFlt - ok
19:35:15.0562 3752 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:35:15.0578 3752 NwlnkFwd - ok
19:35:15.0671 3752 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:35:15.0703 3752 odserv - ok
19:35:15.0843 3752 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
19:35:15.0859 3752 OMSI download service - ok
19:35:15.0890 3752 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:35:15.0890 3752 ose - ok
19:35:15.0937 3752 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
19:35:15.0953 3752 Parport - ok
19:35:15.0984 3752 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:35:15.0984 3752 PartMgr - ok
19:35:16.0031 3752 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
19:35:16.0031 3752 ParVdm - ok
19:35:16.0046 3752 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
19:35:16.0078 3752 PCI - ok
19:35:16.0093 3752 PCIDump - ok
19:35:16.0140 3752 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:35:16.0156 3752 Pcmcia - ok
19:35:16.0203 3752 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
19:35:16.0218 3752 PlugPlay - ok
19:35:16.0234 3752 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:35:16.0250 3752 PolicyAgent - ok
19:35:16.0281 3752 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:35:16.0296 3752 PptpMiniport - ok
19:35:16.0312 3752 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
19:35:16.0328 3752 Processor - ok
19:35:16.0343 3752 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:35:16.0343 3752 ProtectedStorage - ok
19:35:16.0359 3752 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:35:16.0359 3752 PSched - ok
19:35:16.0406 3752 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:35:16.0437 3752 Ptilink - ok
19:35:16.0531 3752 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:35:16.0562 3752 PxHelp20 - ok
19:35:16.0578 3752 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:35:16.0593 3752 RasAcd - ok
19:35:16.0640 3752 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
19:35:16.0656 3752 RasAuto - ok
19:35:16.0703 3752 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:35:16.0750 3752 Rasl2tp - ok
19:35:16.0781 3752 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
19:35:16.0812 3752 RasMan - ok
19:35:16.0828 3752 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:35:16.0843 3752 RasPppoe - ok
19:35:16.0859 3752 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:35:16.0859 3752 Raspti - ok
19:35:16.0921 3752 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:35:16.0921 3752 Rdbss - ok
19:35:16.0937 3752 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:35:16.0937 3752 RDPCDD - ok
19:35:16.0968 3752 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:35:17.0000 3752 rdpdr - ok
19:35:17.0046 3752 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
19:35:17.0062 3752 RDPWD - ok
19:35:17.0078 3752 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
19:35:17.0093 3752 RDSessMgr - ok
19:35:17.0125 3752 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:35:17.0140 3752 redbook - ok
19:35:17.0187 3752 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
19:35:17.0187 3752 RemoteAccess - ok
19:35:17.0234 3752 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
19:35:17.0250 3752 RemoteRegistry - ok
19:35:17.0265 3752 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
19:35:17.0281 3752 RpcLocator - ok
19:35:17.0343 3752 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
19:35:17.0343 3752 RpcSs - ok
19:35:17.0375 3752 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
19:35:17.0390 3752 RSVP - ok
19:35:17.0500 3752 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:35:17.0515 3752 SamSs - ok
19:35:17.0546 3752 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
19:35:17.0562 3752 SCardSvr - ok
19:35:17.0656 3752 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
19:35:17.0687 3752 Schedule - ok
19:35:17.0703 3752 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:35:17.0718 3752 Secdrv - ok
19:35:17.0734 3752 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
19:35:17.0750 3752 seclogon - ok
19:35:17.0796 3752 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
19:35:17.0812 3752 seehcri - ok
19:35:17.0828 3752 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
19:35:17.0843 3752 SENS - ok
19:35:17.0890 3752 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:35:17.0906 3752 serenum - ok
19:35:17.0921 3752 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
19:35:17.0921 3752 Serial - ok
19:35:17.0968 3752 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:35:17.0968 3752 Sfloppy - ok
19:35:18.0031 3752 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
19:35:18.0046 3752 SharedAccess - ok
19:35:18.0093 3752 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
19:35:18.0093 3752 ShellHWDetection - ok
19:35:18.0140 3752 smwdm (f1b8248d5d7e151b8934cdef4424fb6e) C:\WINDOWS\system32\drivers\smwdm.sys
19:35:18.0171 3752 smwdm - ok
19:35:18.0234 3752 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
19:35:18.0234 3752 SoundMAX Agent Service (default) - ok
19:35:18.0265 3752 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:35:18.0265 3752 splitter - ok
19:35:18.0312 3752 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:35:18.0312 3752 Spooler - ok
19:35:18.0390 3752 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
19:35:18.0390 3752 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
19:35:18.0390 3752 sptd ( LockedFile.Multi.Generic ) - warning
19:35:18.0390 3752 sptd - detected LockedFile.Multi.Generic (1)
19:35:18.0531 3752 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
19:35:18.0546 3752 sr - ok
19:35:18.0578 3752 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
19:35:18.0593 3752 srservice - ok
19:35:18.0625 3752 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:35:18.0656 3752 Srv - ok
19:35:18.0703 3752 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
19:35:18.0718 3752 SSDPSRV - ok
19:35:18.0734 3752 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
19:35:18.0765 3752 stisvc - ok
19:35:18.0812 3752 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:35:18.0812 3752 swenum - ok
19:35:18.0859 3752 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:35:18.0875 3752 swmidi - ok
19:35:18.0875 3752 SwPrv - ok
19:35:18.0906 3752 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:35:18.0906 3752 sysaudio - ok
19:35:18.0937 3752 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
19:35:18.0953 3752 SysmonLog - ok
19:35:18.0984 3752 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
19:35:19.0000 3752 TapiSrv - ok
19:35:19.0062 3752 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:35:19.0078 3752 Tcpip - ok
19:35:19.0125 3752 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:35:19.0140 3752 TDPIPE - ok
19:35:19.0156 3752 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:35:19.0171 3752 TDTCP - ok
19:35:19.0203 3752 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:35:19.0218 3752 TermDD - ok
19:35:19.0250 3752 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
19:35:19.0265 3752 TermService - ok
19:35:19.0312 3752 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
19:35:19.0312 3752 Themes - ok
19:35:19.0343 3752 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
19:35:19.0359 3752 TlntSvr - ok
19:35:19.0390 3752 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
19:35:19.0484 3752 TrkWks - ok
19:35:19.0515 3752 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:35:19.0562 3752 Udfs - ok
19:35:19.0625 3752 ULI5261 (564f1f82fb5c0249be0cfee4c826be95) C:\WINDOWS\system32\DRIVERS\ULILAN.SYS
19:35:19.0640 3752 ULI5261 - ok
19:35:19.0656 3752 uliagpkx (4acecaa41d5f1a4cd3c78afc4de0a8c3) C:\WINDOWS\system32\DRIVERS\agpkx.sys
19:35:19.0671 3752 uliagpkx - ok
19:35:19.0687 3752 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:35:19.0718 3752 Update - ok
19:35:19.0750 3752 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
19:35:19.0765 3752 upnphost - ok
19:35:19.0781 3752 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
19:35:19.0796 3752 UPS - ok
19:35:19.0828 3752 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:35:19.0843 3752 usbccgp - ok
19:35:19.0859 3752 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:35:19.0859 3752 usbehci - ok
19:35:19.0890 3752 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:35:19.0921 3752 usbhub - ok
19:35:19.0937 3752 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:35:19.0953 3752 usbohci - ok
19:35:19.0984 3752 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:35:20.0000 3752 usbprint - ok
19:35:20.0031 3752 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:35:20.0031 3752 usbscan - ok
19:35:20.0062 3752 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
19:35:20.0062 3752 usbser - ok
19:35:20.0093 3752 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:35:20.0125 3752 USBSTOR - ok
19:35:20.0140 3752 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:35:20.0156 3752 VgaSave - ok
19:35:20.0171 3752 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
19:35:20.0187 3752 VolSnap - ok
19:35:20.0218 3752 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
19:35:20.0250 3752 VSS - ok
19:35:20.0281 3752 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
19:35:20.0296 3752 W32Time - ok
19:35:20.0328 3752 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:35:20.0343 3752 Wanarp - ok
19:35:20.0390 3752 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:35:20.0390 3752 wdmaud - ok
19:35:20.0484 3752 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
19:35:20.0515 3752 WebClient - ok
19:35:20.0625 3752 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:35:20.0656 3752 winmgmt - ok
19:35:20.0750 3752 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
19:35:20.0796 3752 WinRM - ok
19:35:20.0843 3752 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
19:35:20.0843 3752 WmdmPmSN - ok
19:35:20.0906 3752 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
19:35:20.0937 3752 Wmi - ok
19:35:21.0015 3752 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:35:21.0031 3752 WmiApSrv - ok
19:35:21.0140 3752 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
19:35:21.0156 3752 WMPNetworkSvc - ok
19:35:21.0265 3752 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:35:21.0296 3752 WpdUsb - ok
19:35:21.0421 3752 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:35:21.0546 3752 WPFFontCache_v0400 - ok
19:35:21.0593 3752 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:35:21.0609 3752 WS2IFSL - ok
19:35:21.0656 3752 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
19:35:21.0671 3752 wscsvc - ok
19:35:21.0687 3752 WSearch - ok
19:35:21.0734 3752 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
19:35:21.0734 3752 wuauserv - ok
19:35:21.0796 3752 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:35:21.0812 3752 WudfPf - ok
19:35:21.0843 3752 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:35:21.0859 3752 WudfRd - ok
19:35:21.0890 3752 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
19:35:21.0906 3752 WudfSvc - ok
19:35:21.0937 3752 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
19:35:21.0968 3752 WZCSVC - ok
19:35:22.0000 3752 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
19:35:22.0015 3752 xmlprov - ok
19:35:22.0046 3752 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:35:22.0406 3752 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
19:35:22.0406 3752 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
19:35:22.0437 3752 Boot (0x1200) (9be5d266fcadabcb49b4955ca74310d9) \Device\Harddisk0\DR0\Partition0
19:35:22.0437 3752 \Device\Harddisk0\DR0\Partition0 - ok
19:35:22.0453 3752 ============================================================
19:35:22.0453 3752 Scan finished
19:35:22.0453 3752 ============================================================
19:35:22.0468 2304 Detected object count: 2
19:35:22.0468 2304 Actual detected object count: 2
19:35:29.0937 2304 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:35:29.0937 2304 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:35:29.0937 2304 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
19:35:29.0937 2304 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
19:34:57.0531 2536 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
19:34:57.0796 2536 ============================================================
19:34:57.0796 2536 Current date / time: 2012/05/18 19:34:57.0796
19:34:57.0796 2536 SystemInfo:
19:34:57.0796 2536
19:34:57.0796 2536 OS Version: 5.1.2600 ServicePack: 3.0
19:34:57.0796 2536 Product type: Workstation
19:34:57.0796 2536 ComputerName: ANDREJ-PC
19:34:57.0796 2536 UserName: Andrej
19:34:57.0796 2536 Windows directory: C:\WINDOWS
19:34:57.0796 2536 System windows directory: C:\WINDOWS
19:34:57.0796 2536 Processor architecture: Intel x86
19:34:57.0796 2536 Number of processors: 1
19:34:57.0796 2536 Page size: 0x1000
19:34:57.0796 2536 Boot type: Normal boot
19:34:57.0796 2536 ============================================================
19:35:03.0531 2536 Drive \Device\Harddisk0\DR0 - Size: 0x1C9FEF0000 (114.50 Gb), SectorSize: 0x200, Cylinders: 0x3A62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:35:03.0609 2536 ============================================================
19:35:03.0609 2536 \Device\Harddisk0\DR0:
19:35:03.0609 2536 MBR partitions:
19:35:03.0609 2536 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE4F80E2
19:35:03.0609 2536 ============================================================
19:35:03.0625 2536 C: <-> \Device\Harddisk0\DR0\Partition0
19:35:03.0625 2536 ============================================================
19:35:03.0625 2536 Initialize success
19:35:03.0625 2536 ============================================================
19:35:05.0203 3752 ============================================================
19:35:05.0203 3752 Scan started
19:35:05.0203 3752 Mode: Manual;
19:35:05.0203 3752 ============================================================
19:35:06.0546 3752 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
19:35:06.0562 3752 Aavmker4 - ok
19:35:06.0625 3752 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:35:06.0640 3752 ACPI - ok
19:35:06.0671 3752 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:35:06.0687 3752 ACPIEC - ok
19:35:06.0765 3752 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:35:06.0812 3752 AdobeFlashPlayerUpdateSvc - ok
19:35:06.0875 3752 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
19:35:06.0875 3752 aeaudio - ok
19:35:06.0890 3752 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:35:06.0906 3752 aec - ok
19:35:06.0953 3752 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:35:06.0968 3752 AFD - ok
19:35:07.0000 3752 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
19:35:07.0015 3752 Alerter - ok
19:35:07.0093 3752 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
19:35:07.0140 3752 ALG - ok
19:35:07.0171 3752 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:35:07.0171 3752 AliIde - ok
19:35:07.0234 3752 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
19:35:07.0250 3752 AmdPPM - ok
19:35:07.0343 3752 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:35:07.0359 3752 Apple Mobile Device - ok
19:35:07.0390 3752 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
19:35:07.0437 3752 AppMgmt - ok
19:35:07.0562 3752 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:35:07.0609 3752 aspnet_state - ok
19:35:07.0656 3752 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:35:07.0671 3752 aswFsBlk - ok
19:35:07.0718 3752 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
19:35:07.0734 3752 aswMon2 - ok
19:35:07.0750 3752 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
19:35:07.0765 3752 aswRdr - ok
19:35:07.0843 3752 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
19:35:07.0859 3752 aswSnx - ok
19:35:07.0890 3752 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
19:35:07.0906 3752 aswSP - ok
19:35:07.0921 3752 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
19:35:07.0921 3752 aswTdi - ok
19:35:07.0968 3752 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:35:07.0968 3752 AsyncMac - ok
19:35:08.0000 3752 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:35:08.0000 3752 atapi - ok
19:35:08.0046 3752 Ati HotKey Poller (df7ce16cff3217e71742e3d700844c07) C:\WINDOWS\system32\Ati2evxx.exe
19:35:08.0062 3752 Ati HotKey Poller - ok
19:35:08.0093 3752 ATI Smart (01b14b2ec8123995e2b961d42bac8ef9) C:\WINDOWS\system32\ati2sgag.exe
19:35:08.0125 3752 ATI Smart - ok
19:35:08.0156 3752 ati2mtag (49c75e63b8b23b0e534447ba25ce2e76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:35:08.0187 3752 ati2mtag - ok
19:35:08.0218 3752 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:35:08.0234 3752 Atmarpc - ok
19:35:08.0250 3752 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
19:35:08.0265 3752 AudioSrv - ok
19:35:08.0312 3752 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:35:08.0312 3752 audstub - ok
19:35:08.0406 3752 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:35:08.0421 3752 avast! Antivirus - ok
19:35:08.0515 3752 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:35:08.0515 3752 Beep - ok
19:35:08.0578 3752 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
19:35:08.0625 3752 BITS - ok
19:35:08.0703 3752 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:35:08.0718 3752 Bonjour Service - ok
19:35:08.0750 3752 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
19:35:08.0765 3752 Browser - ok
19:35:08.0828 3752 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:35:08.0843 3752 cbidf2k - ok
19:35:08.0859 3752 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:35:08.0875 3752 Cdaudio - ok
19:35:08.0890 3752 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:35:08.0890 3752 Cdfs - ok
19:35:08.0937 3752 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:35:08.0953 3752 Cdrom - ok
19:35:08.0984 3752 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
19:35:08.0984 3752 CiSvc - ok
19:35:09.0000 3752 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
19:35:09.0015 3752 ClipSrv - ok
19:35:09.0109 3752 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:35:09.0203 3752 clr_optimization_v2.0.50727_32 - ok
19:35:09.0531 3752 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:35:09.0562 3752 clr_optimization_v4.0.30319_32 - ok
19:35:09.0578 3752 COMSysApp - ok
19:35:09.0625 3752 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
19:35:09.0640 3752 CryptSvc - ok
19:35:09.0640 3752 dac2w2k - ok
19:35:09.0703 3752 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
19:35:09.0734 3752 DcomLaunch - ok
19:35:09.0765 3752 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
19:35:09.0812 3752 Dhcp - ok
19:35:09.0859 3752 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:35:09.0875 3752 Disk - ok
19:35:09.0875 3752 dmadmin - ok
19:35:09.0937 3752 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
19:35:09.0968 3752 dmboot - ok
19:35:09.0984 3752 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
19:35:10.0000 3752 dmio - ok
19:35:10.0031 3752 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:35:10.0031 3752 dmload - ok
19:35:10.0062 3752 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
19:35:10.0062 3752 dmserver - ok
19:35:10.0109 3752 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:35:10.0125 3752 DMusic - ok
19:35:10.0171 3752 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
19:35:10.0187 3752 Dnscache - ok
19:35:10.0234 3752 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
19:35:10.0234 3752 Dot3svc - ok
19:35:10.0250 3752 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:35:10.0250 3752 drmkaud - ok
19:35:10.0296 3752 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
19:35:10.0312 3752 EapHost - ok
19:35:10.0359 3752 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
19:35:10.0375 3752 ERSvc - ok
19:35:10.0437 3752 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
19:35:10.0453 3752 Eventlog - ok
19:35:10.0500 3752 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
19:35:10.0515 3752 EventSystem - ok
19:35:10.0562 3752 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:35:10.0562 3752 Fastfat - ok
19:35:10.0593 3752 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
19:35:10.0609 3752 FastUserSwitchingCompatibility - ok
19:35:10.0640 3752 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:35:10.0656 3752 Fdc - ok
19:35:10.0671 3752 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
19:35:10.0703 3752 Fips - ok
19:35:10.0718 3752 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:35:10.0734 3752 Flpydisk - ok
19:35:10.0765 3752 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:35:10.0781 3752 FltMgr - ok
19:35:10.0875 3752 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:35:10.0875 3752 FontCache3.0.0.0 - ok
19:35:10.0906 3752 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:35:10.0906 3752 Fs_Rec - ok
19:35:10.0937 3752 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:35:10.0937 3752 Ftdisk - ok
19:35:11.0000 3752 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:35:11.0000 3752 GEARAspiWDM - ok
19:35:11.0031 3752 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:35:11.0046 3752 Gpc - ok
19:35:11.0062 3752 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:35:11.0078 3752 helpsvc - ok
19:35:11.0109 3752 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
19:35:11.0140 3752 HidServ - ok
19:35:11.0187 3752 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:35:11.0187 3752 hidusb - ok
19:35:11.0234 3752 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
19:35:11.0250 3752 hkmsvc - ok
19:35:11.0296 3752 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:35:11.0312 3752 HTTP - ok
19:35:11.0359 3752 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
19:35:11.0390 3752 HTTPFilter - ok
19:35:11.0453 3752 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\drivers\i8042prt.sys
19:35:11.0484 3752 i8042prt - ok
19:35:11.0578 3752 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
19:35:11.0578 3752 IDriverT - ok
19:35:11.0687 3752 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:35:11.0734 3752 idsvc - ok
19:35:11.0765 3752 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:35:11.0796 3752 Imapi - ok
19:35:11.0859 3752 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
19:35:11.0875 3752 ImapiService - ok
19:35:11.0921 3752 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:35:11.0937 3752 Ip6Fw - ok
19:35:11.0968 3752 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:35:11.0984 3752 IpFilterDriver - ok
19:35:11.0984 3752 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:35:12.0000 3752 IpInIp - ok
19:35:12.0015 3752 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:35:12.0031 3752 IpNat - ok
19:35:12.0140 3752 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
19:35:12.0171 3752 iPod Service - ok
19:35:12.0203 3752 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:35:12.0218 3752 IPSec - ok
19:35:12.0250 3752 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:35:12.0265 3752 IRENUM - ok
19:35:12.0343 3752 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:35:12.0343 3752 isapnp - ok
19:35:12.0515 3752 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
19:35:12.0562 3752 JavaQuickStarterService - ok
19:35:12.0593 3752 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:35:12.0609 3752 Kbdclass - ok
19:35:12.0625 3752 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:35:12.0625 3752 kbdhid - ok
19:35:12.0671 3752 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:35:12.0671 3752 kmixer - ok
19:35:12.0718 3752 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:35:12.0734 3752 KSecDD - ok
19:35:12.0781 3752 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
19:35:12.0828 3752 LanmanServer - ok
19:35:12.0890 3752 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
19:35:12.0906 3752 lanmanworkstation - ok
19:35:12.0953 3752 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
19:35:12.0968 3752 LmHosts - ok
19:35:13.0000 3752 m5289 (2424b13987360840b4bf4e5fb5a66d3f) C:\WINDOWS\system32\DRIVERS\m5289.sys
19:35:13.0015 3752 m5289 - ok
19:35:13.0093 3752 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
19:35:13.0093 3752 McAfee SiteAdvisor Service - ok
19:35:13.0203 3752 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
19:35:13.0218 3752 McComponentHostService - ok
19:35:13.0234 3752 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
19:35:13.0250 3752 Messenger - ok
19:35:13.0296 3752 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:35:13.0296 3752 mnmdd - ok
19:35:13.0343 3752 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
19:35:13.0343 3752 mnmsrvc - ok
19:35:13.0375 3752 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
19:35:13.0390 3752 Modem - ok
19:35:13.0453 3752 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:35:13.0484 3752 Mouclass - ok
19:35:13.0500 3752 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:35:13.0515 3752 mouhid - ok
19:35:13.0531 3752 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:35:13.0562 3752 MountMgr - ok
19:35:13.0578 3752 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:35:13.0578 3752 MRxDAV - ok
19:35:13.0625 3752 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:35:13.0656 3752 MRxSmb - ok
19:35:13.0703 3752 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
19:35:13.0703 3752 MSDTC - ok
19:35:13.0750 3752 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:35:13.0781 3752 Msfs - ok
19:35:13.0781 3752 MSIServer - ok
19:35:13.0828 3752 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:35:13.0828 3752 MSKSSRV - ok
19:35:13.0843 3752 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:35:13.0843 3752 MSPCLOCK - ok
19:35:13.0843 3752 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:35:13.0859 3752 MSPQM - ok
19:35:13.0890 3752 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:35:13.0906 3752 mssmbios - ok
19:35:13.0937 3752 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:35:13.0953 3752 Mup - ok
19:35:14.0000 3752 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
19:35:14.0015 3752 napagent - ok
19:35:14.0140 3752 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
19:35:14.0156 3752 NAUpdate - ok
19:35:14.0234 3752 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
19:35:14.0265 3752 NBService - ok
19:35:14.0375 3752 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:35:14.0390 3752 NDIS - ok
19:35:14.0453 3752 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:35:14.0484 3752 NdisTapi - ok
19:35:14.0531 3752 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:35:14.0531 3752 Ndisuio - ok
19:35:14.0546 3752 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:35:14.0562 3752 NdisWan - ok
19:35:14.0609 3752 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:35:14.0625 3752 NDProxy - ok
19:35:14.0640 3752 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:35:14.0656 3752 NetBIOS - ok
19:35:14.0671 3752 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:35:14.0671 3752 NetBT - ok
19:35:14.0718 3752 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
19:35:14.0734 3752 NetDDE - ok
19:35:14.0734 3752 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
19:35:14.0750 3752 NetDDEdsdm - ok
19:35:14.0765 3752 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:35:14.0781 3752 Netlogon - ok
19:35:14.0812 3752 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
19:35:14.0828 3752 Netman - ok
19:35:14.0937 3752 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:35:14.0937 3752 NetTcpPortSharing - ok
19:35:14.0984 3752 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
19:35:15.0000 3752 Nla - ok
19:35:15.0109 3752 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
19:35:15.0140 3752 NMIndexingService - ok
19:35:15.0171 3752 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:35:15.0171 3752 Npfs - ok
19:35:15.0250 3752 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:35:15.0281 3752 Ntfs - ok
19:35:15.0312 3752 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:35:15.0312 3752 NtLmSsp - ok
19:35:15.0359 3752 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
19:35:15.0437 3752 NtmsSvc - ok
19:35:15.0468 3752 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:35:15.0468 3752 Null - ok
19:35:15.0531 3752 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:35:15.0546 3752 NwlnkFlt - ok
19:35:15.0562 3752 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:35:15.0578 3752 NwlnkFwd - ok
19:35:15.0671 3752 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:35:15.0703 3752 odserv - ok
19:35:15.0843 3752 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
19:35:15.0859 3752 OMSI download service - ok
19:35:15.0890 3752 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:35:15.0890 3752 ose - ok
19:35:15.0937 3752 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
19:35:15.0953 3752 Parport - ok
19:35:15.0984 3752 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:35:15.0984 3752 PartMgr - ok
19:35:16.0031 3752 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
19:35:16.0031 3752 ParVdm - ok
19:35:16.0046 3752 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
19:35:16.0078 3752 PCI - ok
19:35:16.0093 3752 PCIDump - ok
19:35:16.0140 3752 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:35:16.0156 3752 Pcmcia - ok
19:35:16.0203 3752 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
19:35:16.0218 3752 PlugPlay - ok
19:35:16.0234 3752 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:35:16.0250 3752 PolicyAgent - ok
19:35:16.0281 3752 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:35:16.0296 3752 PptpMiniport - ok
19:35:16.0312 3752 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
19:35:16.0328 3752 Processor - ok
19:35:16.0343 3752 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:35:16.0343 3752 ProtectedStorage - ok
19:35:16.0359 3752 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:35:16.0359 3752 PSched - ok
19:35:16.0406 3752 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:35:16.0437 3752 Ptilink - ok
19:35:16.0531 3752 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:35:16.0562 3752 PxHelp20 - ok
19:35:16.0578 3752 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:35:16.0593 3752 RasAcd - ok
19:35:16.0640 3752 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
19:35:16.0656 3752 RasAuto - ok
19:35:16.0703 3752 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:35:16.0750 3752 Rasl2tp - ok
19:35:16.0781 3752 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
19:35:16.0812 3752 RasMan - ok
19:35:16.0828 3752 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:35:16.0843 3752 RasPppoe - ok
19:35:16.0859 3752 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:35:16.0859 3752 Raspti - ok
19:35:16.0921 3752 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:35:16.0921 3752 Rdbss - ok
19:35:16.0937 3752 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:35:16.0937 3752 RDPCDD - ok
19:35:16.0968 3752 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:35:17.0000 3752 rdpdr - ok
19:35:17.0046 3752 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
19:35:17.0062 3752 RDPWD - ok
19:35:17.0078 3752 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
19:35:17.0093 3752 RDSessMgr - ok
19:35:17.0125 3752 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:35:17.0140 3752 redbook - ok
19:35:17.0187 3752 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
19:35:17.0187 3752 RemoteAccess - ok
19:35:17.0234 3752 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
19:35:17.0250 3752 RemoteRegistry - ok
19:35:17.0265 3752 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
19:35:17.0281 3752 RpcLocator - ok
19:35:17.0343 3752 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
19:35:17.0343 3752 RpcSs - ok
19:35:17.0375 3752 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
19:35:17.0390 3752 RSVP - ok
19:35:17.0500 3752 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:35:17.0515 3752 SamSs - ok
19:35:17.0546 3752 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
19:35:17.0562 3752 SCardSvr - ok
19:35:17.0656 3752 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
19:35:17.0687 3752 Schedule - ok
19:35:17.0703 3752 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:35:17.0718 3752 Secdrv - ok
19:35:17.0734 3752 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
19:35:17.0750 3752 seclogon - ok
19:35:17.0796 3752 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
19:35:17.0812 3752 seehcri - ok
19:35:17.0828 3752 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
19:35:17.0843 3752 SENS - ok
19:35:17.0890 3752 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:35:17.0906 3752 serenum - ok
19:35:17.0921 3752 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
19:35:17.0921 3752 Serial - ok
19:35:17.0968 3752 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:35:17.0968 3752 Sfloppy - ok
19:35:18.0031 3752 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
19:35:18.0046 3752 SharedAccess - ok
19:35:18.0093 3752 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
19:35:18.0093 3752 ShellHWDetection - ok
19:35:18.0140 3752 smwdm (f1b8248d5d7e151b8934cdef4424fb6e) C:\WINDOWS\system32\drivers\smwdm.sys
19:35:18.0171 3752 smwdm - ok
19:35:18.0234 3752 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
19:35:18.0234 3752 SoundMAX Agent Service (default) - ok
19:35:18.0265 3752 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:35:18.0265 3752 splitter - ok
19:35:18.0312 3752 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:35:18.0312 3752 Spooler - ok
19:35:18.0390 3752 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
19:35:18.0390 3752 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
19:35:18.0390 3752 sptd ( LockedFile.Multi.Generic ) - warning
19:35:18.0390 3752 sptd - detected LockedFile.Multi.Generic (1)
19:35:18.0531 3752 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
19:35:18.0546 3752 sr - ok
19:35:18.0578 3752 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
19:35:18.0593 3752 srservice - ok
19:35:18.0625 3752 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:35:18.0656 3752 Srv - ok
19:35:18.0703 3752 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
19:35:18.0718 3752 SSDPSRV - ok
19:35:18.0734 3752 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
19:35:18.0765 3752 stisvc - ok
19:35:18.0812 3752 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:35:18.0812 3752 swenum - ok
19:35:18.0859 3752 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:35:18.0875 3752 swmidi - ok
19:35:18.0875 3752 SwPrv - ok
19:35:18.0906 3752 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:35:18.0906 3752 sysaudio - ok
19:35:18.0937 3752 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
19:35:18.0953 3752 SysmonLog - ok
19:35:18.0984 3752 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
19:35:19.0000 3752 TapiSrv - ok
19:35:19.0062 3752 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:35:19.0078 3752 Tcpip - ok
19:35:19.0125 3752 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:35:19.0140 3752 TDPIPE - ok
19:35:19.0156 3752 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:35:19.0171 3752 TDTCP - ok
19:35:19.0203 3752 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:35:19.0218 3752 TermDD - ok
19:35:19.0250 3752 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
19:35:19.0265 3752 TermService - ok
19:35:19.0312 3752 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
19:35:19.0312 3752 Themes - ok
19:35:19.0343 3752 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
19:35:19.0359 3752 TlntSvr - ok
19:35:19.0390 3752 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
19:35:19.0484 3752 TrkWks - ok
19:35:19.0515 3752 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:35:19.0562 3752 Udfs - ok
19:35:19.0625 3752 ULI5261 (564f1f82fb5c0249be0cfee4c826be95) C:\WINDOWS\system32\DRIVERS\ULILAN.SYS
19:35:19.0640 3752 ULI5261 - ok
19:35:19.0656 3752 uliagpkx (4acecaa41d5f1a4cd3c78afc4de0a8c3) C:\WINDOWS\system32\DRIVERS\agpkx.sys
19:35:19.0671 3752 uliagpkx - ok
19:35:19.0687 3752 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:35:19.0718 3752 Update - ok
19:35:19.0750 3752 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
19:35:19.0765 3752 upnphost - ok
19:35:19.0781 3752 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
19:35:19.0796 3752 UPS - ok
19:35:19.0828 3752 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:35:19.0843 3752 usbccgp - ok
19:35:19.0859 3752 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:35:19.0859 3752 usbehci - ok
19:35:19.0890 3752 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:35:19.0921 3752 usbhub - ok
19:35:19.0937 3752 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:35:19.0953 3752 usbohci - ok
19:35:19.0984 3752 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:35:20.0000 3752 usbprint - ok
19:35:20.0031 3752 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:35:20.0031 3752 usbscan - ok
19:35:20.0062 3752 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
19:35:20.0062 3752 usbser - ok
19:35:20.0093 3752 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:35:20.0125 3752 USBSTOR - ok
19:35:20.0140 3752 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:35:20.0156 3752 VgaSave - ok
19:35:20.0171 3752 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
19:35:20.0187 3752 VolSnap - ok
19:35:20.0218 3752 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
19:35:20.0250 3752 VSS - ok
19:35:20.0281 3752 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
19:35:20.0296 3752 W32Time - ok
19:35:20.0328 3752 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:35:20.0343 3752 Wanarp - ok
19:35:20.0390 3752 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:35:20.0390 3752 wdmaud - ok
19:35:20.0484 3752 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
19:35:20.0515 3752 WebClient - ok
19:35:20.0625 3752 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:35:20.0656 3752 winmgmt - ok
19:35:20.0750 3752 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
19:35:20.0796 3752 WinRM - ok
19:35:20.0843 3752 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
19:35:20.0843 3752 WmdmPmSN - ok
19:35:20.0906 3752 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
19:35:20.0937 3752 Wmi - ok
19:35:21.0015 3752 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:35:21.0031 3752 WmiApSrv - ok
19:35:21.0140 3752 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
19:35:21.0156 3752 WMPNetworkSvc - ok
19:35:21.0265 3752 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:35:21.0296 3752 WpdUsb - ok
19:35:21.0421 3752 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:35:21.0546 3752 WPFFontCache_v0400 - ok
19:35:21.0593 3752 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:35:21.0609 3752 WS2IFSL - ok
19:35:21.0656 3752 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
19:35:21.0671 3752 wscsvc - ok
19:35:21.0687 3752 WSearch - ok
19:35:21.0734 3752 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
19:35:21.0734 3752 wuauserv - ok
19:35:21.0796 3752 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:35:21.0812 3752 WudfPf - ok
19:35:21.0843 3752 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:35:21.0859 3752 WudfRd - ok
19:35:21.0890 3752 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
19:35:21.0906 3752 WudfSvc - ok
19:35:21.0937 3752 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
19:35:21.0968 3752 WZCSVC - ok
19:35:22.0000 3752 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
19:35:22.0015 3752 xmlprov - ok
19:35:22.0046 3752 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:35:22.0406 3752 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
19:35:22.0406 3752 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
19:35:22.0437 3752 Boot (0x1200) (9be5d266fcadabcb49b4955ca74310d9) \Device\Harddisk0\DR0\Partition0
19:35:22.0437 3752 \Device\Harddisk0\DR0\Partition0 - ok
19:35:22.0453 3752 ============================================================
19:35:22.0453 3752 Scan finished
19:35:22.0453 3752 ============================================================
19:35:22.0468 2304 Detected object count: 2
19:35:22.0468 2304 Actual detected object count: 2
19:35:29.0937 2304 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:35:29.0937 2304 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:35:29.0937 2304 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
19:35:29.0937 2304 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
Přispějete na provoz fóra?