Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/
Kód: Vybrat vše
Logfile of random's system information tool 1.09 (written by random/random)
Run by RADKA at 2012-03-24 20:57:10
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 205 GB (86%) free of 238 GB
Total RAM: 2047 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:57:19, on 24.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Users\RADKA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\RADKA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\RADKA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\RADKA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\RADKA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\RADKA\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Users\RADKA\Desktop\RSIT.exe
C:\Program Files\trend micro\RADKA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
O2 - BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - (no file)
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\RapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\RapidownGet.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\Rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\Rapidown.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F06D6CE6-E9F0-4CCA-B22F-B4D774463CBD}: NameServer = 192.168.24.2,213.46.172.37
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
--
End of file - 7991 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2113884054-3851899101-3007325117-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2113884054-3851899101-3007325117-1001UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\RADKA\AppData\Roaming\Mozilla\Firefox\Profiles\ykzjht4c.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f86e7f6b0000000000000250f2000001&tlver=1.4.35.10&affID=100842"
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@gamersfirst.com/LiveLauncher]
"Description"=GamersFirst LIVE! Web Launcher
"Path"=C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files\Sony\Media Go\npmediago.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
fcmdSrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\RADKA\AppData\Roaming\Mozilla\Firefox\Profiles\ykzjht4c.default\extensions\
battlefieldheroespatcher@ea.com
battlefieldplay4free@ea.com
ffxtlbr@Facemoods.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-19 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-19 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo Layers - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll [2011-08-19 790304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{98889811-442D-49dd-99D7-DC866BE87DBC} -
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} -
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"Sony PC Companion"=C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2012-01-27 441016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
C:\Program Files\Creative\Shared Files\CamTray.exe [2005-10-27 299008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
C:\Genius\ioCentre\gTaskBar.exe [2009-09-03 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11]
C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-01-18 10025576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2006-12-04 372736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2006-12-06 69632]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave2"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-03-24 20:57:11 ----D---- C:\Program Files\trend micro
2012-03-24 15:35:01 ----D---- C:\Program Files\Common Files\Skype
2012-03-24 15:34:57 ----RD---- C:\Program Files\Skype
2012-03-24 15:32:40 ----D---- C:\Windows\system32\appmgmt
2012-03-24 14:46:26 ----D---- C:\Program Files\Rockstar Games
2012-03-21 17:19:25 ----D---- C:\ProgramData\Bluetooth
2012-03-21 17:17:44 ----D---- C:\Program Files\IVT Corporation
2012-03-19 11:35:01 ----A---- C:\Windows\system32\javaws.exe
2012-03-19 11:35:01 ----A---- C:\Windows\system32\javaw.exe
2012-03-19 11:35:01 ----A---- C:\Windows\system32\java.exe
2012-03-18 11:32:46 ----D---- C:\Users\RADKA\AppData\Roaming\.minecraft
2012-03-17 20:27:34 ----D---- C:\Program Files\Microsoft Security Client
2012-03-15 17:31:04 ----D---- C:\Program Files\Common Files\Sony Shared
2012-03-15 17:30:02 ----D---- C:\ProgramData\Sony Corporation
2012-03-15 17:27:59 ----D---- C:\Program Files\Sony Media Go Install
2012-03-15 17:27:58 ----D---- C:\Users\RADKA\AppData\Roaming\Sony
2012-03-15 17:24:38 ----D---- C:\ProgramData\Sony
2012-03-15 17:24:38 ----D---- C:\Program Files\Sony
2012-03-14 14:32:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-03-14 14:32:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-14 14:30:35 ----A---- C:\Windows\system32\DWrite.dll
2012-03-14 14:30:28 ----A---- C:\Windows\system32\win32k.sys
2012-03-14 14:29:22 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-14 14:29:21 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-14 14:29:18 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-14 14:28:41 ----A---- C:\Windows\system32\rdpcorets.dll
2012-03-14 14:28:40 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-14 14:28:38 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-14 14:28:36 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-11 12:54:53 ----A---- C:\DARE.INI
2012-03-11 12:49:32 ----A---- C:\Windows\system32\d3dx10_39.dll
2012-03-11 12:49:32 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2012-03-11 12:49:31 ----A---- C:\Windows\system32\D3DX9_39.dll
2012-03-11 12:48:23 ----D---- C:\ProgramData\InstallShield
2012-03-10 20:53:50 ----A---- C:\Windows\system32\pbsvc.exe
2012-03-10 20:43:15 ----D---- C:\Program Files\Ubisoft
2012-03-10 14:34:39 ----A---- C:\Windows\system32\drivers\atksgt.sys
2012-03-10 14:34:38 ----A---- C:\Windows\system32\drivers\lirsgt.sys
2012-03-09 21:42:27 ----D---- C:\ProgramData\TrackMania
2012-03-06 14:29:31 ----D---- C:\Users\RADKA\AppData\Roaming\Audacity
2012-03-06 14:29:13 ----D---- C:\Program Files\Audacity 1.3 Beta (Unicode)
2012-03-04 13:04:44 ----D---- C:\Program Files\Common Files\BioWare
2012-03-04 12:53:36 ----D---- C:\Users\RADKA\AppData\Roaming\DAEMON Tools Lite
2012-03-04 12:53:31 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-03-02 18:43:10 ----D---- C:\Program Files\NVIDIA Corporation
2012-02-29 18:02:00 ----A---- C:\Windows\window-title-changer.INI
2012-02-25 22:05:55 ----D---- C:\Fraps
2012-02-25 21:41:52 ----D---- C:\Windows\cs
2012-02-25 21:39:09 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-02-25 21:37:04 ----D---- C:\Program Files\Windows Live
2012-02-25 21:23:56 ----D---- C:\Program Files\Common Files\Windows Live
======List of files/folders modified in the last 1 month======
2012-03-24 20:57:11 ----RD---- C:\Program Files
2012-03-24 20:56:52 ----D---- C:\Windows\Temp
2012-03-24 20:40:27 ----D---- C:\Users\RADKA\AppData\Roaming\Skype
2012-03-24 17:59:58 ----D---- C:\Windows\system32\config
2012-03-24 17:46:17 ----D---- C:\Windows
2012-03-24 17:45:41 ----HD---- C:\Config.Msi
2012-03-24 17:45:04 ----D---- C:\Windows\system32\catroot
2012-03-24 17:08:51 ----SHD---- C:\System Volume Information
2012-03-24 16:09:07 ----SHD---- C:\Windows\Installer
2012-03-24 16:09:06 ----D---- C:\Windows\system32\drivers
2012-03-24 16:09:03 ----D---- C:\Windows\inf
2012-03-24 16:09:00 ----D---- C:\Windows\system32\DriverStore
2012-03-24 16:07:40 ----D---- C:\Windows\Minidump
2012-03-24 15:35:01 ----D---- C:\Program Files\Common Files
2012-03-24 15:34:57 ----D---- C:\ProgramData\Skype
2012-03-24 15:32:40 ----D---- C:\Windows\System32
2012-03-24 15:09:19 ----HD---- C:\Program Files\InstallShield Installation Information
2012-03-24 15:02:31 ----D---- C:\Users\RADKA\AppData\Roaming\uTorrent
2012-03-24 11:13:09 ----D---- C:\Windows\system32\NDF
2012-03-23 19:33:07 ----D---- C:\Program Files\Mozilla Firefox
2012-03-23 14:03:59 ----D---- C:\Windows\ModemLogs
2012-03-21 17:19:25 ----HD---- C:\ProgramData
2012-03-21 16:42:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-21 14:49:39 ----D---- C:\Program Files\Seznam.cz
2012-03-21 14:49:01 ----D---- C:\Windows\system32\catroot2
2012-03-21 14:04:42 ----D---- C:\Windows\system32\Tasks
2012-03-20 17:21:57 ----SD---- C:\Users\RADKA\AppData\Roaming\Microsoft
2012-03-19 11:34:52 ----A---- C:\Windows\system32\deployJava1.dll
2012-03-18 16:12:53 ----D---- C:\Windows\Logs
2012-03-18 10:46:00 ----RSD---- C:\Windows\assembly
2012-03-17 20:26:11 ----D---- C:\ProgramData\AVAST Software
2012-03-17 08:38:16 ----D---- C:\Windows\debug
2012-03-15 17:29:31 ----D---- C:\Windows\winsxs
2012-03-15 17:22:47 ----D---- C:\Windows\system32\drivers\UMDF
2012-03-14 14:33:00 ----A---- C:\Windows\system32\MRT.exe
2012-03-12 15:25:49 ----RSD---- C:\Windows\Fonts
2012-03-11 14:29:38 ----D---- C:\Program Files\SUPERAntiSpyware
2012-03-11 12:48:23 ----D---- C:\Users\RADKA\AppData\Roaming\InstallShield
2012-03-11 12:47:47 ----D---- C:\ProgramData\Ubisoft
2012-03-11 12:40:25 ----D---- C:\Windows\Downloaded Program Files
2012-03-11 12:40:24 ----D---- C:\Program Files\Common Files\InstallShield
2012-03-10 20:53:57 ----A---- C:\Windows\system32\PnkBstrB.exe
2012-03-10 20:53:51 ----A---- C:\Windows\system32\PnkBstrA.exe
2012-03-09 16:29:50 ----D---- C:\Windows\Microsoft.NET
2012-03-02 18:43:08 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2012-03-02 15:12:21 ----D---- C:\Windows\system32\wdi
2012-03-02 15:12:20 ----D---- C:\Windows\Prefetch
2012-02-29 11:02:00 ----D---- C:\Windows\SoftwareDistribution
2012-02-26 17:19:44 ----SD---- C:\ProgramData\Microsoft
2012-02-25 21:36:18 ----D---- C:\Program Files\Common Files\microsoft shared
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-03-04 473656]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver; C:\Windows\system32\DRIVERS\wfcxacap.sys [2006-08-07 9856]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-03-10 83872]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-03-10 25888]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 wfcxatun;WinFast TV Analog Tuner Driver; C:\Windows\system32\drivers\wfcxatun.sys [2006-08-07 31616]
R2 WFCXVCAP;WinFast TV Video Capture Driver; C:\Windows\system32\drivers\wfcxvcap.sys [2006-08-07 167424]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys [2009-11-02 20480]
R3 gMouUsb16;USB 16-bit Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb16.sys [2009-06-25 9216]
R3 gogoTunnelDevice;gogo6 Multi-Virtual Tunnel Adapter; C:\Windows\system32\DRIVERS\gogotun.sys [2010-03-22 21064]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-01-25 3386792]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2011-02-10 10064]
R3 V0260VID;Live! Cam Vista IM; C:\Windows\system32\DRIVERS\V0260Vid.sys [2006-11-03 178913]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver; C:\Windows\system32\drivers\wfcxdtun.sys [2006-08-07 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver; C:\Windows\system32\drivers\wfcxtcap.sys [2006-08-07 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver; C:\Windows\system32\drivers\wfcxxbar.sys [2006-08-07 10496]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys []
S1 CXAVSAUD;Prolink 2388x Audio Capture; C:\Windows\system32\DRIVERS\pvavsaud.sys [2005-10-25 11008]
S2 CX23880;Conexant 23881 Video Capture; C:\Windows\system32\drivers\cx88vid.sys [2004-01-07 188671]
S2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 cpuz135;cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS [2005-01-06 9446]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-03-10 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2012-03-10 107832]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-03-04 1523008]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe []
S4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe []
S4 FileZilla Server;FileZilla Server FTP server; C:\xampp\filezillaftp\filezillaserver.exe []
S4 GeniusMouseService;GeniusMouseService; C:\Genius\ioCentre\GMouseService.exe [2010-03-11 12288]
S4 gogoc;gogo6 gogoCLIENT; C:\Program Files\gogo6\gogoCLIENT\gogoc.exe [2010-03-22 390472]
S4 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2011-03-28 4323256]
S4 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S4 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S4 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
-----------------EOF-----------------
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Kód: Vybrat vše
ComboFix 12-03-22.01 - RADKA 24.03.2012 21:17:04.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1489 [GMT 1:00]
Spuštěný z: d:\users\RADKA\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
C:\Install.exe
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setup.dll
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.dat
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.ico
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\users\RADKA\AppData\Local\assembly\tmp
c:\users\RADKA\AppData\Roaming\7za.exe
c:\users\RADKA\AppData\Roaming\RADKAlog.dat
c:\users\RADKA\AppData\Roaming\Server.7z
c:\users\RADKA\AppData\Roaming\vso_ts_preview.xml
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\Dvbpws.dll
c:\windows\system32\tmp5550.tmp
c:\windows\system32\tmp5561.tmp
c:\windows\system32\tmpADD1.tmp
c:\windows\system32\tmpADD2.tmp
c:\windows\system32\tmpB487.tmp
c:\windows\system32\tmpB488.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-24 do 2012-03-24 )))))))))))))))))))))))))))))))
.
.
2012-03-24 20:22 . 2012-03-24 20:22 -------- d-----w- c:\users\RADKA\AppData\Local\temp
2012-03-24 20:22 . 2012-03-24 20:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-24 19:57 . 2012-03-24 19:57 -------- d-----w- c:\program files\trend micro
2012-03-24 14:35 . 2012-03-24 14:35 -------- d-----w- c:\program files\Common Files\Skype
2012-03-24 14:34 . 2012-03-24 14:35 -------- d-----r- c:\program files\Skype
2012-03-24 14:28 . 2012-03-24 14:28 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{047C6C41-AA49-4B23-9EE9-1E9E4CDCF1C3}\offreg.dll
2012-03-24 13:46 . 2012-03-24 13:46 -------- d-----w- c:\program files\Rockstar Games
2012-03-23 18:38 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{047C6C41-AA49-4B23-9EE9-1E9E4CDCF1C3}\mpengine.dll
2012-03-21 16:19 . 2012-03-24 15:09 -------- d-----w- c:\programdata\Bluetooth
2012-03-21 16:17 . 2012-03-21 16:17 -------- d-----w- c:\program files\IVT Corporation
2012-03-19 10:14 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-03-18 10:32 . 2012-03-24 13:40 -------- d-----w- c:\users\RADKA\AppData\Roaming\.minecraft
2012-03-17 19:34 . 2012-02-09 12:17 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{59A5F76A-3AF3-4821-9A40-418E6CD14136}\gapaengine.dll
2012-03-17 19:27 . 2012-03-17 19:28 -------- d-----w- c:\program files\Microsoft Security Client
2012-03-16 13:25 . 2012-02-08 06:03 6552120 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0A468FF7-AA86-47EF-ABDB-0D85FA8346FD}\mpengine.dll
2012-03-15 16:31 . 2012-03-15 16:31 -------- d-----w- c:\users\RADKA\AppData\Local\Sony
2012-03-15 16:31 . 2012-03-15 16:31 -------- d-----w- c:\users\RADKA\Podcasts
2012-03-15 16:31 . 2012-03-15 16:31 -------- d-----w- c:\program files\Common Files\Sony Shared
2012-03-15 16:30 . 2012-03-15 16:30 -------- d-----w- c:\users\RADKA\AppData\Local\Downloaded Installations
2012-03-15 16:30 . 2012-03-15 16:30 -------- d-----w- c:\programdata\Sony Corporation
2012-03-15 16:27 . 2012-03-15 16:28 -------- d-----w- c:\program files\Sony Media Go Install
2012-03-15 16:27 . 2012-03-15 16:31 -------- d-----w- c:\users\RADKA\AppData\Roaming\Sony
2012-03-15 16:24 . 2012-03-15 16:30 -------- d-----w- c:\program files\Sony
2012-03-15 16:24 . 2012-03-15 16:24 -------- d-----w- c:\programdata\Sony
2012-03-14 13:32 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-14 13:32 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 13:30 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 13:30 . 2012-02-03 03:54 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 13:29 . 2012-01-25 05:27 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 13:29 . 2012-01-25 05:32 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 13:29 . 2012-01-25 05:32 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 13:28 . 2012-02-17 05:34 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 13:28 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 13:28 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 13:28 . 2012-02-17 04:14 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-11 11:54 . 2012-03-11 11:54 -------- d-----w- c:\users\RADKA\AppData\Local\Ubisoft
2012-03-11 11:49 . 2008-07-12 07:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2012-03-11 11:49 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2012-03-11 11:49 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2012-03-11 11:48 . 2012-03-11 11:48 -------- d-----w- c:\programdata\InstallShield
2012-03-11 11:40 . 2007-04-27 09:12 394184 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\_isusres.dll
2012-03-11 11:40 . 2006-09-10 20:56 86960 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
2012-03-11 11:40 . 2006-09-10 20:56 992176 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\agent.exe
2012-03-11 11:40 . 2006-09-10 20:56 283568 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISDM.exe
2012-03-10 19:53 . 2012-03-10 19:53 2337865 ----a-w- c:\windows\system32\pbsvc.exe
2012-03-10 19:43 . 2012-03-24 14:06 -------- d-----w- c:\program files\Ubisoft
2012-03-10 13:34 . 2012-03-10 17:55 83872 ----a-w- c:\windows\system32\drivers\atksgt.sys
2012-03-10 13:34 . 2012-03-10 17:55 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2012-03-09 20:42 . 2012-03-09 21:47 -------- d-----w- c:\programdata\TrackMania
2012-03-06 13:29 . 2012-03-16 17:33 -------- d-----w- c:\users\RADKA\AppData\Roaming\Audacity
2012-03-06 13:29 . 2012-03-06 13:29 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2012-03-04 12:04 . 2012-03-17 07:41 -------- d-----w- c:\program files\Common Files\BioWare
2012-03-04 11:53 . 2012-03-05 13:56 -------- d-----w- c:\users\RADKA\AppData\Roaming\DAEMON Tools Lite
2012-03-04 11:53 . 2012-03-04 11:53 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-03-02 17:45 . 2012-03-02 17:45 -------- d-----w- c:\users\RADKA\AppData\Local\PAYDAY
2012-03-02 17:43 . 2012-03-02 17:43 -------- d-----w- c:\program files\NVIDIA Corporation
2012-02-25 21:05 . 2012-02-25 21:06 -------- d-----w- C:\Fraps
2012-02-25 20:41 . 2012-02-25 20:41 -------- d-----w- c:\windows\cs
2012-02-25 20:39 . 2012-02-25 20:39 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-02-25 20:37 . 2012-02-25 20:38 -------- d-----w- c:\program files\Windows Live
2012-02-25 20:23 . 2012-02-29 14:59 -------- d-----w- c:\users\RADKA\AppData\Local\Windows Live
2012-02-25 20:23 . 2012-02-25 20:23 -------- d-----w- c:\program files\Common Files\Windows Live
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-19 10:34 . 2011-05-08 21:17 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-10 19:54 . 2011-09-29 19:22 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-03-10 19:54 . 2011-09-29 19:22 22328 ----a-w- c:\users\RADKA\AppData\Roaming\PnkBstrK.sys
2012-03-10 19:53 . 2011-09-29 19:21 107832 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-03-10 19:53 . 2011-09-29 19:21 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-03-04 11:55 . 2011-05-08 21:21 473656 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-02-25 20:36 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-02-17 18:39 . 2011-08-22 18:13 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-31 03:59 . 2011-05-08 17:58 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-19 13:38 . 2012-01-18 18:47 21840 ----atw- c:\windows\system32\SIntfNT.dll
2012-01-19 13:38 . 2012-01-18 18:47 17212 ----atw- c:\windows\system32\SIntf32.dll
2012-01-19 13:38 . 2012-01-18 18:47 12067 ----atw- c:\windows\system32\SIntf16.dll
2012-01-18 18:54 . 2012-01-18 18:53 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2012-01-04 08:58 . 2012-02-15 13:29 442880 ----a-w- c:\windows\system32\ntshrui.dll
2011-12-30 05:27 . 2012-02-15 13:29 478720 ----a-w- c:\windows\system32\timedate.cpl
2011-08-12 03:15 . 2011-08-30 10:25 126976 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2012-01-27 441016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"wave2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
2005-10-27 10:00 299008 ------w- c:\program files\Creative\Shared Files\CamTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-07-22 16:33 150528 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
2009-09-03 09:30 61440 ----a-w- c:\genius\ioCentre\gTaskBar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2011-01-18 18:47 10025576 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2010-02-10 21:32 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
2006-12-04 10:01 372736 ----a-w- c:\program files\WinFast\WFDTV\WFWIZ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
2006-12-06 14:57 69632 ----a-w- c:\program files\WinFast\WFDTV\DTVSchdl.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\RADKA\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe"
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"nvidia"=c:\windows\rundll33.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 CXAVSAUD;Prolink 2388x Audio Capture;c:\windows\system32\DRIVERS\pvavsaud.sys [2005-10-25 11008]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/01/06 14:46];c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ntk_PowerDVD;ntk_PowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.SYS [2005-01-06 9446]
R3 XDva391;XDva391;c:\windows\system32\XDva391.sys [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [x]
R4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [x]
R4 GeniusMouseService;GeniusMouseService;c:\genius\ioCentre\GMouseService.exe [2010-03-11 12288]
R4 gogoc;gogo6 gogoCLIENT;c:\program files\gogo6\gogoCLIENT\gogoc.exe [2010-03-22 390472]
R4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-03-28 4323256]
R4 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R4 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\DRIVERS\wfcxacap.sys [2006-08-07 9856]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-03-04 1523008]
S2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [2006-08-07 31616]
S2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [2006-08-07 167424]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [2009-11-02 20480]
S3 gMouUsb16;USB 16-bit Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb16.sys [2009-06-25 9216]
S3 gogoTunnelDevice;gogo6 Multi-Virtual Tunnel Adapter;c:\windows\system32\DRIVERS\gogotun.sys [2010-03-22 21064]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2011-02-10 10064]
S3 V0260VID;Live! Cam Vista IM;c:\windows\system32\DRIVERS\V0260Vid.sys [2006-11-03 178913]
S3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [2006-08-07 21248]
S3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [2006-08-07 15872]
S3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [2006-08-07 10496]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2113884054-3851899101-3007325117-1001Core.job
- c:\users\RADKA\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-08 20:33]
.
2012-03-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2113884054-3851899101-3007325117-1001UA.job
- c:\users\RADKA\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-08 20:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.facemoods.com/?a=ddrnw
IE: Download all by Rapidown... - c:\program files\Rapidown\RapidownGetAll.htm
IE: Download by Rapidown... - c:\program files\Rapidown\RapidownGet.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: {{57E91B47-F40A-11D1-B792-444553540011} - c:\program files\Rapidown\Rapidown.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.24.2 213.46.172.37
TCP: Interfaces\{F06D6CE6-E9F0-4CCA-B22F-B4D774463CBD}: NameServer = 192.168.24.2,213.46.172.37
FF - ProfilePath - c:\users\RADKA\AppData\Roaming\Mozilla\Firefox\Profiles\ykzjht4c.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f86e7f6b0000000000000250f2000001&tlver=1.4.35.10&affID=100842
FF - prefs.js: network.proxy.type - 4
FF - user.js: extentions.y2layers.installId - e4bb388c-1b80-48dc-a3f0-f0f5d87ed164
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,BestVideoDownloader,
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - (no file)
MSConfigStartUp-LogMeIn Hamachi Ui - c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
MSConfigStartUp-RemoteControl11 - c:\program files\CyberLink\PowerDVD11\PDVD11Serv.exe
AddRemove-OpenAL - c:\program files\OpenAL\OpenAL 2.0.7.0
.
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: WDC_WD2500KS-00MJB0 rev.02.01C03 -> Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-3
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-03-24 21:24:45
ComboFix-quarantined-files.txt 2012-03-24 20:24
.
Před spuštěním: Volných bajtů: 214 453 080 064
Po spuštění: Volných bajtů: 214 382 936 064
.
- - End Of File - - 6F79E0096BF32458BA81B48C00E2C526
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Collect::
c:\windows\system32\XDva391.sys
Driver::
XDva391
Firefox::
FF - ProfilePath - c:\users\RADKA\AppData\Roaming\Mozilla\Firefox\Profiles\ykzjht4c.default\
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f86e7f6b0000000000000250f2000001&tlver=1.4.35.10&affID=100842
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Reboot::
Kód: Vybrat vše
23:20:59.0339 3604 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
23:20:59.0432 3604 ============================================================
23:20:59.0432 3604 Current date / time: 2012/03/24 23:20:59.0432
23:20:59.0432 3604 SystemInfo:
23:20:59.0432 3604
23:20:59.0432 3604 OS Version: 6.1.7601 ServicePack: 1.0
23:20:59.0432 3604 Product type: Workstation
23:20:59.0432 3604 ComputerName: RADKA-PC
23:20:59.0432 3604 UserName: RADKA
23:20:59.0432 3604 Windows directory: C:\Windows
23:20:59.0432 3604 System windows directory: C:\Windows
23:20:59.0432 3604 Processor architecture: Intel x86
23:20:59.0432 3604 Number of processors: 2
23:20:59.0432 3604 Page size: 0x1000
23:20:59.0432 3604 Boot type: Normal boot
23:20:59.0432 3604 ============================================================
23:21:02.0396 3604 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
23:21:02.0396 3604 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:21:02.0459 3604 \Device\Harddisk1\DR1:
23:21:02.0459 3604 MBR used
23:21:02.0459 3604 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:21:02.0459 3604 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
23:21:02.0459 3604 \Device\Harddisk0\DR0:
23:21:02.0459 3604 MBR used
23:21:02.0459 3604 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x19576DE2
23:21:02.0537 3604 Initialize success
23:21:02.0537 3604 ============================================================
23:21:05.0984 1608 ============================================================
23:21:05.0984 1608 Scan started
23:21:05.0984 1608 Mode: Manual;
23:21:05.0984 1608 ============================================================
23:21:06.0920 1608 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
23:21:06.0936 1608 !SASCORE - ok
23:21:07.0138 1608 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
23:21:07.0152 1608 1394ohci - ok
23:21:07.0199 1608 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
23:21:07.0209 1608 ACPI - ok
23:21:07.0245 1608 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
23:21:07.0246 1608 AcpiPmi - ok
23:21:07.0528 1608 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:21:07.0544 1608 AdobeARMservice - ok
23:21:07.0623 1608 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
23:21:07.0662 1608 adp94xx - ok
23:21:07.0724 1608 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
23:21:07.0747 1608 adpahci - ok
23:21:07.0791 1608 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
23:21:07.0797 1608 adpu320 - ok
23:21:07.0826 1608 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
23:21:07.0832 1608 AeLookupSvc - ok
23:21:07.0931 1608 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
23:21:07.0945 1608 AFD - ok
23:21:07.0984 1608 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
23:21:07.0984 1608 agp440 - ok
23:21:08.0031 1608 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
23:21:08.0031 1608 aic78xx - ok
23:21:08.0078 1608 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
23:21:08.0093 1608 ALG - ok
23:21:08.0125 1608 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
23:21:08.0125 1608 aliide - ok
23:21:08.0234 1608 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
23:21:08.0249 1608 amdagp - ok
23:21:08.0343 1608 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
23:21:08.0343 1608 amdide - ok
23:21:08.0390 1608 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
23:21:08.0390 1608 AmdK8 - ok
23:21:08.0421 1608 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
23:21:08.0421 1608 AmdPPM - ok
23:21:08.0483 1608 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
23:21:08.0499 1608 amdsata - ok
23:21:08.0561 1608 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
23:21:08.0561 1608 amdsbs - ok
23:21:08.0608 1608 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
23:21:08.0608 1608 amdxata - ok
23:21:08.0702 1608 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
23:21:08.0702 1608 AppID - ok
23:21:08.0764 1608 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
23:21:08.0780 1608 AppIDSvc - ok
23:21:08.0842 1608 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
23:21:08.0842 1608 Appinfo - ok
23:21:08.0858 1608 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
23:21:08.0858 1608 AppMgmt - ok
23:21:08.0920 1608 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
23:21:08.0936 1608 arc - ok
23:21:08.0998 1608 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
23:21:08.0998 1608 arcsas - ok
23:21:09.0123 1608 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:21:09.0232 1608 aspnet_state - ok
23:21:09.0279 1608 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
23:21:09.0295 1608 AsyncMac - ok
23:21:09.0357 1608 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
23:21:09.0357 1608 atapi - ok
23:21:09.0513 1608 Ati External Event Utility (86acb6a60c50e99eb8e68710d5a12654) C:\Windows\system32\Ati2evxx.exe
23:21:09.0638 1608 Ati External Event Utility - ok
23:21:10.0745 1608 atikmdag (7db96c2801a78513bdc133c25d07929e) C:\Windows\system32\DRIVERS\atikmdag.sys
23:21:10.0964 1608 atikmdag - ok
23:21:11.0057 1608 atksgt (547f07839f71a4357a5e503646cac2b0) C:\Windows\system32\DRIVERS\atksgt.sys
23:21:11.0089 1608 atksgt - ok
23:21:11.0167 1608 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
23:21:11.0182 1608 AudioEndpointBuilder - ok
23:21:11.0198 1608 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
23:21:11.0198 1608 Audiosrv - ok
23:21:11.0291 1608 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
23:21:11.0291 1608 AxInstSV - ok
23:21:11.0447 1608 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
23:21:11.0463 1608 b06bdrv - ok
23:21:11.0666 1608 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
23:21:11.0681 1608 b57nd60x - ok
23:21:11.0931 1608 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
23:21:11.0931 1608 BDESVC - ok
23:21:11.0993 1608 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
23:21:12.0009 1608 Beep - ok
23:21:12.0040 1608 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
23:21:12.0056 1608 BFE - ok
23:21:12.0087 1608 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
23:21:12.0103 1608 BITS - ok
23:21:12.0134 1608 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
23:21:12.0134 1608 blbdrive - ok
23:21:12.0165 1608 BlueletAudio - ok
23:21:12.0165 1608 BlueletSCOAudio - ok
23:21:12.0212 1608 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
23:21:12.0227 1608 bowser - ok
23:21:12.0243 1608 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:21:12.0243 1608 BrFiltLo - ok
23:21:12.0259 1608 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:21:12.0259 1608 BrFiltUp - ok
23:21:12.0290 1608 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
23:21:12.0305 1608 BridgeMP - ok
23:21:12.0352 1608 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
23:21:12.0352 1608 Browser - ok
23:21:12.0399 1608 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
23:21:12.0415 1608 Brserid - ok
23:21:12.0415 1608 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
23:21:12.0430 1608 BrSerWdm - ok
23:21:12.0430 1608 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:21:12.0430 1608 BrUsbMdm - ok
23:21:12.0446 1608 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
23:21:12.0446 1608 BrUsbSer - ok
23:21:12.0461 1608 BT - ok
23:21:12.0493 1608 Btcsrusb - ok
23:21:12.0539 1608 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
23:21:12.0571 1608 BthEnum - ok
23:21:12.0586 1608 BTHidEnum - ok
23:21:12.0602 1608 BTHidMgr - ok
23:21:12.0633 1608 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
23:21:12.0664 1608 BTHMODEM - ok
23:21:12.0711 1608 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
23:21:12.0742 1608 BthPan - ok
23:21:12.0773 1608 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\system32\Drivers\BTHport.sys
23:21:12.0820 1608 BTHPORT - ok
23:21:12.0867 1608 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
23:21:12.0867 1608 bthserv - ok
23:21:12.0945 1608 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\system32\Drivers\BTHUSB.sys
23:21:12.0976 1608 BTHUSB - ok
23:21:13.0039 1608 catchme - ok
23:21:13.0085 1608 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
23:21:13.0085 1608 cdfs - ok
23:21:13.0117 1608 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
23:21:13.0132 1608 cdrom - ok
23:21:13.0179 1608 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:21:13.0179 1608 CertPropSvc - ok
23:21:13.0241 1608 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
23:21:13.0241 1608 circlass - ok
23:21:13.0273 1608 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
23:21:13.0288 1608 CLFS - ok
23:21:13.0319 1608 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:21:13.0366 1608 clr_optimization_v2.0.50727_32 - ok
23:21:13.0397 1608 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:21:13.0507 1608 clr_optimization_v4.0.30319_32 - ok
23:21:13.0538 1608 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
23:21:13.0538 1608 CmBatt - ok
23:21:13.0569 1608 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
23:21:13.0585 1608 cmdide - ok
23:21:13.0631 1608 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
23:21:13.0647 1608 CNG - ok
23:21:13.0663 1608 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
23:21:13.0678 1608 Compbatt - ok
23:21:13.0694 1608 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
23:21:13.0694 1608 CompositeBus - ok
23:21:13.0709 1608 COMSysApp - ok
23:21:13.0741 1608 cpuz135 - ok
23:21:13.0756 1608 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
23:21:13.0756 1608 crcdisk - ok
23:21:13.0787 1608 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
23:21:13.0803 1608 CryptSvc - ok
23:21:13.0834 1608 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
23:21:13.0850 1608 CSC - ok
23:21:13.0881 1608 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
23:21:13.0897 1608 CscService - ok
23:21:13.0975 1608 CX23880 (c87a51614ff893a19962dd8efa1d920b) C:\Windows\system32\drivers\cx88vid.sys
23:21:13.0975 1608 CX23880 - ok
23:21:13.0990 1608 CXAVSAUD (8d0ccebaf0a108f9867cef13107eaf0c) C:\Windows\system32\DRIVERS\pvavsaud.sys
23:21:13.0990 1608 CXAVSAUD - ok
23:21:14.0021 1608 CyberLink PowerDVD 11.0 Monitor Service - ok
23:21:14.0053 1608 CyberLink PowerDVD 11.0 Service - ok
23:21:14.0084 1608 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:21:14.0099 1608 DcomLaunch - ok
23:21:14.0193 1608 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
23:21:14.0193 1608 defragsvc - ok
23:21:14.0240 1608 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
23:21:14.0240 1608 DfsC - ok
23:21:14.0302 1608 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
23:21:14.0302 1608 Dhcp - ok
23:21:14.0318 1608 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
23:21:14.0333 1608 discache - ok
23:21:14.0349 1608 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
23:21:14.0349 1608 Disk - ok
23:21:14.0427 1608 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
23:21:14.0427 1608 Dnscache - ok
23:21:14.0489 1608 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
23:21:14.0489 1608 dot3svc - ok
23:21:14.0536 1608 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
23:21:14.0536 1608 Dot4 - ok
23:21:14.0567 1608 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\drivers\Dot4Prt.sys
23:21:14.0567 1608 Dot4Print - ok
23:21:14.0583 1608 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
23:21:14.0583 1608 dot4usb - ok
23:21:14.0614 1608 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
23:21:14.0614 1608 DPS - ok
23:21:14.0645 1608 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
23:21:14.0645 1608 drmkaud - ok
23:21:14.0692 1608 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
23:21:14.0692 1608 DXGKrnl - ok
23:21:14.0786 1608 EagleNT - ok
23:21:14.0848 1608 EagleXNt - ok
23:21:14.0895 1608 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
23:21:14.0895 1608 EapHost - ok
23:21:14.0989 1608 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
23:21:15.0067 1608 ebdrv - ok
23:21:15.0082 1608 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
23:21:15.0098 1608 EFS - ok
23:21:15.0176 1608 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
23:21:15.0254 1608 ehRecvr - ok
23:21:15.0285 1608 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
23:21:15.0316 1608 ehSched - ok
23:21:15.0347 1608 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
23:21:15.0363 1608 elxstor - ok
23:21:15.0379 1608 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
23:21:15.0394 1608 ErrDev - ok
23:21:15.0425 1608 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
23:21:15.0425 1608 EventSystem - ok
23:21:15.0441 1608 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
23:21:15.0441 1608 exfat - ok
23:21:15.0472 1608 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
23:21:15.0472 1608 fastfat - ok
23:21:15.0535 1608 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
23:21:15.0550 1608 Fax - ok
23:21:15.0581 1608 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
23:21:15.0581 1608 fdc - ok
23:21:15.0597 1608 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
23:21:15.0597 1608 fdPHost - ok
23:21:15.0628 1608 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
23:21:15.0628 1608 FDResPub - ok
23:21:15.0659 1608 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
23:21:15.0659 1608 FileInfo - ok
23:21:15.0706 1608 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
23:21:15.0706 1608 Filetrace - ok
23:21:15.0737 1608 FileZilla Server - ok
23:21:15.0753 1608 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
23:21:15.0753 1608 flpydisk - ok
23:21:15.0784 1608 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
23:21:15.0784 1608 FltMgr - ok
23:21:15.0847 1608 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
23:21:15.0878 1608 FontCache - ok
23:21:15.0956 1608 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:21:15.0971 1608 FontCache3.0.0.0 - ok
23:21:15.0987 1608 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
23:21:15.0987 1608 FsDepends - ok
23:21:16.0003 1608 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
23:21:16.0003 1608 Fs_Rec - ok
23:21:16.0018 1608 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
23:21:16.0018 1608 fvevol - ok
23:21:16.0034 1608 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:21:16.0034 1608 gagp30kx - ok
23:21:16.0096 1608 GeniusMouseService (1fc39e7ba16cb0463347265cdc6c10c2) C:\Genius\ioCentre\GMouseService.exe
23:21:16.0127 1608 GeniusMouseService - ok
23:21:16.0174 1608 gHidPnp (d4692d4cbbde6a622a47f63d2ccc26c5) C:\Windows\system32\Drivers\gHidPnp.Sys
23:21:16.0190 1608 gHidPnp - ok
23:21:16.0221 1608 gMouUsb16 (471ef34c2e279535a442a4eb83cbbba5) C:\Windows\system32\DRIVERS\gMouUsb16.sys
23:21:16.0221 1608 gMouUsb16 - ok
23:21:16.0377 1608 gogoc (45625bab2f5fd9b97f85c0f8bcab215c) C:\Program Files\gogo6\gogoCLIENT\gogoc.exe
23:21:16.0549 1608 gogoc - ok
23:21:16.0627 1608 gogoTunnelDevice (551c836a722e5386f0209ac42d5ecc5a) C:\Windows\system32\DRIVERS\gogotun.sys
23:21:16.0658 1608 gogoTunnelDevice - ok
23:21:16.0720 1608 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
23:21:16.0736 1608 gpsvc - ok
23:21:16.0751 1608 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
23:21:16.0767 1608 hamachi - ok
23:21:16.0783 1608 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
23:21:16.0783 1608 hcw85cir - ok
23:21:16.0814 1608 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
23:21:16.0829 1608 HdAudAddService - ok
23:21:16.0861 1608 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
23:21:16.0876 1608 HDAudBus - ok
23:21:16.0907 1608 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
23:21:16.0907 1608 HidBatt - ok
23:21:16.0954 1608 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
23:21:16.0985 1608 HidBth - ok
23:21:17.0017 1608 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
23:21:17.0017 1608 HidIr - ok
23:21:17.0048 1608 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
23:21:17.0048 1608 hidserv - ok
23:21:17.0063 1608 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
23:21:17.0095 1608 HidUsb - ok
23:21:17.0110 1608 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
23:21:17.0126 1608 hkmsvc - ok
23:21:17.0141 1608 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
23:21:17.0157 1608 HomeGroupListener - ok
23:21:17.0188 1608 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
23:21:17.0188 1608 HomeGroupProvider - ok
23:21:17.0235 1608 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:21:17.0360 1608 hpqcxs08 - ok
23:21:17.0422 1608 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:21:17.0531 1608 hpqddsvc - ok
23:21:17.0594 1608 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
23:21:17.0594 1608 HpSAMD - ok
23:21:17.0625 1608 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
23:21:17.0750 1608 HPSLPSVC - ok
23:21:17.0781 1608 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
23:21:17.0797 1608 HTTP - ok
23:21:17.0812 1608 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
23:21:17.0828 1608 hwpolicy - ok
23:21:17.0843 1608 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
23:21:17.0843 1608 i8042prt - ok
23:21:17.0875 1608 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
23:21:17.0875 1608 iaStorV - ok
23:21:17.0953 1608 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:21:17.0968 1608 idsvc - ok
23:21:17.0999 1608 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
23:21:17.0999 1608 iirsp - ok
23:21:18.0031 1608 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
23:21:18.0046 1608 IKEEXT - ok
23:21:18.0155 1608 IntcAzAudAddService (39be782f9660545a491bf42320232aea) C:\Windows\system32\drivers\RTKVHDA.sys
23:21:18.0187 1608 IntcAzAudAddService - ok
23:21:18.0202 1608 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
23:21:18.0202 1608 intelide - ok
23:21:18.0218 1608 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
23:21:18.0218 1608 intelppm - ok
23:21:18.0311 1608 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
23:21:18.0311 1608 IPBusEnum - ok
23:21:18.0327 1608 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:21:18.0327 1608 IpFilterDriver - ok
23:21:18.0358 1608 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
23:21:18.0374 1608 iphlpsvc - ok
23:21:18.0452 1608 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
23:21:18.0452 1608 IPMIDRV - ok
23:21:18.0514 1608 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
23:21:18.0514 1608 IPNAT - ok
23:21:18.0545 1608 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
23:21:18.0545 1608 IRENUM - ok
23:21:18.0561 1608 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
23:21:18.0577 1608 isapnp - ok
23:21:18.0608 1608 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
23:21:18.0608 1608 iScsiPrt - ok
23:21:18.0623 1608 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
23:21:18.0623 1608 kbdclass - ok
23:21:18.0655 1608 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
23:21:18.0670 1608 kbdhid - ok
23:21:18.0701 1608 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:21:18.0701 1608 KeyIso - ok
23:21:18.0717 1608 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
23:21:18.0733 1608 KSecDD - ok
23:21:18.0733 1608 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
23:21:18.0748 1608 KSecPkg - ok
23:21:18.0779 1608 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
23:21:18.0795 1608 KtmRm - ok
23:21:18.0842 1608 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
23:21:18.0857 1608 LanmanServer - ok
23:21:18.0889 1608 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
23:21:18.0889 1608 LanmanWorkstation - ok
23:21:18.0967 1608 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
23:21:18.0967 1608 lirsgt - ok
23:21:18.0998 1608 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
23:21:18.0998 1608 lltdio - ok
23:21:19.0029 1608 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
23:21:19.0029 1608 lltdsvc - ok
23:21:19.0045 1608 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
23:21:19.0045 1608 lmhosts - ok
23:21:19.0060 1608 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:21:19.0060 1608 LSI_FC - ok
23:21:19.0091 1608 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:21:19.0091 1608 LSI_SAS - ok
23:21:19.0091 1608 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:21:19.0107 1608 LSI_SAS2 - ok
23:21:19.0123 1608 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:21:19.0123 1608 LSI_SCSI - ok
23:21:19.0138 1608 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
23:21:19.0138 1608 luafv - ok
23:21:19.0169 1608 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
23:21:19.0169 1608 Mcx2Svc - ok
23:21:19.0263 1608 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
23:21:19.0481 1608 MDM - ok
23:21:19.0497 1608 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
23:21:19.0497 1608 megasas - ok
23:21:19.0513 1608 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
23:21:19.0513 1608 MegaSR - ok
23:21:19.0544 1608 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:21:19.0544 1608 MMCSS - ok
23:21:19.0544 1608 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
23:21:19.0559 1608 Modem - ok
23:21:19.0575 1608 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
23:21:19.0575 1608 monitor - ok
23:21:19.0591 1608 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
23:21:19.0591 1608 mouclass - ok
23:21:19.0637 1608 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
23:21:19.0653 1608 mouhid - ok
23:21:19.0669 1608 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
23:21:19.0669 1608 mountmgr - ok
23:21:19.0731 1608 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
23:21:19.0731 1608 MpFilter - ok
23:21:19.0762 1608 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
23:21:19.0762 1608 mpio - ok
23:21:19.0840 1608 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
23:21:19.0856 1608 MpNWMon - ok
23:21:19.0903 1608 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
23:21:19.0903 1608 mpsdrv - ok
23:21:19.0949 1608 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
23:21:19.0965 1608 MpsSvc - ok
23:21:19.0996 1608 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
23:21:20.0012 1608 MRxDAV - ok
23:21:20.0043 1608 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:21:20.0043 1608 mrxsmb - ok
23:21:20.0090 1608 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:21:20.0090 1608 mrxsmb10 - ok
23:21:20.0105 1608 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:21:20.0105 1608 mrxsmb20 - ok
23:21:20.0137 1608 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
23:21:20.0137 1608 msahci - ok
23:21:20.0183 1608 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
23:21:20.0183 1608 msdsm - ok
23:21:20.0261 1608 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
23:21:20.0261 1608 MSDTC - ok
23:21:20.0339 1608 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
23:21:20.0339 1608 Msfs - ok
23:21:20.0355 1608 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
23:21:20.0355 1608 mshidkmdf - ok
23:21:20.0371 1608 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
23:21:20.0371 1608 msisadrv - ok
23:21:20.0402 1608 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
23:21:20.0417 1608 MSiSCSI - ok
23:21:20.0417 1608 msiserver - ok
23:21:20.0433 1608 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
23:21:20.0433 1608 MSKSSRV - ok
23:21:20.0527 1608 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
23:21:20.0527 1608 MsMpSvc - ok
23:21:20.0542 1608 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
23:21:20.0542 1608 MSPCLOCK - ok
23:21:20.0558 1608 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
23:21:20.0558 1608 MSPQM - ok
23:21:20.0589 1608 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
23:21:20.0589 1608 MsRPC - ok
23:21:20.0605 1608 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
23:21:20.0620 1608 mssmbios - ok
23:21:20.0636 1608 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
23:21:20.0636 1608 MSTEE - ok
23:21:20.0651 1608 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
23:21:20.0651 1608 MTConfig - ok
23:21:20.0683 1608 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
23:21:20.0683 1608 Mup - ok
23:21:20.0729 1608 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
23:21:20.0745 1608 napagent - ok
23:21:20.0776 1608 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
23:21:20.0776 1608 NativeWifiP - ok
23:21:20.0823 1608 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
23:21:20.0823 1608 NDIS - ok
23:21:20.0901 1608 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
23:21:20.0917 1608 NdisCap - ok
23:21:20.0948 1608 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
23:21:20.0948 1608 NdisTapi - ok
23:21:20.0979 1608 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
23:21:20.0979 1608 Ndisuio - ok
23:21:21.0010 1608 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
23:21:21.0010 1608 NdisWan - ok
23:21:21.0041 1608 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
23:21:21.0041 1608 NDProxy - ok
23:21:21.0088 1608 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\Windows\system32\HPZinw12.dll
23:21:21.0104 1608 Net Driver HPZ12 - ok
23:21:21.0151 1608 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
23:21:21.0151 1608 NetBIOS - ok
23:21:21.0197 1608 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
23:21:21.0197 1608 NetBT - ok
23:21:21.0229 1608 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:21:21.0229 1608 Netlogon - ok
23:21:21.0275 1608 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
23:21:21.0291 1608 Netman - ok
23:21:21.0353 1608 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:21:21.0369 1608 NetMsmqActivator - ok
23:21:21.0385 1608 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:21:21.0385 1608 NetPipeActivator - ok
23:21:21.0416 1608 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
23:21:21.0431 1608 netprofm - ok
23:21:21.0447 1608 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:21:21.0447 1608 NetTcpActivator - ok
23:21:21.0463 1608 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:21:21.0463 1608 NetTcpPortSharing - ok
23:21:21.0478 1608 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
23:21:21.0494 1608 nfrd960 - ok
23:21:21.0587 1608 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:21:21.0587 1608 NisDrv - ok
23:21:21.0665 1608 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
23:21:21.0681 1608 NisSrv - ok
23:21:21.0712 1608 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
23:21:21.0728 1608 NlaSvc - ok
23:21:21.0759 1608 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
23:21:21.0759 1608 Npfs - ok
23:21:21.0806 1608 npggsvc - ok
23:21:21.0837 1608 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
23:21:21.0837 1608 nsi - ok
23:21:21.0853 1608 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
23:21:21.0868 1608 nsiproxy - ok
23:21:21.0931 1608 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
23:21:21.0977 1608 Ntfs - ok
23:21:22.0009 1608 ntk_PowerDVD - ok
23:21:22.0040 1608 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
23:21:22.0040 1608 Null - ok
23:21:22.0087 1608 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
23:21:22.0087 1608 nvraid - ok
23:21:22.0118 1608 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
23:21:22.0118 1608 nvstor - ok
23:21:22.0149 1608 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
23:21:22.0149 1608 nv_agp - ok
23:21:22.0258 1608 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:21:22.0274 1608 odserv - ok
23:21:22.0367 1608 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
23:21:22.0367 1608 ohci1394 - ok
23:21:22.0430 1608 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:21:22.0430 1608 ose - ok
23:21:22.0508 1608 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:21:22.0523 1608 p2pimsvc - ok
23:21:22.0586 1608 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
23:21:22.0601 1608 p2psvc - ok
23:21:22.0617 1608 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
23:21:22.0617 1608 Parport - ok
23:21:22.0648 1608 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
23:21:22.0648 1608 partmgr - ok
23:21:22.0664 1608 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
23:21:22.0664 1608 Parvdm - ok
23:21:22.0679 1608 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
23:21:22.0695 1608 PcaSvc - ok
23:21:22.0711 1608 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
23:21:22.0711 1608 pci - ok
23:21:22.0742 1608 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
23:21:22.0742 1608 pciide - ok
23:21:22.0773 1608 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
23:21:22.0773 1608 pcmcia - ok
23:21:22.0789 1608 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
23:21:22.0789 1608 pcw - ok
23:21:22.0820 1608 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
23:21:22.0835 1608 PEAUTH - ok
23:21:22.0867 1608 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
23:21:22.0913 1608 PeerDistSvc - ok
23:21:22.0991 1608 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
23:21:23.0023 1608 pla - ok
23:21:23.0069 1608 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
23:21:23.0085 1608 PlugPlay - ok
23:21:23.0116 1608 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\Windows\system32\HPZipm12.dll
23:21:23.0116 1608 Pml Driver HPZ12 - ok
23:21:23.0163 1608 PnkBstrA (831883b107684301f48ace752c963984) C:\Windows\system32\PnkBstrA.exe
23:21:23.0163 1608 PnkBstrA - ok
23:21:23.0194 1608 PnkBstrB (e24106a5eaecddff00b25497049dd65f) C:\Windows\system32\PnkBstrB.exe
23:21:23.0194 1608 PnkBstrB - ok
23:21:23.0225 1608 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
23:21:23.0225 1608 PNRPAutoReg - ok
23:21:23.0241 1608 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:21:23.0241 1608 PNRPsvc - ok
23:21:23.0288 1608 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
23:21:23.0288 1608 PolicyAgent - ok
23:21:23.0319 1608 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
23:21:23.0319 1608 Power - ok
23:21:23.0366 1608 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
23:21:23.0381 1608 PptpMiniport - ok
23:21:23.0397 1608 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
23:21:23.0397 1608 Processor - ok
23:21:23.0428 1608 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
23:21:23.0444 1608 ProfSvc - ok
23:21:23.0475 1608 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:21:23.0475 1608 ProtectedStorage - ok
23:21:23.0506 1608 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
23:21:23.0506 1608 Psched - ok
23:21:23.0553 1608 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
23:21:23.0600 1608 ql2300 - ok
23:21:23.0615 1608 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
23:21:23.0615 1608 ql40xx - ok
23:21:23.0647 1608 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
23:21:23.0647 1608 QWAVE - ok
23:21:23.0662 1608 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
23:21:23.0662 1608 QWAVEdrv - ok
23:21:23.0678 1608 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
23:21:23.0678 1608 RasAcd - ok
23:21:23.0709 1608 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:21:23.0709 1608 RasAgileVpn - ok
23:21:23.0787 1608 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
23:21:23.0787 1608 RasAuto - ok
23:21:23.0818 1608 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:21:23.0818 1608 Rasl2tp - ok
23:21:23.0849 1608 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
23:21:23.0865 1608 RasMan - ok
23:21:23.0881 1608 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
23:21:23.0896 1608 RasPppoe - ok
23:21:23.0912 1608 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
23:21:23.0912 1608 RasSstp - ok
23:21:23.0927 1608 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
23:21:23.0927 1608 rdbss - ok
23:21:23.0943 1608 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
23:21:23.0943 1608 rdpbus - ok
23:21:23.0974 1608 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:21:23.0974 1608 RDPCDD - ok
23:21:24.0005 1608 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
23:21:24.0021 1608 RDPDR - ok
23:21:24.0021 1608 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
23:21:24.0037 1608 RDPENCDD - ok
23:21:24.0052 1608 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
23:21:24.0052 1608 RDPREFMP - ok
23:21:24.0083 1608 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
23:21:24.0083 1608 RdpVideoMiniport - ok
23:21:24.0115 1608 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
23:21:24.0130 1608 RDPWD - ok
23:21:24.0161 1608 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
23:21:24.0161 1608 rdyboost - ok
23:21:24.0224 1608 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
23:21:24.0224 1608 RemoteAccess - ok
23:21:24.0271 1608 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
23:21:24.0271 1608 RemoteRegistry - ok
23:21:24.0349 1608 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
23:21:24.0364 1608 RFCOMM - ok
23:21:24.0411 1608 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
23:21:24.0411 1608 ROOTMODEM - ok
23:21:24.0427 1608 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
23:21:24.0427 1608 RpcEptMapper - ok
23:21:24.0458 1608 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
23:21:24.0473 1608 RpcLocator - ok
23:21:24.0505 1608 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:21:24.0505 1608 RpcSs - ok
23:21:24.0520 1608 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
23:21:24.0520 1608 rspndr - ok
23:21:24.0551 1608 RTL8167 (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys
23:21:24.0551 1608 RTL8167 - ok
23:21:24.0598 1608 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
23:21:24.0598 1608 s3cap - ok
23:21:24.0614 1608 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:21:24.0614 1608 SamSs - ok
23:21:24.0676 1608 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
23:21:24.0676 1608 SASDIFSV - ok
23:21:24.0692 1608 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
23:21:24.0692 1608 SASKUTIL - ok
23:21:24.0739 1608 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
23:21:24.0739 1608 sbp2port - ok
23:21:24.0770 1608 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
23:21:24.0785 1608 SCardSvr - ok
23:21:24.0801 1608 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
23:21:24.0801 1608 scfilter - ok
23:21:24.0863 1608 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
23:21:24.0879 1608 Schedule - ok
23:21:24.0910 1608 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:21:24.0910 1608 SCPolicySvc - ok
23:21:24.0941 1608 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
23:21:24.0957 1608 SDRSVC - ok
23:21:24.0973 1608 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:21:24.0973 1608 secdrv - ok
23:21:25.0004 1608 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
23:21:25.0004 1608 seclogon - ok
23:21:25.0019 1608 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
23:21:25.0035 1608 SENS - ok
23:21:25.0051 1608 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
23:21:25.0051 1608 SensrSvc - ok
23:21:25.0113 1608 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
23:21:25.0113 1608 Serenum - ok
23:21:25.0129 1608 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
23:21:25.0129 1608 Serial - ok
23:21:25.0160 1608 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
23:21:25.0160 1608 sermouse - ok
23:21:25.0222 1608 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
23:21:25.0238 1608 SessionEnv - ok
23:21:25.0253 1608 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
23:21:25.0253 1608 sffdisk - ok
23:21:25.0269 1608 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
23:21:25.0269 1608 sffp_mmc - ok
23:21:25.0285 1608 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
23:21:25.0285 1608 sffp_sd - ok
23:21:25.0331 1608 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
23:21:25.0331 1608 sfloppy - ok
23:21:25.0394 1608 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
23:21:25.0409 1608 SharedAccess - ok
23:21:25.0472 1608 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
23:21:25.0487 1608 ShellHWDetection - ok
23:21:25.0503 1608 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
23:21:25.0503 1608 sisagp - ok
23:21:25.0519 1608 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:21:25.0534 1608 SiSRaid2 - ok
23:21:25.0550 1608 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
23:21:25.0550 1608 SiSRaid4 - ok
23:21:25.0581 1608 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
23:21:25.0597 1608 SkypeUpdate - ok
23:21:25.0597 1608 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
23:21:25.0612 1608 Smb - ok
23:21:25.0643 1608 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
23:21:25.0643 1608 SNMPTRAP - ok
23:21:25.0721 1608 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
23:21:25.0721 1608 Sony PC Companion - ok
23:21:25.0737 1608 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
23:21:25.0753 1608 spldr - ok
23:21:25.0799 1608 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
23:21:25.0815 1608 Spooler - ok
23:21:25.0940 1608 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
23:21:26.0018 1608 sppsvc - ok
23:21:26.0080 1608 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
23:21:26.0080 1608 sppuinotify - ok
23:21:26.0158 1608 sptd (ab5c8f6e63674dbad9c1e449e8fd77ce) C:\Windows\System32\Drivers\sptd.sys
23:21:26.0174 1608 sptd - ok
23:21:26.0205 1608 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
23:21:26.0205 1608 srv - ok
23:21:26.0236 1608 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
23:21:26.0252 1608 srv2 - ok
23:21:26.0267 1608 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
23:21:26.0267 1608 srvnet - ok
23:21:26.0299 1608 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
23:21:26.0299 1608 SSDPSRV - ok
23:21:26.0314 1608 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
23:21:26.0330 1608 SstpSvc - ok
23:21:26.0423 1608 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
23:21:26.0533 1608 StarWindServiceAE - ok
23:21:26.0564 1608 Steam Client Service - ok
23:21:26.0642 1608 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
23:21:26.0642 1608 stexstor - ok
23:21:26.0704 1608 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
23:21:26.0720 1608 StiSvc - ok
23:21:26.0735 1608 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
23:21:26.0751 1608 storflt - ok
23:21:26.0767 1608 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
23:21:26.0767 1608 storvsc - ok
23:21:26.0798 1608 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
23:21:26.0798 1608 swenum - ok
23:21:26.0813 1608 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
23:21:26.0845 1608 swprv - ok
23:21:26.0876 1608 Synth3dVsc - ok
23:21:26.0938 1608 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
23:21:26.0985 1608 SysMain - ok
23:21:27.0016 1608 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
23:21:27.0016 1608 TabletInputService - ok
23:21:27.0063 1608 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
23:21:27.0079 1608 TapiSrv - ok
23:21:27.0110 1608 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
23:21:27.0110 1608 TBS - ok
23:21:27.0172 1608 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
23:21:27.0219 1608 Tcpip - ok
23:21:27.0266 1608 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
23:21:27.0266 1608 TCPIP6 - ok
23:21:27.0297 1608 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
23:21:27.0297 1608 tcpipreg - ok
23:21:27.0344 1608 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
23:21:27.0344 1608 TDPIPE - ok
23:21:27.0391 1608 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
23:21:27.0391 1608 TDTCP - ok
23:21:27.0422 1608 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
23:21:27.0437 1608 tdx - ok
23:21:27.0593 1608 TeamViewer7 (3e85bdd019e3db66d9471dad7fd6a887) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
23:21:27.0687 1608 TeamViewer7 - ok
23:21:27.0718 1608 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
23:21:27.0718 1608 TermDD - ok
23:21:27.0749 1608 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
23:21:27.0781 1608 TermService - ok
23:21:27.0796 1608 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
23:21:27.0796 1608 Themes - ok
23:21:27.0843 1608 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:21:27.0843 1608 THREADORDER - ok
23:21:27.0859 1608 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
23:21:27.0874 1608 TrkWks - ok
23:21:27.0952 1608 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
23:21:27.0952 1608 TrustedInstaller - ok
23:21:27.0983 1608 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:21:27.0983 1608 tssecsrv - ok
23:21:28.0015 1608 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
23:21:28.0015 1608 TsUsbFlt - ok
23:21:28.0030 1608 tsusbhub - ok
23:21:28.0139 1608 TuneUp.UtilitiesSvc (b2e856800c25e5e3d8ebc8237a7ca586) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
23:21:28.0186 1608 TuneUp.UtilitiesSvc - ok
23:21:28.0217 1608 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
23:21:28.0217 1608 TuneUpUtilitiesDrv - ok
23:21:28.0249 1608 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
23:21:28.0249 1608 tunnel - ok
23:21:28.0280 1608 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
23:21:28.0280 1608 uagp35 - ok
23:21:28.0342 1608 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
23:21:28.0342 1608 udfs - ok
23:21:28.0373 1608 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
23:21:28.0389 1608 UI0Detect - ok
23:21:28.0420 1608 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
23:21:28.0982 1608 UleadBurningHelper - ok
23:21:29.0013 1608 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
23:21:29.0013 1608 uliagpkx - ok
23:21:29.0044 1608 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
23:21:29.0044 1608 umbus - ok
23:21:29.0091 1608 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
23:21:29.0091 1608 UmPass - ok
23:21:29.0153 1608 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
23:21:29.0169 1608 UmRdpService - ok
23:21:29.0200 1608 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
23:21:29.0216 1608 upnphost - ok
23:21:29.0278 1608 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
23:21:29.0278 1608 usbccgp - ok
23:21:29.0325 1608 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
23:21:29.0325 1608 usbcir - ok
23:21:29.0356 1608 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
23:21:29.0356 1608 usbehci - ok
23:21:29.0372 1608 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
23:21:29.0387 1608 usbhub - ok
23:21:29.0419 1608 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
23:21:29.0419 1608 usbohci - ok
23:21:29.0434 1608 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
23:21:29.0434 1608 usbprint - ok
23:21:29.0481 1608 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
23:21:29.0481 1608 usbscan - ok
23:21:29.0528 1608 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:21:29.0528 1608 USBSTOR - ok
23:21:29.0559 1608 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
23:21:29.0559 1608 usbuhci - ok
23:21:29.0575 1608 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
23:21:29.0590 1608 UxSms - ok
23:21:29.0621 1608 UxTuneUp (85b1dd38ff85441d0154416d72a84719) C:\Windows\System32\uxtuneup.dll
23:21:29.0621 1608 UxTuneUp - ok
23:21:29.0699 1608 V0260VID (c90055bd2bb41443462ea715e0876b8d) C:\Windows\system32\DRIVERS\V0260Vid.sys
23:21:29.0699 1608 V0260VID - ok
23:21:29.0762 1608 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:21:29.0762 1608 VaultSvc - ok
23:21:29.0777 1608 VComm - ok
23:21:29.0809 1608 VcommMgr - ok
23:21:29.0840 1608 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
23:21:29.0840 1608 vdrvroot - ok
23:21:29.0902 1608 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
23:21:29.0918 1608 vds - ok
23:21:29.0949 1608 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
23:21:29.0949 1608 vga - ok
23:21:29.0980 1608 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
23:21:29.0980 1608 VgaSave - ok
23:21:29.0996 1608 VGPU - ok
23:21:30.0058 1608 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
23:21:30.0058 1608 vhdmp - ok
23:21:30.0074 1608 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
23:21:30.0089 1608 viaagp - ok
23:21:30.0105 1608 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
23:21:30.0105 1608 ViaC7 - ok
23:21:30.0121 1608 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
23:21:30.0121 1608 viaide - ok
23:21:30.0152 1608 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
23:21:30.0152 1608 vmbus - ok
23:21:30.0199 1608 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
23:21:30.0199 1608 VMBusHID - ok
23:21:30.0230 1608 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
23:21:30.0230 1608 volmgr - ok
23:21:30.0261 1608 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
23:21:30.0261 1608 volmgrx - ok
23:21:30.0277 1608 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
23:21:30.0292 1608 volsnap - ok
23:21:30.0308 1608 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
23:21:30.0308 1608 vsmraid - ok
23:21:30.0386 1608 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
23:21:30.0433 1608 VSS - ok
23:21:30.0448 1608 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
23:21:30.0448 1608 vwifibus - ok
23:21:30.0495 1608 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
23:21:30.0511 1608 W32Time - ok
23:21:30.0542 1608 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
23:21:30.0542 1608 WacomPen - ok
23:21:30.0573 1608 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:21:30.0573 1608 WANARP - ok
23:21:30.0589 1608 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:21:30.0589 1608 Wanarpv6 - ok
23:21:30.0651 1608 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
23:21:30.0682 1608 wbengine - ok
23:21:30.0745 1608 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
23:21:30.0745 1608 WbioSrvc - ok
23:21:30.0776 1608 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
23:21:30.0791 1608 wcncsvc - ok
23:21:30.0807 1608 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
23:21:30.0823 1608 WcsPlugInService - ok
23:21:30.0854 1608 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
23:21:30.0854 1608 Wd - ok
23:21:30.0885 1608 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:21:30.0885 1608 Wdf01000 - ok
23:21:30.0901 1608 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:21:30.0901 1608 WdiServiceHost - ok
23:21:30.0916 1608 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:21:30.0916 1608 WdiSystemHost - ok
23:21:30.0963 1608 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
23:21:30.0979 1608 WebClient - ok
23:21:31.0010 1608 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
23:21:31.0010 1608 Wecsvc - ok
23:21:31.0041 1608 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
23:21:31.0041 1608 wercplsupport - ok
23:21:31.0072 1608 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
23:21:31.0072 1608 WerSvc - ok
23:21:31.0103 1608 wfcxacap (5baeb499219b1ba2bb85e16fa9b744bf) C:\Windows\system32\DRIVERS\wfcxacap.sys
23:21:31.0119 1608 wfcxacap - ok
23:21:31.0150 1608 wfcxatun (adcad4139ccd349c99a54075c5978dd3) C:\Windows\system32\drivers\wfcxatun.sys
23:21:31.0213 1608 wfcxatun - ok
23:21:31.0228 1608 wfcxdtun (7d752f682e1f49d53fc0f98e9076f389) C:\Windows\system32\drivers\wfcxdtun.sys
23:21:31.0244 1608 wfcxdtun - ok
23:21:31.0291 1608 wfcxtcap (825fc0ab64982d4abec6eec947022545) C:\Windows\system32\drivers\wfcxtcap.sys
23:21:31.0337 1608 wfcxtcap - ok
23:21:31.0400 1608 WFCXVCAP (7bce7b6834deba0f095aa0a23ad6fe96) C:\Windows\system32\drivers\wfcxvcap.sys
23:21:31.0431 1608 WFCXVCAP - ok
23:21:31.0462 1608 wfcxxbar (639e830640b1796759896105929c8567) C:\Windows\system32\drivers\wfcxxbar.sys
23:21:31.0478 1608 wfcxxbar - ok
23:21:31.0540 1608 WFIOCTL (9bc98a4e3401d52ed860cf883ccb7478) C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS
23:21:31.0571 1608 WFIOCTL - ok
23:21:31.0618 1608 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
23:21:31.0618 1608 WfpLwf - ok
23:21:31.0649 1608 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
23:21:31.0649 1608 WIMMount - ok
23:21:31.0696 1608 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
23:21:31.0727 1608 WinDefend - ok
23:21:31.0743 1608 WinHttpAutoProxySvc - ok
23:21:31.0805 1608 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
23:21:31.0821 1608 Winmgmt - ok
23:21:31.0883 1608 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
23:21:31.0930 1608 WinRM - ok
23:21:32.0008 1608 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
23:21:32.0008 1608 WinUsb - ok
23:21:32.0071 1608 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
23:21:32.0102 1608 Wlansvc - ok
23:21:32.0258 1608 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:21:32.0305 1608 wlidsvc - ok
23:21:32.0367 1608 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
23:21:32.0367 1608 WmiAcpi - ok
23:21:32.0414 1608 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
23:21:32.0445 1608 wmiApSrv - ok
23:21:32.0492 1608 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
23:21:32.0523 1608 WMPNetworkSvc - ok
23:21:32.0570 1608 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
23:21:32.0570 1608 WPCSvc - ok
23:21:32.0632 1608 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
23:21:32.0632 1608 WPDBusEnum - ok
23:21:32.0663 1608 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
23:21:32.0663 1608 ws2ifsl - ok
23:21:32.0695 1608 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
23:21:32.0695 1608 wscsvc - ok
23:21:32.0710 1608 WSearch - ok
23:21:32.0835 1608 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
23:21:32.0944 1608 wuauserv - ok
23:21:32.0975 1608 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
23:21:32.0975 1608 WudfPf - ok
23:21:33.0022 1608 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:21:33.0022 1608 WUDFRd - ok
23:21:33.0069 1608 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
23:21:33.0069 1608 wudfsvc - ok
23:21:33.0100 1608 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
23:21:33.0116 1608 WwanSvc - ok
23:21:33.0163 1608 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
23:21:33.0209 1608 MBR (0x1B8) (3f59dd1897fd15ace05ba34b3be14fb8) \Device\Harddisk1\DR1
23:21:33.0303 1608 \Device\Harddisk1\DR1 - ok
23:21:33.0319 1608 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
23:21:33.0506 1608 \Device\Harddisk0\DR0 - ok
23:21:33.0506 1608 Boot (0x1200) (e44bcd1e0bc75088014ace111b95c097) \Device\Harddisk1\DR1\Partition0
23:21:33.0521 1608 \Device\Harddisk1\DR1\Partition0 - ok
23:21:33.0521 1608 Boot (0x1200) (2b82ec30e74ee07c7e3ceb8e32dcf5a9) \Device\Harddisk1\DR1\Partition1
23:21:33.0521 1608 \Device\Harddisk1\DR1\Partition1 - ok
23:21:33.0521 1608 Boot (0x1200) (9d287ef21046be86e3b30831c8a93a3c) \Device\Harddisk0\DR0\Partition0
23:21:33.0521 1608 \Device\Harddisk0\DR0\Partition0 - ok
23:21:33.0537 1608 ============================================================
23:21:33.0537 1608 Scan finished
23:21:33.0537 1608 ============================================================
23:21:33.0537 2344 Detected object count: 0
23:21:33.0537 2344 Actual detected object count: 0
23:21:53.0521 4056 Deinitialize success
ale TDSSKiller tvrdí, že je čistý. Mohl byste dáte poslední log ComboFix (po posledním skenu)?Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: WDC_WD2500KS-00MJB0 rev.02.01C03 -> Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-3
Kód: Vybrat vše
ComboFix 12-03-22.01 - RADKA 24.03.2012 22:57:31.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1352 [GMT 1:00]
Spuštěný z: d:\users\RADKA\Desktop\ComboFix.exe
Použité ovládací přepínače :: d:\users\RADKA\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_XDVA391
-------\Service_XDva391
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-24 do 2012-03-24 )))))))))))))))))))))))))))))))
.
.
2012-03-24 22:02 . 2012-03-24 22:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-24 21:26 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A8F0B72-9467-49C2-815C-6B3DD7F22B10}\mpengine.dll
2012-03-24 20:24 . 2012-03-24 22:04 -------- d-----w- c:\users\RADKA\AppData\Local\temp
2012-03-24 19:57 . 2012-03-24 19:57 -------- d-----w- c:\program files\trend micro
2012-03-24 14:35 . 2012-03-24 14:35 -------- d-----w- c:\program files\Common Files\Skype
2012-03-24 14:34 . 2012-03-24 14:35 -------- d-----r- c:\program files\Skype
2012-03-24 13:46 . 2012-03-24 13:46 -------- d-----w- c:\program files\Rockstar Games
2012-03-21 16:19 . 2012-03-24 15:09 -------- d-----w- c:\programdata\Bluetooth
2012-03-21 16:17 . 2012-03-21 16:17 -------- d-----w- c:\program files\IVT Corporation
2012-03-19 10:14 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-03-18 10:32 . 2012-03-24 13:40 -------- d-----w- c:\users\RADKA\AppData\Roaming\.minecraft
2012-03-17 19:34 . 2012-02-09 12:17 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{59A5F76A-3AF3-4821-9A40-418E6CD14136}\gapaengine.dll
2012-03-17 19:27 . 2012-03-17 19:28 -------- d-----w- c:\program files\Microsoft Security Client
2012-03-16 13:25 . 2012-02-08 06:03 6552120 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0A468FF7-AA86-47EF-ABDB-0D85FA8346FD}\mpengine.dll
2012-03-15 16:31 . 2012-03-15 16:31 -------- d-----w- c:\users\RADKA\AppData\Local\Sony
2012-03-15 16:31 . 2012-03-15 16:31 -------- d-----w- c:\users\RADKA\Podcasts
2012-03-15 16:31 . 2012-03-15 16:31 -------- d-----w- c:\program files\Common Files\Sony Shared
2012-03-15 16:30 . 2012-03-15 16:30 -------- d-----w- c:\users\RADKA\AppData\Local\Downloaded Installations
2012-03-15 16:30 . 2012-03-15 16:30 -------- d-----w- c:\programdata\Sony Corporation
2012-03-15 16:27 . 2012-03-15 16:28 -------- d-----w- c:\program files\Sony Media Go Install
2012-03-15 16:27 . 2012-03-15 16:31 -------- d-----w- c:\users\RADKA\AppData\Roaming\Sony
2012-03-15 16:24 . 2012-03-15 16:30 -------- d-----w- c:\program files\Sony
2012-03-15 16:24 . 2012-03-15 16:24 -------- d-----w- c:\programdata\Sony
2012-03-14 13:32 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-14 13:32 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 13:30 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 13:30 . 2012-02-03 03:54 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 13:29 . 2012-01-25 05:27 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 13:29 . 2012-01-25 05:32 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 13:29 . 2012-01-25 05:32 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 13:28 . 2012-02-17 05:34 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 13:28 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 13:28 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 13:28 . 2012-02-17 04:14 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-11 11:54 . 2012-03-11 11:54 -------- d-----w- c:\users\RADKA\AppData\Local\Ubisoft
2012-03-11 11:49 . 2008-07-12 07:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2012-03-11 11:49 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2012-03-11 11:49 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2012-03-11 11:48 . 2012-03-11 11:48 -------- d-----w- c:\programdata\InstallShield
2012-03-11 11:40 . 2007-04-27 09:12 394184 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\_isusres.dll
2012-03-11 11:40 . 2006-09-10 20:56 86960 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
2012-03-11 11:40 . 2006-09-10 20:56 992176 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\agent.exe
2012-03-11 11:40 . 2006-09-10 20:56 283568 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISDM.exe
2012-03-10 19:53 . 2012-03-10 19:53 2337865 ----a-w- c:\windows\system32\pbsvc.exe
2012-03-10 19:43 . 2012-03-24 14:06 -------- d-----w- c:\program files\Ubisoft
2012-03-10 13:34 . 2012-03-10 17:55 83872 ----a-w- c:\windows\system32\drivers\atksgt.sys
2012-03-10 13:34 . 2012-03-10 17:55 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2012-03-09 20:42 . 2012-03-09 21:47 -------- d-----w- c:\programdata\TrackMania
2012-03-06 13:29 . 2012-03-16 17:33 -------- d-----w- c:\users\RADKA\AppData\Roaming\Audacity
2012-03-06 13:29 . 2012-03-06 13:29 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2012-03-04 12:04 . 2012-03-17 07:41 -------- d-----w- c:\program files\Common Files\BioWare
2012-03-04 11:53 . 2012-03-05 13:56 -------- d-----w- c:\users\RADKA\AppData\Roaming\DAEMON Tools Lite
2012-03-04 11:53 . 2012-03-04 11:53 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-03-02 17:45 . 2012-03-02 17:45 -------- d-----w- c:\users\RADKA\AppData\Local\PAYDAY
2012-03-02 17:43 . 2012-03-02 17:43 -------- d-----w- c:\program files\NVIDIA Corporation
2012-02-25 21:05 . 2012-02-25 21:06 -------- d-----w- C:\Fraps
2012-02-25 20:41 . 2012-02-25 20:41 -------- d-----w- c:\windows\cs
2012-02-25 20:39 . 2012-02-25 20:39 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-02-25 20:37 . 2012-02-25 20:38 -------- d-----w- c:\program files\Windows Live
2012-02-25 20:23 . 2012-02-29 14:59 -------- d-----w- c:\users\RADKA\AppData\Local\Windows Live
2012-02-25 20:23 . 2012-02-25 20:23 -------- d-----w- c:\program files\Common Files\Windows Live
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-19 10:34 . 2011-05-08 21:17 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-10 19:54 . 2011-09-29 19:22 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-03-10 19:54 . 2011-09-29 19:22 22328 ----a-w- c:\users\RADKA\AppData\Roaming\PnkBstrK.sys
2012-03-10 19:53 . 2011-09-29 19:21 107832 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-03-10 19:53 . 2011-09-29 19:21 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-03-04 11:55 . 2011-05-08 21:21 473656 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-02-25 20:36 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-02-17 18:39 . 2011-08-22 18:13 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-31 03:59 . 2011-05-08 17:58 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-19 13:38 . 2012-01-18 18:47 21840 ----atw- c:\windows\system32\SIntfNT.dll
2012-01-19 13:38 . 2012-01-18 18:47 17212 ----atw- c:\windows\system32\SIntf32.dll
2012-01-19 13:38 . 2012-01-18 18:47 12067 ----atw- c:\windows\system32\SIntf16.dll
2012-01-18 18:54 . 2012-01-18 18:53 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2012-01-04 08:58 . 2012-02-15 13:29 442880 ----a-w- c:\windows\system32\ntshrui.dll
2011-12-30 05:27 . 2012-02-15 13:29 478720 ----a-w- c:\windows\system32\timedate.cpl
2011-08-12 03:15 . 2011-08-30 10:25 126976 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2012-01-27 441016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"wave2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
2005-10-27 10:00 299008 ------w- c:\program files\Creative\Shared Files\CamTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-07-22 16:33 150528 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
2009-09-03 09:30 61440 ----a-w- c:\genius\ioCentre\gTaskBar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2011-01-18 18:47 10025576 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2010-02-10 21:32 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
2006-12-04 10:01 372736 ----a-w- c:\program files\WinFast\WFDTV\WFWIZ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
2006-12-06 14:57 69632 ----a-w- c:\program files\WinFast\WFDTV\DTVSchdl.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\RADKA\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe"
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"nvidia"=c:\windows\rundll33.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 CXAVSAUD;Prolink 2388x Audio Capture;c:\windows\system32\DRIVERS\pvavsaud.sys [2005-10-25 11008]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/01/06 14:46];c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ntk_PowerDVD;ntk_PowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.SYS [2005-01-06 9446]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [x]
R4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [x]
R4 GeniusMouseService;GeniusMouseService;c:\genius\ioCentre\GMouseService.exe [2010-03-11 12288]
R4 gogoc;gogo6 gogoCLIENT;c:\program files\gogo6\gogoCLIENT\gogoc.exe [2010-03-22 390472]
R4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-03-28 4323256]
R4 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R4 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\DRIVERS\wfcxacap.sys [2006-08-07 9856]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-03-04 1523008]
S2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [2006-08-07 31616]
S2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [2006-08-07 167424]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [2009-11-02 20480]
S3 gMouUsb16;USB 16-bit Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb16.sys [2009-06-25 9216]
S3 gogoTunnelDevice;gogo6 Multi-Virtual Tunnel Adapter;c:\windows\system32\DRIVERS\gogotun.sys [2010-03-22 21064]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2011-02-10 10064]
S3 V0260VID;Live! Cam Vista IM;c:\windows\system32\DRIVERS\V0260Vid.sys [2006-11-03 178913]
S3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [2006-08-07 21248]
S3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [2006-08-07 15872]
S3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [2006-08-07 10496]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2113884054-3851899101-3007325117-1001Core.job
- c:\users\RADKA\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-08 20:33]
.
2012-03-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2113884054-3851899101-3007325117-1001UA.job
- c:\users\RADKA\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-08 20:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.facemoods.com/?a=ddrnw
IE: Download all by Rapidown... - c:\program files\Rapidown\RapidownGetAll.htm
IE: Download by Rapidown... - c:\program files\Rapidown\RapidownGet.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: {{57E91B47-F40A-11D1-B792-444553540011} - c:\program files\Rapidown\Rapidown.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.24.2 213.46.172.37
TCP: Interfaces\{F06D6CE6-E9F0-4CCA-B22F-B4D774463CBD}: NameServer = 192.168.24.2,213.46.172.37
FF - ProfilePath - c:\users\RADKA\AppData\Roaming\Mozilla\Firefox\Profiles\ykzjht4c.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 4
FF - user.js: extentions.y2layers.installId - e4bb388c-1b80-48dc-a3f0-f0f5d87ed164
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,BestVideoDownloader,
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\windows\system32\conhost.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2012-03-24 23:07:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-24 22:07
ComboFix2.txt 2012-03-24 20:24
.
Před spuštěním: Volných bajtů: 214 386 720 768
Po spuštění: Volných bajtů: 214 125 027 328
.
- - End Of File - - E325E225F3E6ADDEC32E8F320949744A