VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=123995

Stránka 1 z 1

Prosím o kontrolu logu

Napsal: 30 srp 2012 18:53
od tomas5911
Dobrý den, chtěl bych poprosit o kontrolu logu dostal se mi do pc nějaký vir live security platinum. Děkuji moc

ComboFix 12-08-29.03 - Administrator 30.08.2012 19:30:36.1.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2046.1575 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Dokumenty\Sta×enÚ soubory\ComboFix.exe
AV: PC Tools Spyware Doctor with AntiVirus *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\WINDOWS
c:\documents and settings\All Users\Data aplikací\036E18D42B17D9790046B461E56C3425\036E18D42B17D9790046B461E56C3425.exe
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_xcpip
-------\Service_xpsec
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-28 do 2012-08-30 )))))))))))))))))))))))))))))))
.
.
2012-08-30 16:35 . 2012-08-30 16:35 -------- d-----w- c:\documents and settings\LocalService\Plocha
2012-08-30 16:24 . 2012-06-22 09:39 70768 ----a-w- c:\windows\system32\drivers\PCTBD.sys
2012-08-30 16:08 . 2012-06-22 13:34 203120 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-08-30 16:05 . 2012-08-30 16:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Tools
2012-08-30 16:05 . 2012-08-30 16:05 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\TestApp
2012-08-30 12:43 . 2012-08-30 17:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\036E18D42B17D9790046B461E56C3425
2012-08-30 12:29 . 2012-08-30 12:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Babylon
2012-08-30 12:29 . 2012-08-30 12:29 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Babylon
2012-08-30 12:29 . 2012-08-30 12:29 -------- d-----w- c:\program files\YourFileDownloader
2012-08-30 12:29 . 2012-08-30 12:29 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\YourFileDownloader
2012-08-30 12:27 . 2012-08-30 12:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2012-08-30 12:14 . 2012-08-30 12:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\GHISLER
2012-08-30 12:09 . 2012-08-30 12:09 -------- d-----w- C:\totalcmd
2012-08-30 12:09 . 2012-08-30 12:09 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\GHISLER
2012-08-07 04:14 . 2012-08-07 04:14 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2012-08-07 04:14 . 2012-08-07 04:14 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2012-08-07 04:14 . 2012-08-07 04:14 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2012-08-07 04:14 . 2012-08-07 04:14 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2012-08-07 04:14 . 2012-08-07 04:14 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-08-07 04:14 . 2012-08-07 04:14 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-08-07 04:14 . 2012-08-07 04:14 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-22 08:43 . 2012-08-30 16:24 3488 ----a-w- c:\windows\UDB.zip
2012-06-22 08:43 . 2012-08-30 16:24 131 ----a-w- c:\windows\IDB.zip
2012-08-07 04:14 . 2011-07-27 18:39 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[7] 2004-08-18 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\atapi.sys
[-] 2004-08-03 21:59 . E98A07CEB60A085C580BC8B2DFFAE081 . 95360 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2011-04-12 32768]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-03-28 3325952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-27 16248320]
"SkyTel"="SkyTel.EXE" [2006-06-27 2879488]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-26 8445952]
"nwiz"="nwiz.exe" [2007-04-26 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-26 81920]
"MSys32"="c:\program files\under water demo\target\morfitwebentrance.exe" [2000-08-01 139264]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-01-20 28160]
"MMTray"="c:\program files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2005-07-19 135168]
"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2005-07-19 53248]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2011-4-12 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-4-12 532480]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdAuxService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdCoreService]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Hry\\quake3\\quake3.exe"=
"c:\\Hry\\Cs\\hl.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Hry\\WOW\\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe"=
"c:\\Hry\\generals\\Command & Conquer(tm) Generals Zero Hour\\generals.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\YourFileDownloader\\Downloader.exe"=
"c:\\Program Files\\YourFileDownloader\\YourFile.exe"=
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [30.8.2012 18:08 383368]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [30.8.2012 18:08 342168]
R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [30.8.2012 18:08 203120]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [30.7.2008 7:51 277736]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [30.8.2012 18:24 575448]
R3 scrusb2a;SmartCard-Reader USB 2A;c:\windows\system32\drivers\scrusb2a.sys [12.3.2000 16:27 52198]
S2 LicCtrlService;LicCtrl Service;rundll32.exe c:\windows\mmfs.dll,Service --> rundll32.exe c:\windows\mmfs.dll,Service [?]
S3 9cw8e.sys;9cw8e.sys;\??\c:\windows\system32\drivers\9cw8e.sys --> c:\windows\system32\drivers\9cw8e.sys [?]
S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\drivers\PCTBD.sys [30.8.2012 18:24 70768]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools\PC Tools Security\pctsAuxs.exe [30.8.2012 18:23 402368]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - xcpip
*Deregistered* - xpsec
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-30 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2011-03-25 21:18]
.
2012-08-30 c:\windows\Tasks\YourFile Update.job
- c:\program files\YourFileDownloader\YourFileUpdater.exe [2012-08-30 12:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.babylon.com/?affID=112555&tt=3512_7&babsrc=HP_ss&mntrId=34c36bec000000000000003005c386ff
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
TCP: DhcpNameServer = 10.0.0.138
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\lh1ie7f6.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-my-world - FunRun - c:\windows\IsUn0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-30 19:40
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(1008)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
- - - - - - - > 'explorer.exe'(4012)
c:\docume~1\ADMINI~1\LOCALS~1\Temp\IadHide5.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\SCardSvr.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Logitech\KHAL\KHALMNPR.EXE
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-08-30 19:41:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-30 17:41
.
Před spuštěním: 1 170 640 896
Po spuštění: 9 863 282 688
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 17AD6A97A40B3F8F19693A292A1FB7F3

Re: Prosím o kontrolu logu

Napsal: 30 srp 2012 19:00
od Rudy
Zdravím!
Proč používáte ComboFix bez doporučení rádce? Hodláte si shodit, nebo poškodit systém, který tu pak budeme těžko napravovat?. V PC máte rootkit.

Stáhněte a spusťte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip . Nechte pracovat a po ukočení akce sem dejte log z něj.

Re: Prosím o kontrolu logu

Napsal: 30 srp 2012 19:50
od tomas5911
20:36:07.0296 0556 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
20:36:07.0593 0556 ============================================================
20:36:07.0593 0556 Current date / time: 2012/08/30 20:36:07.0593
20:36:07.0593 0556 SystemInfo:
20:36:07.0593 0556
20:36:07.0593 0556 OS Version: 5.1.2600 ServicePack: 2.0
20:36:07.0593 0556 Product type: Workstation
20:36:07.0593 0556 ComputerName: ELISKA
20:36:07.0593 0556 UserName: Administrator
20:36:07.0593 0556 Windows directory: C:\WINDOWS
20:36:07.0593 0556 System windows directory: C:\WINDOWS
20:36:07.0593 0556 Processor architecture: Intel x86
20:36:07.0593 0556 Number of processors: 2
20:36:07.0593 0556 Page size: 0x1000
20:36:07.0593 0556 Boot type: Normal boot
20:36:07.0593 0556 ============================================================
20:36:10.0484 0556 BG loaded
20:36:25.0250 0556 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:36:25.0375 0556 ============================================================
20:36:25.0375 0556 \Device\Harddisk0\DR0:
20:36:25.0375 0556 MBR partitions:
20:36:25.0375 0556 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
20:36:25.0375 0556 ============================================================
20:36:25.0609 0556 C: <-> \Device\Harddisk0\DR0\Partition1
20:36:25.0625 0556 ============================================================
20:36:25.0625 0556 Initialize success
20:36:25.0625 0556 ============================================================
20:46:30.0968 3852 ============================================================
20:46:30.0968 3852 Scan started
20:46:30.0968 3852 Mode: Manual;
20:46:30.0968 3852 ============================================================
20:46:33.0953 3852 ================ Scan system memory ========================
20:46:33.0968 3852 System memory - ok
20:46:33.0968 3852 ================ Scan services =============================
20:46:34.0453 3852 9cw8e.sys - ok
20:46:34.0453 3852 Abiosdsk - ok
20:46:34.0468 3852 abp480n5 - ok
20:46:34.0593 3852 [ 27F954120BABB8A00F8745D8F5BC9B82 ] acedrv11 C:\WINDOWS\system32\drivers\acedrv11.sys
20:46:34.0593 3852 acedrv11 - ok
20:46:34.0640 3852 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:46:34.0656 3852 ACPI - ok
20:46:34.0687 3852 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:46:34.0687 3852 ACPIEC - ok
20:46:34.0703 3852 adpu160m - ok
20:46:34.0765 3852 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:46:34.0781 3852 aec - ok
20:46:34.0859 3852 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:46:34.0859 3852 AFD - ok
20:46:34.0875 3852 Aha154x - ok
20:46:34.0875 3852 aic78u2 - ok
20:46:34.0875 3852 aic78xx - ok
20:46:34.0937 3852 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:46:34.0937 3852 Alerter - ok
20:46:34.0984 3852 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
20:46:34.0984 3852 ALG - ok
20:46:34.0984 3852 AliIde - ok
20:46:34.0984 3852 amsint - ok
20:46:35.0031 3852 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:46:35.0062 3852 AppMgmt - ok
20:46:35.0062 3852 asc - ok
20:46:35.0078 3852 asc3350p - ok
20:46:35.0078 3852 asc3550 - ok
20:46:35.0250 3852 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:46:35.0296 3852 aspnet_state - ok
20:46:35.0343 3852 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:46:35.0343 3852 AsyncMac - ok
20:46:35.0359 3852 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:46:35.0359 3852 atapi - ok
20:46:35.0375 3852 Atdisk - ok
20:46:35.0375 3852 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:46:35.0375 3852 Atmarpc - ok
20:46:35.0421 3852 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:46:35.0421 3852 AudioSrv - ok
20:46:35.0468 3852 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:46:35.0468 3852 audstub - ok
20:46:35.0500 3852 [ 241474D01380E9ED41D4C07F4F5FD401 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
20:46:35.0500 3852 b57w2k - ok
20:46:35.0562 3852 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:46:35.0562 3852 Beep - ok
20:46:35.0625 3852 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
20:46:35.0625 3852 BITS - ok
20:46:35.0671 3852 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
20:46:35.0671 3852 Browser - ok
20:46:36.0359 3852 [ 7EFFCCD7B6EA4D3428F5B3ACE8DE8F5A ] Browser Defender Update Service C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
20:46:36.0359 3852 Browser Defender Update Service - ok
20:46:36.0359 3852 catchme - ok
20:46:36.0390 3852 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:46:36.0390 3852 cbidf2k - ok
20:46:36.0390 3852 cd20xrnt - ok
20:46:36.0453 3852 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:46:36.0453 3852 Cdaudio - ok
20:46:36.0515 3852 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:46:36.0515 3852 Cdfs - ok
20:46:36.0578 3852 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:46:36.0578 3852 Cdrom - ok
20:46:36.0578 3852 Changer - ok
20:46:36.0625 3852 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:46:36.0625 3852 CiSvc - ok
20:46:36.0656 3852 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:46:36.0671 3852 ClipSrv - ok
20:46:36.0750 3852 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:46:36.0828 3852 clr_optimization_v2.0.50727_32 - ok
20:46:36.0828 3852 CmdIde - ok
20:46:36.0843 3852 COMSysApp - ok
20:46:36.0843 3852 Cpqarray - ok
20:46:36.0859 3852 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:46:36.0859 3852 CryptSvc - ok
20:46:36.0875 3852 dac2w2k - ok
20:46:36.0875 3852 dac960nt - ok
20:46:36.0968 3852 [ 2B269C916766BDB43404F043B763427D ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:46:36.0968 3852 DcomLaunch - ok
20:46:36.0984 3852 [ 562830EFB7CF367FB773FEA5256E67C8 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:46:36.0984 3852 Dhcp - ok
20:46:37.0031 3852 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:46:37.0062 3852 Disk - ok
20:46:37.0062 3852 dmadmin - ok
20:46:37.0171 3852 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:46:37.0218 3852 dmboot - ok
20:46:37.0265 3852 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:46:37.0328 3852 dmio - ok
20:46:37.0343 3852 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:46:37.0343 3852 dmload - ok
20:46:37.0359 3852 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:46:37.0359 3852 dmserver - ok
20:46:37.0406 3852 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:46:37.0406 3852 DMusic - ok
20:46:37.0453 3852 [ F605B3F5674D67587C4B6C9E92A3E025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:46:37.0453 3852 Dnscache - ok
20:46:37.0453 3852 dpti2o - ok
20:46:37.0515 3852 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:46:37.0515 3852 drmkaud - ok
20:46:37.0562 3852 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:46:37.0562 3852 ERSvc - ok
20:46:37.0625 3852 [ 4F9F7B567970B524F31D9970A23F7C24 ] Eventlog C:\WINDOWS\system32\services.exe
20:46:37.0625 3852 Eventlog - ok
20:46:37.0703 3852 [ 398314DF0B21338C4996B469101750D1 ] EventSystem C:\WINDOWS\system32\es.dll
20:46:37.0703 3852 EventSystem - ok
20:46:37.0734 3852 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:46:37.0734 3852 Fastfat - ok
20:46:37.0828 3852 [ 8BA76BD2A943F642F267A296A15776D2 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:46:37.0828 3852 FastUserSwitchingCompatibility - ok
20:46:37.0875 3852 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:46:37.0875 3852 Fdc - ok
20:46:37.0921 3852 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:46:37.0921 3852 Fips - ok
20:46:37.0968 3852 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:46:37.0968 3852 Flpydisk - ok
20:46:38.0015 3852 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:46:38.0015 3852 FltMgr - ok
20:46:38.0140 3852 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:46:38.0203 3852 FontCache3.0.0.0 - ok
20:46:38.0218 3852 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:46:38.0218 3852 Fs_Rec - ok
20:46:38.0437 3852 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:46:38.0453 3852 Ftdisk - ok
20:46:38.0468 3852 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:46:38.0468 3852 Gpc - ok
20:46:38.0531 3852 [ 2A013E7530BEAB6E569FAA83F517E836 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
20:46:38.0531 3852 HdAudAddService - ok
20:46:38.0546 3852 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:46:38.0546 3852 HDAudBus - ok
20:46:38.0625 3852 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:46:38.0625 3852 helpsvc - ok
20:46:38.0687 3852 [ D2DCF769E5A70027058AD5BE1F9B55BF ] HidServ C:\WINDOWS\System32\hidserv.dll
20:46:38.0687 3852 HidServ - ok
20:46:38.0765 3852 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:46:38.0765 3852 HidUsb - ok
20:46:38.0765 3852 hpn - ok
20:46:38.0937 3852 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:46:38.0937 3852 HTTP - ok
20:46:39.0000 3852 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:46:39.0015 3852 HTTPFilter - ok
20:46:39.0031 3852 i2omgmt - ok
20:46:39.0031 3852 i2omp - ok
20:46:39.0093 3852 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:46:39.0093 3852 i8042prt - ok
20:46:39.0421 3852 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:46:39.0468 3852 idsvc - ok
20:46:39.0531 3852 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:46:39.0531 3852 Imapi - ok
20:46:39.0656 3852 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:46:39.0687 3852 ImapiService - ok
20:46:39.0687 3852 ini910u - ok
20:46:40.0187 3852 [ 909D03B3B7FB7C830B74F74F4D0EA7CE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:46:40.0203 3852 IntcAzAudAddService - ok
20:46:40.0218 3852 IntelIde - ok
20:46:40.0281 3852 [ 10A3AC0F0DF720AD3C3FD13861D50EB9 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:46:40.0281 3852 intelppm - ok
20:46:40.0312 3852 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:46:40.0328 3852 Ip6Fw - ok
20:46:40.0359 3852 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:46:40.0359 3852 IpFilterDriver - ok
20:46:40.0406 3852 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:46:40.0421 3852 IpInIp - ok
20:46:40.0453 3852 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:46:40.0453 3852 IpNat - ok
20:46:40.0531 3852 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:46:40.0531 3852 IPSec - ok
20:46:40.0593 3852 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:46:40.0609 3852 IRENUM - ok
20:46:40.0656 3852 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:46:40.0656 3852 isapnp - ok
20:46:40.0703 3852 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:46:40.0703 3852 Kbdclass - ok
20:46:40.0828 3852 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:46:40.0843 3852 kmixer - ok
20:46:40.0859 3852 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:46:40.0875 3852 KSecDD - ok
20:46:40.0906 3852 [ D6586C7DEABDBD1390286B442EA4C58D ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
20:46:40.0921 3852 L8042Kbd - ok
20:46:40.0968 3852 [ 37FCB1ABA2D8CD90C35BA1D7D9C73D7C ] L8042mou C:\WINDOWS\system32\Drivers\L8042mou.sys
20:46:40.0968 3852 L8042mou - ok
20:46:41.0046 3852 [ 6D6BDD68B775986577C48A8DF961A05C ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:46:41.0046 3852 lanmanserver - ok
20:46:41.0125 3852 [ 6BF7BAF420DD4422D2C35DFB3E51A29C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:46:41.0140 3852 lanmanworkstation - ok
20:46:41.0140 3852 lbrtfdc - ok
20:46:41.0171 3852 [ 87E9742C445B88DE00D2421F1B1F06EA ] LHidKe C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
20:46:41.0171 3852 LHidKe - ok
20:46:41.0171 3852 LicCtrlService - ok
20:46:41.0234 3852 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:46:41.0234 3852 LmHosts - ok
20:46:41.0281 3852 [ 749FDF0FD33071CBF0658CC2B94D4DF5 ] LMouKE C:\WINDOWS\system32\Drivers\LMouKE.sys
20:46:41.0296 3852 LMouKE - ok
20:46:41.0406 3852 [ 4F74184920B2D6E33024409B4C5C57C1 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
20:46:41.0421 3852 McciCMService - ok
20:46:41.0468 3852 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:46:41.0484 3852 Messenger - ok
20:46:41.0515 3852 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:46:41.0515 3852 mnmdd - ok
20:46:41.0578 3852 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:46:41.0578 3852 mnmsrvc - ok
20:46:41.0609 3852 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:46:41.0625 3852 Modem - ok
20:46:41.0656 3852 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:46:41.0656 3852 Mouclass - ok
20:46:41.0687 3852 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:46:41.0687 3852 mouhid - ok
20:46:41.0765 3852 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:46:41.0781 3852 MountMgr - ok
20:46:41.0796 3852 mraid35x - ok
20:46:41.0812 3852 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
20:46:41.0828 3852 MREMP50 - ok
20:46:41.0843 3852 MREMP50a64 - ok
20:46:41.0843 3852 MREMPR5 - ok
20:46:41.0859 3852 MRENDIS5 - ok
20:46:41.0890 3852 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
20:46:41.0906 3852 MRESP50 - ok
20:46:41.0906 3852 MRESP50a64 - ok
20:46:41.0953 3852 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:46:41.0953 3852 MRxDAV - ok
20:46:42.0156 3852 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:46:42.0156 3852 MRxSmb - ok
20:46:42.0218 3852 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:46:42.0234 3852 MSDTC - ok
20:46:42.0281 3852 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:46:42.0281 3852 Msfs - ok
20:46:42.0281 3852 MSIServer - ok
20:46:42.0390 3852 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:46:42.0406 3852 MSKSSRV - ok
20:46:42.0453 3852 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:46:42.0484 3852 MSPCLOCK - ok
20:46:42.0515 3852 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:46:42.0515 3852 MSPQM - ok
20:46:42.0578 3852 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:46:42.0578 3852 mssmbios - ok
20:46:42.0609 3852 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:46:42.0640 3852 Mup - ok
20:46:42.0703 3852 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:46:42.0703 3852 NDIS - ok
20:46:42.0750 3852 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:46:42.0750 3852 NdisTapi - ok
20:46:42.0812 3852 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:46:42.0828 3852 Ndisuio - ok
20:46:42.0890 3852 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:46:42.0890 3852 NdisWan - ok
20:46:42.0890 3852 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:46:42.0890 3852 NDProxy - ok
20:46:42.0953 3852 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:46:42.0953 3852 NetBIOS - ok
20:46:43.0015 3852 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:46:43.0015 3852 NetBT - ok
20:46:43.0046 3852 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
20:46:43.0062 3852 NetDDE - ok
20:46:43.0062 3852 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:46:43.0062 3852 NetDDEdsdm - ok
20:46:43.0109 3852 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:46:43.0109 3852 Netlogon - ok
20:46:43.0187 3852 [ AF342D2781225A8769686E0D47E3123E ] Netman C:\WINDOWS\System32\netman.dll
20:46:43.0203 3852 Netman - ok
20:46:43.0281 3852 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:46:43.0281 3852 NetTcpPortSharing - ok
20:46:43.0437 3852 [ A6E79B60AC73241E5721AB6A573D2B24 ] Nla C:\WINDOWS\System32\mswsock.dll
20:46:43.0437 3852 Nla - ok
20:46:43.0453 3852 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:46:43.0453 3852 Npfs - ok
20:46:43.0656 3852 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:46:43.0687 3852 Ntfs - ok
20:46:43.0718 3852 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:46:43.0718 3852 NtLmSsp - ok
20:46:43.0875 3852 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:46:43.0921 3852 NtmsSvc - ok
20:46:43.0937 3852 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:46:43.0937 3852 Null - ok
20:46:44.0656 3852 [ 33AE09E9027F5F22E80A6C80715B79DF ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:46:44.0703 3852 nv - ok
20:46:44.0812 3852 [ DE6F8D1079FC0E9912AB60308B110026 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
20:46:44.0812 3852 NVSvc - ok
20:46:44.0859 3852 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:46:44.0875 3852 NwlnkFlt - ok
20:46:44.0890 3852 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:46:44.0890 3852 NwlnkFwd - ok
20:46:44.0937 3852 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:46:44.0937 3852 Parport - ok
20:46:44.0937 3852 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:46:44.0953 3852 PartMgr - ok
20:46:45.0000 3852 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:46:45.0015 3852 ParVdm - ok
20:46:45.0046 3852 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:46:45.0046 3852 PCI - ok
20:46:45.0046 3852 PCIDump - ok
20:46:45.0062 3852 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:46:45.0062 3852 PCIIde - ok
20:46:45.0140 3852 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:46:45.0187 3852 Pcmcia - ok
20:46:45.0250 3852 [ 7BC8027D56FAB153A987C56AE9835664 ] PCnet C:\WINDOWS\system32\DRIVERS\pcntpci5.sys
20:46:45.0250 3852 PCnet - ok
20:46:45.0296 3852 [ 6C9E2F69D99C025FD5CAB2228E495FA1 ] PCTBD C:\WINDOWS\system32\Drivers\PCTBD.sys
20:46:45.0296 3852 PCTBD - ok
20:46:45.0328 3852 [ F7DA28F2AB6CD32B2F76EE96EDAD8F20 ] PCTCore C:\WINDOWS\system32\drivers\PCTCore.sys
20:46:45.0343 3852 PCTCore - ok
20:46:45.0390 3852 [ 3C9FD593E95B98C642B4486CD122C2FB ] pctDS C:\WINDOWS\system32\drivers\pctDS.sys
20:46:45.0390 3852 pctDS - ok
20:46:45.0437 3852 [ 5E11C0C1BEE956DE9EAAC7ED086D8DB9 ] PCTSD C:\WINDOWS\system32\Drivers\PCTSD.sys
20:46:45.0437 3852 PCTSD - ok
20:46:45.0437 3852 PDCOMP - ok
20:46:45.0453 3852 PDFRAME - ok
20:46:45.0453 3852 PDRELI - ok
20:46:45.0453 3852 PDRFRAME - ok
20:46:45.0468 3852 perc2 - ok
20:46:45.0468 3852 perc2hib - ok
20:46:45.0500 3852 [ 4F9F7B567970B524F31D9970A23F7C24 ] PlugPlay C:\WINDOWS\system32\services.exe
20:46:45.0515 3852 PlugPlay - ok
20:46:45.0562 3852 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:46:45.0562 3852 PolicyAgent - ok
20:46:45.0609 3852 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:46:45.0609 3852 PptpMiniport - ok
20:46:45.0625 3852 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:46:45.0625 3852 ProtectedStorage - ok
20:46:45.0640 3852 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:46:45.0640 3852 PSched - ok
20:46:45.0656 3852 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:46:45.0656 3852 Ptilink - ok
20:46:45.0703 3852 [ DB3B30C3A4CDCF07E164C14584D9D0F2 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:46:45.0703 3852 PxHelp20 - ok
20:46:45.0718 3852 ql1080 - ok
20:46:45.0718 3852 Ql10wnt - ok
20:46:45.0734 3852 ql12160 - ok
20:46:45.0734 3852 ql1240 - ok
20:46:45.0750 3852 ql1280 - ok
20:46:45.0750 3852 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:46:45.0750 3852 RasAcd - ok
20:46:45.0796 3852 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:46:45.0796 3852 RasAuto - ok
20:46:45.0828 3852 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:46:45.0828 3852 Rasl2tp - ok
20:46:45.0859 3852 [ 6E519D777C91E90592403C9F981FDF03 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:46:45.0875 3852 RasMan - ok
20:46:45.0906 3852 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:46:45.0906 3852 RasPppoe - ok
20:46:45.0906 3852 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:46:45.0906 3852 Raspti - ok
20:46:46.0125 3852 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:46:46.0125 3852 Rdbss - ok
20:46:46.0187 3852 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:46:46.0187 3852 RDPCDD - ok
20:46:46.0265 3852 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:46:46.0265 3852 rdpdr - ok
20:46:46.0421 3852 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:46:46.0421 3852 RDPWD - ok
20:46:46.0515 3852 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:46:46.0562 3852 RDSessMgr - ok
20:46:46.0625 3852 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:46:46.0625 3852 redbook - ok
20:46:46.0656 3852 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:46:46.0656 3852 RemoteAccess - ok
20:46:46.0718 3852 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:46:46.0718 3852 RemoteRegistry - ok
20:46:46.0781 3852 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:46:46.0828 3852 RpcLocator - ok
20:46:46.0890 3852 [ 2B269C916766BDB43404F043B763427D ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:46:46.0906 3852 RpcSs - ok
20:46:46.0968 3852 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:46:46.0968 3852 RSVP - ok
20:46:47.0000 3852 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
20:46:47.0000 3852 SamSs - ok
20:46:47.0125 3852 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:46:47.0125 3852 SCardSvr - ok
20:46:47.0203 3852 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:46:47.0203 3852 Schedule - ok
20:46:47.0265 3852 [ 7D8A8FA40D78C7BE34C92290900DC730 ] scrusb2a C:\WINDOWS\system32\DRIVERS\scrusb2a.sys
20:46:47.0265 3852 scrusb2a - ok
20:46:47.0453 3852 [ CFEB26A26452D5337C2F3AADD8218FC3 ] sdAuxService C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
20:46:47.0515 3852 sdAuxService - ok
20:46:47.0671 3852 [ B906C04F469060F2DD7FCB84706B4493 ] sdCoreService C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
20:46:47.0781 3852 sdCoreService - ok
20:46:47.0843 3852 [ 890CADA2AB7ACF53A5F9CCE7515522A2 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:46:47.0843 3852 Secdrv - ok
20:46:47.0906 3852 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:46:47.0906 3852 seclogon - ok
20:46:47.0921 3852 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
20:46:47.0921 3852 SENS - ok
20:46:47.0968 3852 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:46:47.0968 3852 serenum - ok
20:46:48.0046 3852 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:46:48.0046 3852 Serial - ok
20:46:48.0109 3852 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:46:48.0125 3852 Sfloppy - ok
20:46:48.0187 3852 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:46:48.0187 3852 SharedAccess - ok
20:46:48.0218 3852 [ 8BA76BD2A943F642F267A296A15776D2 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:46:48.0218 3852 ShellHWDetection - ok
20:46:48.0218 3852 Simbad - ok
20:46:48.0234 3852 Sparrow - ok
20:46:48.0250 3852 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:46:48.0250 3852 splitter - ok
20:46:48.0312 3852 [ 21B6FAA88044A41640E03EBB68BE93E8 ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:46:48.0312 3852 Spooler - ok
20:46:48.0375 3852 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:46:48.0421 3852 sr - ok
20:46:48.0468 3852 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
20:46:48.0484 3852 srservice - ok
20:46:48.0609 3852 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:46:48.0609 3852 Srv - ok
20:46:48.0687 3852 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:46:48.0687 3852 SSDPSRV - ok
20:46:48.0828 3852 [ 0645CCDDDD27F96EEA3534C1DEF736D9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:46:48.0859 3852 stisvc - ok
20:46:48.0890 3852 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:46:48.0890 3852 swenum - ok
20:46:48.0906 3852 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:46:48.0906 3852 swmidi - ok
20:46:48.0921 3852 SwPrv - ok
20:46:48.0921 3852 symc810 - ok
20:46:48.0937 3852 symc8xx - ok
20:46:48.0937 3852 sym_hi - ok
20:46:48.0953 3852 sym_u3 - ok
20:46:49.0015 3852 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:46:49.0015 3852 sysaudio - ok
20:46:49.0046 3852 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:46:49.0062 3852 SysmonLog - ok
20:46:49.0093 3852 [ 37162D29CD61519E6F5EA0DE99786FF6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:46:49.0109 3852 TapiSrv - ok
20:46:49.0156 3852 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:46:49.0171 3852 Tcpip - ok
20:46:49.0187 3852 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:46:49.0218 3852 TDPIPE - ok
20:46:49.0265 3852 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:46:49.0265 3852 TDTCP - ok
20:46:49.0296 3852 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:46:49.0296 3852 TermDD - ok
20:46:49.0437 3852 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
20:46:49.0437 3852 TermService - ok
20:46:49.0484 3852 [ 8BA76BD2A943F642F267A296A15776D2 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:46:49.0484 3852 Themes - ok
20:46:49.0515 3852 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:46:49.0546 3852 TlntSvr - ok
20:46:49.0546 3852 TosIde - ok
20:46:49.0578 3852 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:46:49.0578 3852 TrkWks - ok
20:46:49.0625 3852 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:46:49.0625 3852 Udfs - ok
20:46:49.0625 3852 ultra - ok
20:46:49.0671 3852 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
20:46:49.0671 3852 UMWdf - ok
20:46:49.0718 3852 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:46:49.0718 3852 Update - ok
20:46:49.0765 3852 [ 984FC1518B0D5B31D76F0E63608E0500 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:46:49.0765 3852 upnphost - ok
20:46:49.0796 3852 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
20:46:49.0796 3852 UPS - ok
20:46:49.0875 3852 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:46:49.0906 3852 usbccgp - ok
20:46:49.0953 3852 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:46:49.0953 3852 usbehci - ok
20:46:49.0984 3852 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:46:49.0984 3852 usbhub - ok
20:46:50.0046 3852 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:46:50.0062 3852 USBSTOR - ok
20:46:50.0078 3852 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:46:50.0078 3852 usbuhci - ok
20:46:50.0093 3852 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:46:50.0093 3852 VgaSave - ok
20:46:50.0109 3852 ViaIde - ok
20:46:50.0109 3852 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:46:50.0109 3852 VolSnap - ok
20:46:50.0140 3852 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
20:46:50.0171 3852 VSS - ok
20:46:50.0281 3852 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
20:46:50.0281 3852 W32Time - ok
20:46:50.0343 3852 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:46:50.0343 3852 Wanarp - ok
20:46:50.0343 3852 WDICA - ok
20:46:50.0390 3852 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:46:50.0390 3852 wdmaud - ok
20:46:50.0421 3852 [ 3791ADF1D3466AC6B4B662D3F79CBFEC ] WebClient C:\WINDOWS\System32\webclnt.dll
20:46:50.0421 3852 WebClient - ok
20:46:50.0671 3852 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:46:50.0671 3852 winmgmt - ok
20:46:50.0750 3852 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:46:50.0750 3852 WmdmPmSN - ok
20:46:50.0796 3852 [ E428EED87E8055FB995CF0E4D1532D4C ] Wmi C:\WINDOWS\System32\advapi32.dll
20:46:50.0796 3852 Wmi - ok
20:46:50.0843 3852 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:46:50.0843 3852 WmiApSrv - ok
20:46:50.0875 3852 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:46:50.0875 3852 WS2IFSL - ok
20:46:50.0953 3852 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:46:50.0968 3852 wscsvc - ok
20:46:51.0031 3852 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:46:51.0046 3852 wuauserv - ok
20:46:51.0218 3852 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:46:51.0218 3852 WZCSVC - ok
20:46:51.0218 3852 xcpip - ok
20:46:51.0265 3852 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:46:51.0281 3852 xmlprov - ok
20:46:51.0296 3852 xpsec - ok
20:46:51.0296 3852 ================ Scan global ===============================
20:46:51.0343 3852 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
20:46:51.0500 3852 [ E4E57FBA176F2752527B1D53A663D2D7 ] C:\WINDOWS\system32\winsrv.dll
20:46:51.0531 3852 [ E4E57FBA176F2752527B1D53A663D2D7 ] C:\WINDOWS\system32\winsrv.dll
20:46:51.0562 3852 [ 4F9F7B567970B524F31D9970A23F7C24 ] C:\WINDOWS\system32\services.exe
20:46:51.0562 3852 [Global] - ok
20:46:51.0562 3852 ================ Scan MBR ==================================
20:46:51.0593 3852 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
20:46:52.0312 3852 \Device\Harddisk0\DR0 - ok
20:46:52.0312 3852 ================ Scan VBR ==================================
20:46:52.0343 3852 [ 9FAEC45D709AA255B78095EB0845B1A4 ] \Device\Harddisk0\DR0\Partition1
20:46:52.0343 3852 \Device\Harddisk0\DR0\Partition1 - ok
20:46:52.0343 3852 ============================================================
20:46:52.0343 3852 Scan finished
20:46:52.0343 3852 ============================================================
20:46:52.0359 3844 Detected object count: 0
20:46:52.0359 3844 Actual detected object count: 0
20:47:09.0562 3992 ============================================================
20:47:09.0562 3992 Scan started
20:47:09.0562 3992 Mode: Manual;
20:47:09.0562 3992 ============================================================
20:47:10.0421 3992 ================ Scan system memory ========================
20:47:10.0421 3992 System memory - ok
20:47:10.0421 3992 ================ Scan services =============================
20:47:14.0109 3992 9cw8e.sys - ok
20:47:14.0109 3992 Abiosdsk - ok
20:47:14.0125 3992 abp480n5 - ok
20:47:14.0281 3992 [ 27F954120BABB8A00F8745D8F5BC9B82 ] acedrv11 C:\WINDOWS\system32\drivers\acedrv11.sys
20:47:14.0281 3992 acedrv11 - ok
20:47:14.0484 3992 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:47:14.0484 3992 ACPI - ok
20:47:14.0671 3992 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:47:14.0671 3992 ACPIEC - ok
20:47:14.0671 3992 adpu160m - ok
20:47:14.0828 3992 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:47:14.0828 3992 aec - ok
20:47:14.0906 3992 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:47:14.0906 3992 AFD - ok
20:47:14.0906 3992 Aha154x - ok
20:47:14.0921 3992 aic78u2 - ok
20:47:14.0921 3992 aic78xx - ok
20:47:14.0953 3992 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:47:14.0953 3992 Alerter - ok
20:47:14.0984 3992 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
20:47:14.0984 3992 ALG - ok
20:47:14.0984 3992 AliIde - ok
20:47:15.0000 3992 amsint - ok
20:47:15.0078 3992 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:47:15.0078 3992 AppMgmt - ok
20:47:15.0078 3992 asc - ok
20:47:15.0093 3992 asc3350p - ok
20:47:15.0093 3992 asc3550 - ok
20:47:15.0296 3992 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:47:15.0390 3992 aspnet_state - ok
20:47:15.0515 3992 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:47:15.0515 3992 AsyncMac - ok
20:47:15.0718 3992 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:47:15.0718 3992 atapi - ok
20:47:15.0718 3992 Atdisk - ok
20:47:15.0812 3992 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:47:15.0812 3992 Atmarpc - ok
20:47:15.0953 3992 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:47:15.0968 3992 AudioSrv - ok
20:47:16.0031 3992 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:47:16.0031 3992 audstub - ok
20:47:16.0218 3992 [ 241474D01380E9ED41D4C07F4F5FD401 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
20:47:16.0218 3992 b57w2k - ok
20:47:16.0406 3992 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:47:16.0406 3992 Beep - ok
20:47:16.0687 3992 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
20:47:16.0687 3992 BITS - ok
20:47:16.0750 3992 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
20:47:16.0750 3992 Browser - ok
20:47:16.0984 3992 [ 7EFFCCD7B6EA4D3428F5B3ACE8DE8F5A ] Browser Defender Update Service C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
20:47:16.0984 3992 Browser Defender Update Service - ok
20:47:16.0984 3992 catchme - ok
20:47:17.0015 3992 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:47:17.0031 3992 cbidf2k - ok
20:47:17.0031 3992 cd20xrnt - ok
20:47:17.0078 3992 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:47:17.0078 3992 Cdaudio - ok
20:47:17.0140 3992 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:47:17.0140 3992 Cdfs - ok
20:47:17.0187 3992 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:47:17.0187 3992 Cdrom - ok
20:47:17.0203 3992 Changer - ok
20:47:17.0234 3992 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:47:17.0234 3992 CiSvc - ok
20:47:17.0250 3992 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:47:17.0250 3992 ClipSrv - ok
20:47:17.0296 3992 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:47:17.0296 3992 clr_optimization_v2.0.50727_32 - ok
20:47:17.0312 3992 CmdIde - ok
20:47:17.0312 3992 COMSysApp - ok
20:47:17.0328 3992 Cpqarray - ok
20:47:17.0375 3992 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:47:17.0375 3992 CryptSvc - ok
20:47:17.0390 3992 dac2w2k - ok
20:47:17.0390 3992 dac960nt - ok
20:47:17.0453 3992 [ 2B269C916766BDB43404F043B763427D ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:47:17.0453 3992 DcomLaunch - ok
20:47:17.0531 3992 [ 562830EFB7CF367FB773FEA5256E67C8 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:47:17.0531 3992 Dhcp - ok
20:47:17.0546 3992 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:47:17.0546 3992 Disk - ok
20:47:17.0546 3992 dmadmin - ok
20:47:17.0609 3992 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:47:17.0625 3992 dmboot - ok
20:47:17.0625 3992 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:47:17.0625 3992 dmio - ok
20:47:17.0640 3992 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:47:17.0640 3992 dmload - ok
20:47:17.0640 3992 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:47:17.0640 3992 dmserver - ok
20:47:17.0703 3992 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:47:17.0703 3992 DMusic - ok
20:47:17.0703 3992 [ F605B3F5674D67587C4B6C9E92A3E025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:47:17.0703 3992 Dnscache - ok
20:47:17.0718 3992 dpti2o - ok
20:47:17.0796 3992 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:47:18.0656 3992 drmkaud - ok
20:47:18.0703 3992 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:47:18.0734 3992 ERSvc - ok
20:47:18.0890 3992 [ 4F9F7B567970B524F31D9970A23F7C24 ] Eventlog C:\WINDOWS\system32\services.exe
20:47:18.0890 3992 Eventlog - ok
20:47:19.0062 3992 [ 398314DF0B21338C4996B469101750D1 ] EventSystem C:\WINDOWS\system32\es.dll
20:47:19.0062 3992 EventSystem - ok
20:47:19.0187 3992 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:47:19.0187 3992 Fastfat - ok
20:47:19.0296 3992 [ 8BA76BD2A943F642F267A296A15776D2 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:47:19.0296 3992 FastUserSwitchingCompatibility - ok
20:47:19.0312 3992 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:47:19.0312 3992 Fdc - ok
20:47:19.0328 3992 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:47:19.0328 3992 Fips - ok
20:47:19.0390 3992 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:47:19.0390 3992 Flpydisk - ok
20:47:19.0468 3992 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:47:19.0468 3992 FltMgr - ok
20:47:19.0593 3992 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:47:19.0593 3992 FontCache3.0.0.0 - ok
20:47:19.0593 3992 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:47:19.0593 3992 Fs_Rec - ok
20:47:19.0640 3992 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:47:19.0640 3992 Ftdisk - ok
20:47:19.0703 3992 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:47:19.0703 3992 Gpc - ok
20:47:19.0812 3992 [ 2A013E7530BEAB6E569FAA83F517E836 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
20:47:19.0812 3992 HdAudAddService - ok
20:47:19.0953 3992 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:47:19.0953 3992 HDAudBus - ok
20:47:20.0109 3992 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:47:20.0109 3992 helpsvc - ok
20:47:20.0187 3992 [ D2DCF769E5A70027058AD5BE1F9B55BF ] HidServ C:\WINDOWS\System32\hidserv.dll
20:47:20.0187 3992 HidServ - ok
20:47:20.0296 3992 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:47:20.0328 3992 HidUsb - ok
20:47:20.0328 3992 hpn - ok
20:47:20.0437 3992 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:47:20.0437 3992 HTTP - ok
20:47:20.0484 3992 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:47:20.0484 3992 HTTPFilter - ok
20:47:20.0484 3992 i2omgmt - ok
20:47:20.0484 3992 i2omp - ok
20:47:20.0562 3992 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:47:20.0562 3992 i8042prt - ok
20:47:20.0875 3992 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:47:20.0875 3992 idsvc - ok
20:47:20.0937 3992 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:47:20.0937 3992 Imapi - ok
20:47:21.0031 3992 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:47:21.0031 3992 ImapiService - ok
20:47:21.0031 3992 ini910u - ok
20:47:30.0828 3992 [ 909D03B3B7FB7C830B74F74F4D0EA7CE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:47:30.0859 3992 IntcAzAudAddService - ok
20:47:30.0859 3992 IntelIde - ok
20:47:31.0015 3992 [ 10A3AC0F0DF720AD3C3FD13861D50EB9 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:47:31.0015 3992 intelppm - ok
20:47:31.0062 3992 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:47:31.0062 3992 Ip6Fw - ok
20:47:31.0796 3992 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:47:31.0796 3992 IpFilterDriver - ok
20:47:31.0875 3992 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:47:31.0875 3992 IpInIp - ok
20:47:32.0046 3992 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:47:32.0062 3992 IpNat - ok
20:47:32.0187 3992 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:47:32.0187 3992 IPSec - ok
20:47:33.0000 3992 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:47:33.0000 3992 IRENUM - ok
20:47:33.0062 3992 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:47:33.0062 3992 isapnp - ok
20:47:33.0109 3992 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:47:33.0109 3992 Kbdclass - ok
20:47:33.0281 3992 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:47:33.0281 3992 kmixer - ok
20:47:33.0578 3992 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:47:33.0578 3992 KSecDD - ok
20:47:33.0671 3992 [ D6586C7DEABDBD1390286B442EA4C58D ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
20:47:33.0671 3992 L8042Kbd - ok
20:47:33.0843 3992 [ 37FCB1ABA2D8CD90C35BA1D7D9C73D7C ] L8042mou C:\WINDOWS\system32\Drivers\L8042mou.sys
20:47:33.0843 3992 L8042mou - ok
20:47:33.0921 3992 [ 6D6BDD68B775986577C48A8DF961A05C ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:47:33.0921 3992 lanmanserver - ok
20:47:34.0062 3992 [ 6BF7BAF420DD4422D2C35DFB3E51A29C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:47:34.0062 3992 lanmanworkstation - ok
20:47:34.0062 3992 lbrtfdc - ok
20:47:34.0093 3992 [ 87E9742C445B88DE00D2421F1B1F06EA ] LHidKe C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
20:47:34.0093 3992 LHidKe - ok
20:47:34.0093 3992 LicCtrlService - ok
20:47:34.0125 3992 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:47:34.0125 3992 LmHosts - ok
20:47:34.0156 3992 [ 749FDF0FD33071CBF0658CC2B94D4DF5 ] LMouKE C:\WINDOWS\system32\Drivers\LMouKE.sys
20:47:34.0156 3992 LMouKE - ok
20:47:34.0281 3992 [ 4F74184920B2D6E33024409B4C5C57C1 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
20:47:34.0281 3992 McciCMService - ok
20:47:34.0312 3992 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:47:34.0312 3992 Messenger - ok
20:47:34.0359 3992 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:47:34.0359 3992 mnmdd - ok
20:47:34.0484 3992 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:47:34.0484 3992 mnmsrvc - ok
20:47:34.0578 3992 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:47:34.0578 3992 Modem - ok
20:47:34.0640 3992 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:47:34.0640 3992 Mouclass - ok
20:47:34.0687 3992 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:47:34.0687 3992 mouhid - ok
20:47:34.0781 3992 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:47:34.0781 3992 MountMgr - ok
20:47:34.0796 3992 mraid35x - ok
20:47:34.0890 3992 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
20:47:34.0890 3992 MREMP50 - ok
20:47:34.0890 3992 MREMP50a64 - ok
20:47:34.0890 3992 MREMPR5 - ok
20:47:34.0890 3992 MRENDIS5 - ok
20:47:34.0937 3992 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
20:47:34.0937 3992 MRESP50 - ok
20:47:34.0953 3992 MRESP50a64 - ok
20:47:34.0968 3992 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:47:34.0984 3992 MRxDAV - ok
20:47:35.0406 3992 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:47:35.0421 3992 MRxSmb - ok
20:47:35.0500 3992 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:47:35.0500 3992 MSDTC - ok
20:47:35.0546 3992 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:47:35.0546 3992 Msfs - ok
20:47:35.0562 3992 MSIServer - ok
20:47:35.0656 3992 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:47:35.0656 3992 MSKSSRV - ok
20:47:35.0703 3992 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:47:35.0703 3992 MSPCLOCK - ok
20:47:35.0750 3992 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:47:35.0750 3992 MSPQM - ok
20:47:35.0828 3992 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:47:35.0828 3992 mssmbios - ok
20:47:35.0843 3992 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:47:35.0843 3992 Mup - ok
20:47:35.0937 3992 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:47:35.0937 3992 NDIS - ok
20:47:36.0000 3992 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:47:36.0000 3992 NdisTapi - ok
20:47:36.0078 3992 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:47:36.0078 3992 Ndisuio - ok
20:47:36.0140 3992 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:47:36.0140 3992 NdisWan - ok
20:47:36.0140 3992 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:47:36.0140 3992 NDProxy - ok
20:47:36.0375 3992 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:47:36.0375 3992 NetBIOS - ok
20:47:36.0437 3992 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:47:36.0437 3992 NetBT - ok
20:47:36.0484 3992 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
20:47:36.0484 3992 NetDDE - ok
20:47:36.0484 3992 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:47:36.0484 3992 NetDDEdsdm - ok
20:47:36.0515 3992 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:47:36.0515 3992 Netlogon - ok
20:47:36.0593 3992 [ AF342D2781225A8769686E0D47E3123E ] Netman C:\WINDOWS\System32\netman.dll
20:47:36.0593 3992 Netman - ok
20:47:36.0703 3992 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:47:36.0703 3992 NetTcpPortSharing - ok
20:47:36.0750 3992 [ A6E79B60AC73241E5721AB6A573D2B24 ] Nla C:\WINDOWS\System32\mswsock.dll
20:47:36.0765 3992 Nla - ok
20:47:36.0812 3992 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:47:36.0812 3992 Npfs - ok
20:47:36.0875 3992 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:47:36.0890 3992 Ntfs - ok
20:47:36.0890 3992 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:47:36.0890 3992 NtLmSsp - ok
20:47:36.0953 3992 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:47:36.0953 3992 NtmsSvc - ok
20:47:37.0000 3992 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:47:37.0000 3992 Null - ok
20:47:39.0984 3992 [ 33AE09E9027F5F22E80A6C80715B79DF ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:47:40.0031 3992 nv - ok
20:47:40.0453 3992 [ DE6F8D1079FC0E9912AB60308B110026 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
20:47:40.0453 3992 NVSvc - ok
20:47:40.0531 3992 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:47:40.0531 3992 NwlnkFlt - ok
20:47:40.0656 3992 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:47:40.0656 3992 NwlnkFwd - ok
20:47:40.0703 3992 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:47:40.0703 3992 Parport - ok
20:47:40.0781 3992 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:47:40.0781 3992 PartMgr - ok
20:47:40.0843 3992 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:47:40.0843 3992 ParVdm - ok
20:47:40.0906 3992 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:47:40.0906 3992 PCI - ok
20:47:40.0921 3992 PCIDump - ok
20:47:41.0359 3992 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:47:41.0359 3992 PCIIde - ok
20:47:41.0468 3992 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:47:41.0468 3992 Pcmcia - ok
20:47:41.0531 3992 [ 7BC8027D56FAB153A987C56AE9835664 ] PCnet C:\WINDOWS\system32\DRIVERS\pcntpci5.sys
20:47:41.0531 3992 PCnet - ok
20:47:41.0687 3992 [ 6C9E2F69D99C025FD5CAB2228E495FA1 ] PCTBD C:\WINDOWS\system32\Drivers\PCTBD.sys
20:47:41.0687 3992 PCTBD - ok
20:47:41.0859 3992 [ F7DA28F2AB6CD32B2F76EE96EDAD8F20 ] PCTCore C:\WINDOWS\system32\drivers\PCTCore.sys
20:47:41.0859 3992 PCTCore - ok
20:47:42.0140 3992 [ 3C9FD593E95B98C642B4486CD122C2FB ] pctDS C:\WINDOWS\system32\drivers\pctDS.sys
20:47:42.0156 3992 pctDS - ok
20:47:42.0203 3992 [ 5E11C0C1BEE956DE9EAAC7ED086D8DB9 ] PCTSD C:\WINDOWS\system32\Drivers\PCTSD.sys
20:47:42.0203 3992 PCTSD - ok
20:47:42.0203 3992 PDCOMP - ok
20:47:42.0218 3992 PDFRAME - ok
20:47:42.0218 3992 PDRELI - ok
20:47:42.0218 3992 PDRFRAME - ok
20:47:42.0234 3992 perc2 - ok
20:47:42.0234 3992 perc2hib - ok
20:47:42.0328 3992 [ 4F9F7B567970B524F31D9970A23F7C24 ] PlugPlay C:\WINDOWS\system32\services.exe
20:47:42.0328 3992 PlugPlay - ok
20:47:42.0375 3992 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:47:42.0375 3992 PolicyAgent - ok
20:47:42.0437 3992 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:47:42.0437 3992 PptpMiniport - ok
20:47:42.0468 3992 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:47:42.0468 3992 ProtectedStorage - ok
20:47:42.0531 3992 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:47:42.0531 3992 PSched - ok
20:47:42.0703 3992 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:47:42.0703 3992 Ptilink - ok
20:47:42.0781 3992 [ DB3B30C3A4CDCF07E164C14584D9D0F2 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:47:42.0781 3992 PxHelp20 - ok
20:47:42.0781 3992 ql1080 - ok
20:47:42.0796 3992 Ql10wnt - ok
20:47:42.0796 3992 ql12160 - ok
20:47:42.0796 3992 ql1240 - ok
20:47:42.0812 3992 ql1280 - ok
20:47:42.0812 3992 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:47:42.0812 3992 RasAcd - ok
20:47:42.0859 3992 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:47:42.0859 3992 RasAuto - ok
20:47:42.0921 3992 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:47:42.0921 3992 Rasl2tp - ok
20:47:43.0000 3992 [ 6E519D777C91E90592403C9F981FDF03 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:47:43.0000 3992 RasMan - ok
20:47:43.0187 3992 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:47:43.0203 3992 RasPppoe - ok
20:47:43.0328 3992 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:47:43.0328 3992 Raspti - ok
20:47:43.0453 3992 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:47:43.0468 3992 Rdbss - ok
20:47:43.0500 3992 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:47:43.0500 3992 RDPCDD - ok
20:47:43.0781 3992 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:47:43.0781 3992 rdpdr - ok
20:47:43.0890 3992 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:47:43.0890 3992 RDPWD - ok
20:47:43.0937 3992 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:47:43.0953 3992 RDSessMgr - ok
20:47:43.0953 3992 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:47:43.0968 3992 redbook - ok
20:47:44.0015 3992 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:47:44.0015 3992 RemoteAccess - ok
20:47:44.0062 3992 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:47:44.0062 3992 RemoteRegistry - ok
20:47:44.0109 3992 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:47:44.0109 3992 RpcLocator - ok
20:47:44.0250 3992 [ 2B269C916766BDB43404F043B763427D ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:47:44.0250 3992 RpcSs - ok
20:47:44.0296 3992 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:47:44.0296 3992 RSVP - ok
20:47:44.0359 3992 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
20:47:44.0359 3992 SamSs - ok
20:47:44.0437 3992 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:47:44.0437 3992 SCardSvr - ok
20:47:44.0734 3992 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:47:44.0734 3992 Schedule - ok
20:47:44.0812 3992 [ 7D8A8FA40D78C7BE34C92290900DC730 ] scrusb2a C:\WINDOWS\system32\DRIVERS\scrusb2a.sys
20:47:44.0812 3992 scrusb2a - ok
20:47:45.0171 3992 [ CFEB26A26452D5337C2F3AADD8218FC3 ] sdAuxService C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
20:47:45.0171 3992 sdAuxService - ok
20:47:45.0312 3992 [ B906C04F469060F2DD7FCB84706B4493 ] sdCoreService C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
20:47:45.0312 3992 sdCoreService - ok
20:47:45.0390 3992 [ 890CADA2AB7ACF53A5F9CCE7515522A2 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:47:45.0406 3992 Secdrv - ok
20:47:45.0468 3992 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:47:45.0468 3992 seclogon - ok
20:47:45.0484 3992 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
20:47:45.0484 3992 SENS - ok
20:47:45.0515 3992 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:47:45.0515 3992 serenum - ok
20:47:45.0531 3992 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:47:45.0531 3992 Serial - ok
20:47:45.0562 3992 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:47:45.0562 3992 Sfloppy - ok
20:47:45.0687 3992 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:47:45.0687 3992 SharedAccess - ok
20:47:45.0718 3992 [ 8BA76BD2A943F642F267A296A15776D2 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:47:45.0718 3992 ShellHWDetection - ok
20:47:45.0718 3992 Simbad - ok
20:47:45.0734 3992 Sparrow - ok
20:47:45.0750 3992 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:47:45.0750 3992 splitter - ok
20:47:45.0812 3992 [ 21B6FAA88044A41640E03EBB68BE93E8 ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:47:45.0812 3992 Spooler - ok
20:47:45.0875 3992 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:47:45.0875 3992 sr - ok
20:47:45.0906 3992 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
20:47:45.0906 3992 srservice - ok
20:47:46.0015 3992 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:47:46.0015 3992 Srv - ok
20:47:46.0125 3992 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:47:46.0125 3992 SSDPSRV - ok
20:47:46.0359 3992 [ 0645CCDDDD27F96EEA3534C1DEF736D9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:47:46.0359 3992 stisvc - ok
20:47:46.0406 3992 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:47:46.0406 3992 swenum - ok
20:47:46.0453 3992 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:47:46.0453 3992 swmidi - ok
20:47:46.0453 3992 SwPrv - ok
20:47:46.0453 3992 symc810 - ok
20:47:46.0468 3992 symc8xx - ok
20:47:46.0468 3992 sym_hi - ok
20:47:46.0484 3992 sym_u3 - ok
20:47:46.0531 3992 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:47:46.0531 3992 sysaudio - ok
20:47:46.0578 3992 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:47:46.0578 3992 SysmonLog - ok
20:47:46.0593 3992 [ 37162D29CD61519E6F5EA0DE99786FF6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:47:46.0593 3992 TapiSrv - ok
20:47:46.0718 3992 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:47:46.0718 3992 Tcpip - ok
20:47:46.0765 3992 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:47:46.0765 3992 TDPIPE - ok
20:47:46.0781 3992 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:47:46.0781 3992 TDTCP - ok
20:47:46.0859 3992 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:47:46.0859 3992 TermDD - ok
20:47:46.0968 3992 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
20:47:46.0968 3992 TermService - ok
20:47:47.0000 3992 [ 8BA76BD2A943F642F267A296A15776D2 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:47:47.0015 3992 Themes - ok
20:47:47.0046 3992 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:47:47.0046 3992 TlntSvr - ok
20:47:47.0062 3992 TosIde - ok
20:47:47.0093 3992 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:47:47.0093 3992 TrkWks - ok
20:47:47.0140 3992 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:47:47.0140 3992 Udfs - ok
20:47:47.0140 3992 ultra - ok
20:47:47.0187 3992 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
20:47:47.0187 3992 UMWdf - ok
20:47:47.0281 3992 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:47:47.0281 3992 Update - ok
20:47:47.0453 3992 [ 984FC1518B0D5B31D76F0E63608E0500 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:47:47.0453 3992 upnphost - ok
20:47:47.0468 3992 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
20:47:47.0468 3992 UPS - ok
20:47:47.0531 3992 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:47:47.0531 3992 usbccgp - ok
20:47:47.0578 3992 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:47:47.0578 3992 usbehci - ok
20:47:47.0593 3992 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:47:47.0593 3992 usbhub - ok
20:47:47.0671 3992 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:47:47.0671 3992 USBSTOR - ok
20:47:47.0703 3992 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:47:47.0703 3992 usbuhci - ok
20:47:47.0718 3992 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:47:47.0718 3992 VgaSave - ok
20:47:47.0718 3992 ViaIde - ok
20:47:47.0734 3992 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:47:47.0750 3992 VolSnap - ok
20:47:47.0781 3992 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
20:47:47.0781 3992 VSS - ok
20:47:47.0843 3992 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
20:47:47.0843 3992 W32Time - ok
20:47:47.0875 3992 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:47:47.0875 3992 Wanarp - ok
20:47:47.0875 3992 WDICA - ok
20:47:47.0906 3992 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:47:47.0921 3992 wdmaud - ok
20:47:47.0968 3992 [ 3791ADF1D3466AC6B4B662D3F79CBFEC ] WebClient C:\WINDOWS\System32\webclnt.dll
20:47:47.0968 3992 WebClient - ok
20:47:48.0140 3992 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:47:48.0140 3992 winmgmt - ok
20:47:48.0203 3992 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:47:48.0203 3992 WmdmPmSN - ok
20:47:48.0234 3992 [ E428EED87E8055FB995CF0E4D1532D4C ] Wmi C:\WINDOWS\System32\advapi32.dll
20:47:48.0250 3992 Wmi - ok
20:47:48.0687 3992 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:47:48.0687 3992 WmiApSrv - ok
20:47:48.0765 3992 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:47:50.0000 3992 WS2IFSL - ok
20:47:50.0046 3992 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:47:50.0046 3992 wscsvc - ok
20:47:50.0109 3992 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:47:50.0109 3992 wuauserv - ok
20:47:50.0140 3992 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:47:50.0140 3992 WZCSVC - ok
20:47:50.0156 3992 xcpip - ok
20:47:50.0203 3992 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:47:50.0203 3992 xmlprov - ok
20:47:50.0203 3992 xpsec - ok
20:47:50.0218 3992 ================ Scan global ===============================
20:47:50.0250 3992 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
20:47:50.0281 3992 [ E4E57FBA176F2752527B1D53A663D2D7 ] C:\WINDOWS\system32\winsrv.dll
20:47:50.0296 3992 [ E4E57FBA176F2752527B1D53A663D2D7 ] C:\WINDOWS\system32\winsrv.dll
20:47:50.0312 3992 [ 4F9F7B567970B524F31D9970A23F7C24 ] C:\WINDOWS\system32\services.exe
20:47:50.0312 3992 [Global] - ok
20:47:50.0312 3992 ================ Scan MBR ==================================
20:47:50.0343 3992 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
20:47:50.0703 3992 \Device\Harddisk0\DR0 - ok
20:47:50.0703 3992 ================ Scan VBR ==================================
20:47:50.0703 3992 [ 9FAEC45D709AA255B78095EB0845B1A4 ] \Device\Harddisk0\DR0\Partition1
20:47:50.0703 3992 \Device\Harddisk0\DR0\Partition1 - ok
20:47:50.0703 3992 ============================================================
20:47:50.0703 3992 Scan finished
20:47:50.0703 3992 ============================================================
20:47:50.0718 3984 Detected object count: 0
20:47:50.0718 3984 Actual detected object count: 0

Re: Prosím o kontrolu logu

Napsal: 30 srp 2012 20:27
od Rudy
Nyní dejte nový log ComboFix.

Re: Prosím o kontrolu logu

Napsal: 30 srp 2012 20:46
od tomas5911
ComboFix 12-08-29.03 - Administrator 30.08.2012 21:34:35.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2046.1664 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Dokumenty\Stažené soubory\ComboFix.exe
AV: PC Tools Spyware Doctor with AntiVirus *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_xcpip
-------\Service_xpsec
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-28 do 2012-08-30 )))))))))))))))))))))))))))))))
.
.
2012-08-30 18:48 . 2012-08-30 18:48 -------- d-----w- c:\program files\Origin Games
2012-08-30 18:48 . 2012-08-30 18:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Origin
2012-08-30 18:48 . 2012-08-30 18:48 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Origin
2012-08-30 18:48 . 2012-08-30 18:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Origin
2012-08-30 18:46 . 2012-08-30 18:46 -------- d-----w- c:\windows\LastGood.Tmp
2012-08-30 18:46 . 2012-08-30 18:48 -------- d-----w- c:\program files\Origin
2012-08-30 18:34 . 2012-08-30 18:34 177496 ----a-w- c:\windows\system32\drivers\79227154.sys
2012-08-30 18:34 . 2012-08-30 18:34 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-30 17:43 . 2012-08-30 17:43 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Threat Expert
2012-08-30 16:35 . 2012-08-30 16:35 -------- d-----w- c:\documents and settings\LocalService\Plocha
2012-08-30 16:24 . 2012-06-22 09:39 70768 ----a-w- c:\windows\system32\drivers\PCTBD.sys
2012-08-30 16:08 . 2012-06-22 13:34 203120 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-08-30 16:05 . 2012-08-30 16:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Tools
2012-08-30 16:05 . 2012-08-30 16:05 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\TestApp
2012-08-30 12:43 . 2012-08-30 17:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\036E18D42B17D9790046B461E56C3425
2012-08-30 12:29 . 2012-08-30 12:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Babylon
2012-08-30 12:29 . 2012-08-30 12:29 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Babylon
2012-08-30 12:29 . 2012-08-30 12:29 -------- d-----w- c:\program files\YourFileDownloader
2012-08-30 12:29 . 2012-08-30 12:29 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\YourFileDownloader
2012-08-30 12:27 . 2012-08-30 12:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2012-08-30 12:14 . 2012-08-30 12:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\GHISLER
2012-08-30 12:09 . 2012-08-30 12:09 -------- d-----w- C:\totalcmd
2012-08-30 12:09 . 2012-08-30 12:09 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\GHISLER
2012-08-07 04:14 . 2012-08-07 04:14 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2012-08-07 04:14 . 2012-08-07 04:14 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2012-08-07 04:14 . 2012-08-07 04:14 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2012-08-07 04:14 . 2012-08-07 04:14 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2012-08-07 04:14 . 2012-08-07 04:14 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-08-07 04:14 . 2012-08-07 04:14 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-08-07 04:14 . 2012-08-07 04:14 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-22 08:43 . 2012-08-30 16:24 3488 ----a-w- c:\windows\UDB.zip
2012-06-22 08:43 . 2012-08-30 16:24 131 ----a-w- c:\windows\IDB.zip
2012-08-07 04:14 . 2011-07-27 18:39 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-30_17.37.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-02-19 21:03 . 2011-02-19 21:03 51024 c:\windows\system32\vcomp100.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 81744 c:\windows\system32\mfcm100u.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 81744 c:\windows\system32\mfcm100.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 60752 c:\windows\system32\mfc100rus.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 43344 c:\windows\system32\mfc100kor.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 43856 c:\windows\system32\mfc100jpn.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 62288 c:\windows\system32\mfc100ita.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 36176 c:\windows\system32\mfc100cht.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 36176 c:\windows\system32\mfc100chs.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 64336 c:\windows\system32\mfc100fra.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 63824 c:\windows\system32\mfc100esn.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 55120 c:\windows\system32\mfc100enu.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 64336 c:\windows\system32\mfc100deu.dll
+ 2009-03-10 20:18 . 2009-03-10 20:18 969608 c:\windows\system32\WgaTray.exe
+ 2009-03-10 20:18 . 2009-03-10 20:18 265096 c:\windows\system32\WgaLogon.dll
+ 2011-02-18 22:40 . 2011-02-18 22:40 773968 c:\windows\system32\msvcr100.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 421200 c:\windows\system32\msvcp100.dll
+ 2009-03-10 20:18 . 2009-03-10 20:18 969608 c:\windows\system32\dllcache\WgaTray.exe
+ 2009-03-10 20:18 . 2009-03-10 20:18 265096 c:\windows\system32\dllcache\wgaLogon.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 138056 c:\windows\system32\atl100.dll
+ 2012-08-30 18:47 . 2012-08-30 18:47 160768 c:\windows\Installer\b4053.msi
+ 2011-02-19 21:03 . 2011-02-19 21:03 4422992 c:\windows\system32\mfc100u.dll
+ 2011-02-19 21:03 . 2011-02-19 21:03 4397384 c:\windows\system32\mfc100.dll
+ 2009-03-10 20:18 . 2009-03-10 20:18 1482112 c:\windows\system32\LegitCheckControl.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2011-04-12 32768]
"EADM"="c:\program files\Origin\Origin.exe" [2012-01-11 28201096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-27 16248320]
"SkyTel"="SkyTel.EXE" [2006-06-27 2879488]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-26 8445952]
"nwiz"="nwiz.exe" [2007-04-26 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-26 81920]
"MSys32"="c:\program files\under water demo\target\morfitwebentrance.exe" [2000-08-01 139264]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-01-20 28160]
"MMTray"="c:\program files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2005-07-19 135168]
"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2005-07-19 53248]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2011-4-12 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-4-12 532480]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdAuxService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdCoreService]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Hry\\quake3\\quake3.exe"=
"c:\\Hry\\Cs\\hl.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Hry\\WOW\\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe"=
"c:\\Hry\\generals\\Command & Conquer(tm) Generals Zero Hour\\generals.exe"=
"c:\\Program Files\\YourFileDownloader\\Downloader.exe"=
"c:\\Program Files\\YourFileDownloader\\YourFile.exe"=
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [30.8.2012 18:08 383368]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [30.8.2012 18:08 342168]
R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [30.8.2012 18:08 203120]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [30.7.2008 7:51 277736]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [30.8.2012 18:24 575448]
R3 scrusb2a;SmartCard-Reader USB 2A;c:\windows\system32\drivers\scrusb2a.sys [12.3.2000 16:27 52198]
S2 LicCtrlService;LicCtrl Service;rundll32.exe c:\windows\mmfs.dll,Service --> rundll32.exe c:\windows\mmfs.dll,Service [?]
S3 9cw8e.sys;9cw8e.sys;\??\c:\windows\system32\drivers\9cw8e.sys --> c:\windows\system32\drivers\9cw8e.sys [?]
S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\drivers\PCTBD.sys [30.8.2012 18:24 70768]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools\PC Tools Security\pctsAuxs.exe [30.8.2012 18:23 402368]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-30 c:\windows\Tasks\YourFile Update.job
- c:\program files\YourFileDownloader\YourFileUpdater.exe [2012-08-30 12:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.web-entrance.com/main.cgi?ID=268
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
TCP: DhcpNameServer = 10.0.0.138
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\lh1ie7f6.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
SafeBoot-30088599.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-30 21:42
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(1000)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
- - - - - - - > 'explorer.exe'(1140)
c:\docume~1\ADMINI~1\LOCALS~1\Temp\IadHide5.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\SCardSvr.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Logitech\KHAL\KHALMNPR.EXE
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-08-30 21:44:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-30 19:44
ComboFix2.txt 2012-08-30 17:41
.
Před spuštěním: 9 628 082 176
Po spuštění: 9 682 423 808
.
- - End Of File - - DDD9FB2D2F42D81CF140A4B3A654195A

Re: Prosím o kontrolu logu

Napsal: 30 srp 2012 21:30
od Rudy
Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Collect::
c:\windows\system32\drivers\79227154.sys
c:\windows\system32\drivers\9cw8e.sys

Driver::
9cw8e.sys
79227154
30088599

Reboot::
Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: Prosím o kontrolu logu

Napsal: 31 srp 2012 14:36
od tomas5911
Postupoval jsem podle pokynů a vše je v pořádku. Strašně moc děkuji za pomoc, bez vás bych to nikdy nezprovoznil

Re: Prosím o kontrolu logu

Napsal: 31 srp 2012 18:39
od Rudy
Rádo se stalo!
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz