Prosím o preventívnu kontrolu logu

Jurajxxx · Příspěvekod **Jurajxxx** » 02 srp 2012 23:52

Ahoj, prosím o preventívnu kontrolu logu
PC bol skontrolovaný Nodkom a prečistil som ho s CCleaner

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:51:37, on 2. 8. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\System32\ico.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\System32\Pelmiced.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
D:\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{7D9421DE-3895-462F-9EE0-7596A3037397}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{7D9421DE-3895-462F-9EE0-7596A3037397}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Users\Juraj\AppData\Roaming\LangSoft\WebIE.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-9FA5-A33DE8DBE931} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Users\Juraj\AppData\Roaming\LangSoft\WebIE.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-9FA5-A33DE8DBE931} - (no file)
O3 - Toolbar: Hyperionics DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\RunServices: [NetBus Server Pro] C:\Users\Juraj\Desktop\BrutusA2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - Global Startup: ESET NOD32 Antivirus.lnk = C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file)
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 8121 bytes

Reklama

Příspěvekod **memphisto** » 02 srp 2012 23:57

odinstaluj:
Hyperionics DB Toolbar

fixni:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{7D9421DE-3895-462F-9EE0-7596A3037397}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{7D9421DE-3895-462F-9EE0-7596A3037397}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-9FA5-A33DE8DBE931} - (no file)
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-9FA5-A33DE8DBE931} - (no file)
O3 - Toolbar: Hyperionics DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file) (HKCU)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

Jurajxxx · Příspěvekod **Jurajxxx** » 03 srp 2012 00:42

Malwarebytes Anti-Malware (Skúšobná verzia) 1.62.0.1300
www.malwarebytes.org

Verzia databázy: v2012.08.02.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Juraj :: JURAJ [administrátor]

Ochrana: Zapnuté

3. 8. 2012 0:31:45
mbam-log-2012-08-03 (00-41-09).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 185018
Uplynutý čas: 8 min, 56 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 1
C:\Windows\System32\28463 (Keylogger.Ardamax) -> Žiadna úloha nevykonaná.

Detegované súbory: 7
C:\Windows\System32\28463\AKV.exe (Keylogger.Ardamax) -> Žiadna úloha nevykonaná.
C:\Windows\System32\28463\CVXE.001 (Keylogger.Ardamax) -> Žiadna úloha nevykonaná.
C:\Windows\System32\28463\CVXE.005 (Keylogger.Ardamax) -> Žiadna úloha nevykonaná.
C:\Windows\System32\28463\CVXE.006 (Keylogger.Ardamax) -> Žiadna úloha nevykonaná.
C:\Windows\System32\28463\CVXE.007 (Keylogger.Ardamax) -> Žiadna úloha nevykonaná.
C:\Windows\System32\28463\CVXE.exe (Keylogger.Ardamax) -> Žiadna úloha nevykonaná.
C:\Windows\System32\28463\key.bin (Keylogger.Ardamax) -> Žiadna úloha nevykonaná.

(koniec)

Příspěvekod **Žbeky** » 03 srp 2012 09:10

Keylogger máš schválně?

Jurajxxx · Příspěvekod **Jurajxxx** » 03 srp 2012 09:28

Nie asi mi ho Nod-ko nenašiel ja som o nich ani nevedel

Příspěvekod **Žbeky** » 03 srp 2012 09:28

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Jurajxxx · Příspěvekod **Jurajxxx** » 03 srp 2012 09:41

Malwarebytes Anti-Malware (Skúšobná verzia) 1.62.0.1300
www.malwarebytes.org

Verzia databázy: v2012.08.03.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Juraj :: JURAJ-PC [administrátor]

Ochrana: Zapnuté

3. 8. 2012 9:31:30
mbam-log-2012-08-03 (09-31-30).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 185081
Uplynutý čas: 5 min, 7 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 1
C:\Windows\System32\28463 (Keylogger.Ardamax) -> Pridanie do karantény a zmazanie úspešné.

Detegované súbory: 7
C:\Windows\System32\28463\AKV.exe (Keylogger.Ardamax) -> Pridanie do karantény a zmazanie úspešné.
C:\Windows\System32\28463\CVXE.001 (Keylogger.Ardamax) -> Pridanie do karantény a zmazanie úspešné.
C:\Windows\System32\28463\CVXE.005 (Keylogger.Ardamax) -> Pridanie do karantény a zmazanie úspešné.
C:\Windows\System32\28463\CVXE.006 (Keylogger.Ardamax) -> Pridanie do karantény a zmazanie úspešné.
C:\Windows\System32\28463\CVXE.007 (Keylogger.Ardamax) -> Pridanie do karantény a zmazanie úspešné.
C:\Windows\System32\28463\CVXE.exe (Keylogger.Ardamax) -> Pridanie do karantény a zmazanie úspešné.
C:\Windows\System32\28463\key.bin (Keylogger.Ardamax) -> Pridanie do karantény a zmazanie úspešné.

(koniec)

Jurajxxx · Příspěvekod **Jurajxxx** » 03 srp 2012 09:50

09:43:23.0396 5324 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
09:43:23.0615 5324 ============================================================
09:43:23.0615 5324 Current date / time: 2012/08/03 09:43:23.0615
09:43:23.0615 5324 SystemInfo:
09:43:23.0615 5324
09:43:23.0615 5324 OS Version: 6.1.7601 ServicePack: 1.0
09:43:23.0615 5324 Product type: Workstation
09:43:23.0615 5324 ComputerName: JURAJ-PC
09:43:23.0615 5324 UserName: Juraj
09:43:23.0615 5324 Windows directory: C:\Windows
09:43:23.0615 5324 System windows directory: C:\Windows
09:43:23.0615 5324 Processor architecture: Intel x86
09:43:23.0615 5324 Number of processors: 1
09:43:23.0615 5324 Page size: 0x1000
09:43:23.0615 5324 Boot type: Normal boot
09:43:23.0615 5324 ============================================================
09:43:24.0800 5324 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x9D85, SectorsPerTrack: 0x22, TracksPerCylinder: 0x72, Type 'K0', Flags 0x00000050
09:43:24.0800 5324 Drive \Device\Harddisk1\DR1 - Size: 0x1DD800000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:43:24.0800 5324 ============================================================
09:43:24.0800 5324 \Device\Harddisk0\DR0:
09:43:24.0800 5324 MBR partitions:
09:43:24.0800 5324 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4601E4B
09:43:24.0816 5324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x4601ECA, BlocksNum 0x4F0C5B8
09:43:24.0816 5324 \Device\Harddisk1\DR1:
09:43:24.0816 5324 MBR partitions:
09:43:24.0816 5324 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x1F80, BlocksNum 0xEEA080
09:43:24.0816 5324 ============================================================
09:43:24.0831 5324 C: <-> \Device\Harddisk0\DR0\Partition0
09:43:24.0847 5324 D: <-> \Device\Harddisk0\DR0\Partition1
09:43:24.0847 5324 ============================================================
09:43:24.0847 5324 Initialize success
09:43:24.0847 5324 ============================================================
09:43:30.0588 5392 ============================================================
09:43:30.0588 5392 Scan started
09:43:30.0588 5392 Mode: Manual;
09:43:30.0588 5392 ============================================================
09:43:32.0319 5392 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
09:43:32.0319 5392 1394ohci - ok
09:43:32.0351 5392 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
09:43:32.0366 5392 ACPI - ok
09:43:32.0382 5392 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
09:43:32.0397 5392 AcpiPmi - ok
09:43:32.0475 5392 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:43:32.0475 5392 AdobeARMservice - ok
09:43:32.0569 5392 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:43:32.0569 5392 AdobeFlashPlayerUpdateSvc - ok
09:43:32.0600 5392 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
09:43:32.0616 5392 adp94xx - ok
09:43:32.0647 5392 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
09:43:32.0647 5392 adpahci - ok
09:43:32.0678 5392 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
09:43:32.0678 5392 adpu320 - ok
09:43:32.0787 5392 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
09:43:32.0803 5392 AdvancedSystemCareService5 - ok
09:43:32.0834 5392 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
09:43:32.0834 5392 AeLookupSvc - ok
09:43:32.0912 5392 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
09:43:32.0912 5392 AFD - ok
09:43:32.0959 5392 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
09:43:32.0959 5392 agp440 - ok
09:43:32.0990 5392 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
09:43:32.0990 5392 aic78xx - ok
09:43:33.0021 5392 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
09:43:33.0037 5392 ALG - ok
09:43:33.0053 5392 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
09:43:33.0068 5392 aliide - ok
09:43:33.0131 5392 ALSysIO - ok
09:43:33.0162 5392 AMD External Events Utility (c4232fadfa9691b85dda0a7b636c5f6d) C:\Windows\system32\atiesrxx.exe
09:43:33.0162 5392 AMD External Events Utility - ok
09:43:33.0271 5392 AMD FUEL Service - ok
09:43:33.0318 5392 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
09:43:33.0318 5392 amdagp - ok
09:43:33.0333 5392 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
09:43:33.0333 5392 amdide - ok
09:43:33.0380 5392 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
09:43:33.0380 5392 amdiox86 - ok
09:43:33.0411 5392 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
09:43:33.0411 5392 AmdK8 - ok
09:43:33.0833 5392 amdkmdag (10d681e635e81c253fc5dd1a5048b0e9) C:\Windows\system32\DRIVERS\atikmdag.sys
09:43:34.0113 5392 amdkmdag - ok
09:43:34.0285 5392 amdkmdap (112a7f24c6535dbd2e90aef34ecb57a4) C:\Windows\system32\DRIVERS\atikmpag.sys
09:43:34.0285 5392 amdkmdap - ok
09:43:34.0332 5392 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
09:43:34.0332 5392 AmdPPM - ok
09:43:34.0379 5392 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
09:43:34.0379 5392 amdsata - ok
09:43:34.0410 5392 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
09:43:34.0410 5392 amdsbs - ok
09:43:34.0425 5392 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
09:43:34.0425 5392 amdxata - ok
09:43:34.0472 5392 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
09:43:34.0472 5392 AppID - ok
09:43:34.0503 5392 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
09:43:34.0503 5392 AppIDSvc - ok
09:43:34.0550 5392 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
09:43:34.0550 5392 Appinfo - ok
09:43:34.0581 5392 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
09:43:34.0581 5392 AppMgmt - ok
09:43:34.0613 5392 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
09:43:34.0613 5392 arc - ok
09:43:34.0644 5392 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
09:43:34.0644 5392 arcsas - ok
09:43:34.0722 5392 aspnet_state (39cdcb109bf200cc8a05b9c7e6272d11) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:43:34.0722 5392 aspnet_state - ok
09:43:34.0737 5392 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
09:43:34.0753 5392 AsyncMac - ok
09:43:34.0784 5392 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
09:43:34.0784 5392 atapi - ok
09:43:34.0831 5392 AtiHDAudioService (6adc42cf4a6ab84975ca63dccfaaf5d8) C:\Windows\system32\drivers\AtihdW73.sys
09:43:34.0847 5392 AtiHDAudioService - ok
09:43:35.0346 5392 atikmdag (10d681e635e81c253fc5dd1a5048b0e9) C:\Windows\system32\DRIVERS\atikmdag.sys
09:43:35.0471 5392 atikmdag - ok
09:43:35.0611 5392 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:43:35.0611 5392 AudioEndpointBuilder - ok
09:43:35.0627 5392 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:43:35.0642 5392 Audiosrv - ok
09:43:35.0673 5392 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
09:43:35.0673 5392 AxInstSV - ok
09:43:35.0767 5392 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
09:43:35.0783 5392 b06bdrv - ok
09:43:35.0829 5392 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
09:43:35.0829 5392 b57nd60x - ok
09:43:35.0876 5392 bbcap (7fc61edc0b094270b7a42921599a3d0e) C:\Windows\system32\DRIVERS\bbcap.sys
09:43:35.0892 5392 bbcap - ok
09:43:35.0923 5392 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
09:43:35.0923 5392 BDESVC - ok
09:43:35.0954 5392 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
09:43:35.0954 5392 Beep - ok
09:43:36.0032 5392 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
09:43:36.0048 5392 BFE - ok
09:43:36.0079 5392 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
09:43:36.0095 5392 BITS - ok
09:43:36.0126 5392 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
09:43:36.0126 5392 blbdrive - ok
09:43:36.0157 5392 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
09:43:36.0157 5392 bowser - ok
09:43:36.0188 5392 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:43:36.0204 5392 BrFiltLo - ok
09:43:36.0219 5392 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:43:36.0219 5392 BrFiltUp - ok
09:43:36.0266 5392 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
09:43:36.0266 5392 Browser - ok
09:43:36.0297 5392 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
09:43:36.0313 5392 Brserid - ok
09:43:36.0329 5392 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
09:43:36.0344 5392 BrSerWdm - ok
09:43:36.0360 5392 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:43:36.0360 5392 BrUsbMdm - ok
09:43:36.0391 5392 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
09:43:36.0391 5392 BrUsbSer - ok
09:43:36.0422 5392 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
09:43:36.0422 5392 BthEnum - ok
09:43:36.0469 5392 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
09:43:36.0469 5392 BTHMODEM - ok
09:43:36.0500 5392 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
09:43:36.0500 5392 BthPan - ok
09:43:36.0547 5392 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
09:43:36.0547 5392 BTHPORT - ok
09:43:36.0578 5392 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
09:43:36.0594 5392 bthserv - ok
09:43:36.0656 5392 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
09:43:36.0703 5392 BTHUSB - ok
09:43:36.0797 5392 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
09:43:36.0828 5392 cdfs - ok
09:43:36.0906 5392 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
09:43:36.0906 5392 cdrom - ok
09:43:36.0968 5392 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:43:36.0968 5392 CertPropSvc - ok
09:43:37.0015 5392 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
09:43:37.0015 5392 circlass - ok
09:43:37.0077 5392 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
09:43:37.0077 5392 CLFS - ok
09:43:37.0155 5392 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:43:37.0171 5392 clr_optimization_v2.0.50727_32 - ok
09:43:37.0233 5392 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:43:37.0249 5392 clr_optimization_v4.0.30319_32 - ok
09:43:37.0265 5392 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
09:43:37.0265 5392 CmBatt - ok
09:43:37.0296 5392 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
09:43:37.0296 5392 cmdide - ok
09:43:37.0358 5392 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
09:43:37.0374 5392 CNG - ok
09:43:37.0405 5392 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
09:43:37.0405 5392 Compbatt - ok
09:43:37.0436 5392 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
09:43:37.0436 5392 CompositeBus - ok
09:43:37.0452 5392 COMSysApp - ok
09:43:37.0483 5392 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
09:43:37.0483 5392 crcdisk - ok
09:43:37.0530 5392 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
09:43:37.0545 5392 CryptSvc - ok
09:43:37.0608 5392 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
09:43:37.0608 5392 CSC - ok
09:43:37.0655 5392 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
09:43:37.0655 5392 CscService - ok
09:43:37.0701 5392 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:43:37.0717 5392 DcomLaunch - ok
09:43:37.0764 5392 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
09:43:37.0779 5392 defragsvc - ok
09:43:37.0857 5392 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
09:43:37.0857 5392 DfsC - ok
09:43:37.0920 5392 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
09:43:37.0935 5392 Dhcp - ok
09:43:37.0967 5392 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
09:43:37.0967 5392 discache - ok
09:43:37.0998 5392 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
09:43:37.0998 5392 Disk - ok
09:43:38.0060 5392 Dnscache (2fe30d71919c51131405797620e0a714) C:\Windows\System32\dnsrslvr.dll
09:43:38.0060 5392 Dnscache - ok
09:43:38.0107 5392 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
09:43:38.0123 5392 dot3svc - ok
09:43:38.0154 5392 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
09:43:38.0154 5392 DPS - ok
09:43:38.0201 5392 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
09:43:38.0201 5392 drmkaud - ok
09:43:38.0263 5392 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
09:43:38.0263 5392 DXGKrnl - ok
09:43:38.0310 5392 eamonm (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys
09:43:38.0310 5392 eamonm - ok
09:43:38.0357 5392 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
09:43:38.0372 5392 EapHost - ok
09:43:38.0528 5392 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
09:43:38.0575 5392 ebdrv - ok
09:43:38.0669 5392 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
09:43:38.0684 5392 EFS - ok
09:43:38.0731 5392 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys
09:43:38.0747 5392 ehdrv - ok
09:43:38.0871 5392 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
09:43:38.0887 5392 ehRecvr - ok
09:43:38.0949 5392 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
09:43:38.0949 5392 ehSched - ok
09:43:39.0293 5392 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
09:43:39.0293 5392 ekrn - ok
09:43:39.0464 5392 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
09:43:39.0464 5392 elxstor - ok
09:43:39.0511 5392 epfwwfpr (f39c91795ebdb9ecbeb5a388ff2841fe) C:\Windows\system32\DRIVERS\epfwwfpr.sys
09:43:39.0511 5392 epfwwfpr - ok
09:43:39.0542 5392 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
09:43:39.0542 5392 ErrDev - ok
09:43:39.0605 5392 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
09:43:39.0620 5392 EventSystem - ok
09:43:39.0636 5392 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
09:43:39.0636 5392 exfat - ok
09:43:39.0667 5392 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
09:43:39.0667 5392 fastfat - ok
09:43:39.0729 5392 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
09:43:39.0745 5392 Fax - ok
09:43:39.0761 5392 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
09:43:39.0761 5392 fdc - ok
09:43:39.0776 5392 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
09:43:39.0792 5392 fdPHost - ok
09:43:39.0807 5392 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
09:43:39.0807 5392 FDResPub - ok
09:43:39.0854 5392 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
09:43:39.0854 5392 FileInfo - ok
09:43:39.0870 5392 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
09:43:39.0885 5392 Filetrace - ok
09:43:39.0901 5392 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
09:43:39.0901 5392 flpydisk - ok
09:43:39.0932 5392 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
09:43:39.0932 5392 FltMgr - ok
09:43:40.0010 5392 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
09:43:40.0041 5392 FontCache - ok
09:43:40.0135 5392 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:43:40.0135 5392 FontCache3.0.0.0 - ok
09:43:40.0182 5392 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
09:43:40.0182 5392 FsDepends - ok
09:43:40.0244 5392 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
09:43:40.0244 5392 Fs_Rec - ok
09:43:40.0307 5392 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
09:43:40.0322 5392 fvevol - ok
09:43:40.0353 5392 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:43:40.0353 5392 gagp30kx - ok
09:43:40.0416 5392 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
09:43:40.0431 5392 gpsvc - ok
09:43:40.0478 5392 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
09:43:40.0478 5392 hamachi - ok
09:43:40.0509 5392 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
09:43:40.0509 5392 hcw85cir - ok
09:43:40.0556 5392 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
09:43:40.0556 5392 HdAudAddService - ok
09:43:40.0603 5392 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
09:43:40.0603 5392 HDAudBus - ok
09:43:40.0634 5392 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
09:43:40.0634 5392 HidBatt - ok
09:43:40.0681 5392 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
09:43:40.0712 5392 HidBth - ok
09:43:40.0743 5392 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
09:43:40.0743 5392 HidIr - ok
09:43:40.0790 5392 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
09:43:40.0790 5392 hidserv - ok
09:43:40.0821 5392 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
09:43:40.0821 5392 HidUsb - ok
09:43:40.0853 5392 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
09:43:40.0853 5392 hkmsvc - ok
09:43:40.0899 5392 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
09:43:40.0915 5392 HomeGroupListener - ok
09:43:40.0962 5392 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
09:43:40.0977 5392 HomeGroupProvider - ok
09:43:41.0009 5392 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
09:43:41.0040 5392 HpSAMD - ok
09:43:41.0102 5392 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
09:43:41.0118 5392 HTTP - ok
09:43:41.0149 5392 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
09:43:41.0149 5392 hwpolicy - ok
09:43:41.0180 5392 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
09:43:41.0196 5392 i8042prt - ok
09:43:41.0243 5392 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
09:43:41.0243 5392 iaStorV - ok
09:43:41.0336 5392 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:43:41.0352 5392 IDriverT - ok
09:43:41.0477 5392 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:43:41.0492 5392 idsvc - ok
09:43:41.0601 5392 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
09:43:41.0601 5392 iirsp - ok
09:43:41.0679 5392 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
09:43:41.0695 5392 IKEEXT - ok
09:43:41.0742 5392 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
09:43:41.0742 5392 intelide - ok
09:43:41.0789 5392 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
09:43:41.0789 5392 intelppm - ok
09:43:41.0835 5392 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
09:43:41.0851 5392 IPBusEnum - ok
09:43:41.0867 5392 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:43:41.0867 5392 IpFilterDriver - ok
09:43:41.0913 5392 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
09:43:41.0945 5392 iphlpsvc - ok
09:43:41.0976 5392 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
09:43:41.0976 5392 IPMIDRV - ok
09:43:42.0038 5392 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
09:43:42.0038 5392 IPNAT - ok
09:43:42.0069 5392 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
09:43:42.0069 5392 IRENUM - ok
09:43:42.0101 5392 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
09:43:42.0101 5392 isapnp - ok
09:43:42.0132 5392 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
09:43:42.0132 5392 iScsiPrt - ok
09:43:42.0163 5392 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
09:43:42.0163 5392 kbdclass - ok
09:43:42.0194 5392 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
09:43:42.0194 5392 kbdhid - ok
09:43:42.0225 5392 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:43:42.0225 5392 KeyIso - ok
09:43:42.0272 5392 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
09:43:42.0272 5392 KSecDD - ok
09:43:42.0319 5392 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
09:43:42.0319 5392 KSecPkg - ok
09:43:42.0381 5392 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
09:43:42.0381 5392 KtmRm - ok
09:43:42.0553 5392 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
09:43:42.0553 5392 LanmanServer - ok
09:43:42.0600 5392 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
09:43:42.0615 5392 LanmanWorkstation - ok
09:43:43.0271 5392 LexBceS (aeedacc6fb20fdba95213ad3bb009b7d) C:\Windows\System32\LEXBCES.EXE
09:43:43.0286 5392 LexBceS - ok
09:43:43.0349 5392 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
09:43:43.0349 5392 lltdio - ok
09:43:44.0297 5392 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
09:43:44.0304 5392 lltdsvc - ok
09:43:44.0327 5392 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
09:43:44.0332 5392 lmhosts - ok
09:43:44.0367 5392 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:43:44.0370 5392 LSI_FC - ok
09:43:44.0410 5392 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:43:44.0413 5392 LSI_SAS - ok
09:43:44.0600 5392 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:43:44.0602 5392 LSI_SAS2 - ok
09:43:44.0627 5392 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:43:44.0630 5392 LSI_SCSI - ok
09:43:44.0658 5392 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
09:43:44.0661 5392 luafv - ok
09:43:44.0709 5392 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
09:43:44.0710 5392 MBAMProtector - ok
09:43:44.0767 5392 MBAMService (43683e970f008c93c9429ef428147a54) D:\Malwarebytes' Anti-Malware\mbamservice.exe
09:43:44.0767 5392 MBAMService - ok
09:43:44.0830 5392 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
09:43:44.0845 5392 Mcx2Svc - ok
09:43:44.0892 5392 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
09:43:44.0892 5392 megasas - ok
09:43:44.0923 5392 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
09:43:44.0923 5392 MegaSR - ok
09:43:45.0079 5392 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:43:45.0079 5392 Microsoft Office Groove Audit Service - ok
09:43:45.0110 5392 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:43:45.0126 5392 MMCSS - ok
09:43:45.0157 5392 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
09:43:45.0157 5392 Modem - ok
09:43:45.0188 5392 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
09:43:45.0188 5392 monitor - ok
09:43:45.0220 5392 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
09:43:45.0220 5392 mouclass - ok
09:43:45.0251 5392 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
09:43:45.0251 5392 mouhid - ok
09:43:45.0298 5392 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
09:43:45.0313 5392 mountmgr - ok
09:43:45.0344 5392 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
09:43:45.0360 5392 mpio - ok
09:43:45.0391 5392 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
09:43:45.0391 5392 mpsdrv - ok
09:43:45.0454 5392 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
09:43:45.0454 5392 MpsSvc - ok
09:43:45.0500 5392 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
09:43:45.0516 5392 MRxDAV - ok
09:43:45.0547 5392 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:43:45.0563 5392 mrxsmb - ok
09:43:45.0594 5392 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:43:45.0610 5392 mrxsmb10 - ok
09:43:45.0625 5392 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:43:45.0641 5392 mrxsmb20 - ok
09:43:45.0672 5392 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
09:43:45.0672 5392 msahci - ok
09:43:45.0719 5392 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
09:43:45.0734 5392 msdsm - ok
09:43:45.0781 5392 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
09:43:45.0797 5392 MSDTC - ok
09:43:45.0844 5392 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
09:43:45.0844 5392 Msfs - ok
09:43:45.0875 5392 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
09:43:45.0875 5392 mshidkmdf - ok
09:43:45.0890 5392 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
09:43:45.0890 5392 msisadrv - ok
09:43:45.0953 5392 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
09:43:45.0953 5392 MSiSCSI - ok
09:43:45.0984 5392 msiserver - ok
09:43:46.0031 5392 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
09:43:46.0031 5392 MSKSSRV - ok
09:43:46.0078 5392 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
09:43:46.0078 5392 MSPCLOCK - ok
09:43:46.0093 5392 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
09:43:46.0093 5392 MSPQM - ok
09:43:46.0124 5392 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
09:43:46.0124 5392 MsRPC - ok
09:43:46.0156 5392 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
09:43:46.0156 5392 mssmbios - ok
09:43:46.0187 5392 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
09:43:46.0202 5392 MSTEE - ok
09:43:46.0218 5392 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
09:43:46.0218 5392 MTConfig - ok
09:43:46.0265 5392 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys
09:43:46.0265 5392 MTsensor - ok
09:43:46.0280 5392 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
09:43:46.0280 5392 Mup - ok
09:43:46.0327 5392 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
09:43:46.0343 5392 napagent - ok
09:43:46.0374 5392 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
09:43:46.0390 5392 NativeWifiP - ok
09:43:46.0405 5392 Nbdrv - ok
09:43:46.0468 5392 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
09:43:46.0468 5392 NDIS - ok
09:43:46.0499 5392 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
09:43:46.0499 5392 NdisCap - ok
09:43:46.0530 5392 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
09:43:46.0530 5392 NdisTapi - ok
09:43:46.0561 5392 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
09:43:46.0577 5392 Ndisuio - ok
09:43:46.0608 5392 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
09:43:46.0608 5392 NdisWan - ok
09:43:46.0655 5392 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
09:43:46.0655 5392 NDProxy - ok
09:43:46.0811 5392 Nero BackItUp Scheduler 3 (2aae889742376edc5c3203dfb74f28fd) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
09:43:46.0826 5392 Nero BackItUp Scheduler 3 - ok
09:43:46.0873 5392 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
09:43:46.0873 5392 NetBIOS - ok
09:43:46.0936 5392 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
09:43:46.0936 5392 NetBT - ok
09:43:47.0014 5392 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:43:47.0014 5392 Netlogon - ok
09:43:47.0076 5392 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
09:43:47.0092 5392 Netman - ok
09:43:47.0123 5392 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
09:43:47.0138 5392 netprofm - ok
09:43:47.0216 5392 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:43:47.0232 5392 NetTcpPortSharing - ok
09:43:47.0279 5392 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
09:43:47.0279 5392 nfrd960 - ok
09:43:47.0326 5392 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
09:43:47.0341 5392 NlaSvc - ok
09:43:47.0482 5392 NMIndexingService (cb992ae1506985d9167e85883b4c3240) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
09:43:47.0497 5392 NMIndexingService - ok
09:43:47.0513 5392 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
09:43:47.0513 5392 Npfs - ok
09:43:47.0560 5392 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
09:43:47.0560 5392 nsi - ok
09:43:47.0575 5392 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
09:43:47.0575 5392 nsiproxy - ok
09:43:47.0669 5392 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
09:43:47.0684 5392 Ntfs - ok
09:43:47.0825 5392 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
09:43:47.0840 5392 Null - ok
09:43:47.0887 5392 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
09:43:47.0887 5392 NVENETFD - ok
09:43:47.0950 5392 NVNET (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS\nvmf6232.sys
09:43:47.0950 5392 NVNET - ok
09:43:47.0996 5392 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
09:43:48.0028 5392 nvraid - ok
09:43:48.0090 5392 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
09:43:48.0090 5392 nvstor - ok
09:43:48.0152 5392 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
09:43:48.0152 5392 nv_agp - ok
09:43:48.0277 5392 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:43:48.0293 5392 odserv - ok
09:43:48.0340 5392 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
09:43:48.0340 5392 ohci1394 - ok
09:43:48.0386 5392 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:43:48.0402 5392 ose - ok
09:43:48.0464 5392 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:43:48.0464 5392 p2pimsvc - ok
09:43:48.0496 5392 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
09:43:48.0511 5392 p2psvc - ok
09:43:48.0558 5392 PAC207 (dca942c0a19a0ad2abcd9acf94eb4b10) C:\Windows\system32\DRIVERS\PFC027.SYS
09:43:48.0574 5392 PAC207 - ok
09:43:48.0605 5392 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
09:43:48.0605 5392 Parport - ok
09:43:48.0652 5392 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
09:43:48.0652 5392 partmgr - ok
09:43:48.0667 5392 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
09:43:48.0667 5392 Parvdm - ok
09:43:48.0714 5392 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
09:43:48.0714 5392 PcaSvc - ok
09:43:48.0745 5392 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
09:43:48.0761 5392 pci - ok
09:43:48.0776 5392 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
09:43:48.0776 5392 pciide - ok
09:43:48.0823 5392 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
09:43:48.0823 5392 pcmcia - ok
09:43:48.0854 5392 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
09:43:48.0854 5392 pcw - ok
09:43:48.0886 5392 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
09:43:48.0901 5392 PEAUTH - ok
09:43:48.0979 5392 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
09:43:48.0995 5392 PeerDistSvc - ok
09:43:49.0088 5392 pelmouse (e541a80cdffd6077c761b4578efc0450) C:\Windows\system32\DRIVERS\pelmouse.sys
09:43:49.0104 5392 pelmouse - ok
09:43:49.0135 5392 pelusblf (6432858a4493e906a7d61b9b17a0672a) C:\Windows\system32\DRIVERS\pelusblf.sys
09:43:49.0151 5392 pelusblf - ok
09:43:49.0291 5392 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
09:43:49.0307 5392 pla - ok
09:43:49.0432 5392 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
09:43:49.0432 5392 PLFlash DeviceIoControl Service - ok
09:43:49.0494 5392 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
09:43:49.0494 5392 PlugPlay - ok
09:43:49.0541 5392 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
09:43:49.0541 5392 PNRPAutoReg - ok
09:43:49.0572 5392 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:43:49.0572 5392 PNRPsvc - ok
09:43:49.0712 5392 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
09:43:49.0728 5392 PolicyAgent - ok
09:43:49.0775 5392 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
09:43:49.0775 5392 Power - ok
09:43:49.0837 5392 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
09:43:49.0837 5392 PptpMiniport - ok
09:43:49.0868 5392 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
09:43:49.0868 5392 Processor - ok
09:43:49.0915 5392 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
09:43:49.0915 5392 ProfSvc - ok
09:43:49.0946 5392 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:43:49.0946 5392 ProtectedStorage - ok
09:43:49.0978 5392 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
09:43:49.0978 5392 Psched - ok
09:43:50.0056 5392 pwdrvio (022542dd0026759a79df532c142e5cda) C:\Windows\system32\pwdrvio.sys
09:43:50.0071 5392 pwdrvio - ok
09:43:50.0087 5392 pwdspio (a838b05740016cb7b5c2e03d63239df8) C:\Windows\system32\pwdspio.sys
09:43:50.0102 5392 pwdspio - ok
09:43:50.0180 5392 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
09:43:50.0196 5392 ql2300 - ok
09:43:50.0368 5392 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
09:43:50.0368 5392 ql40xx - ok
09:43:50.0414 5392 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
09:43:50.0430 5392 QWAVE - ok
09:43:50.0446 5392 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
09:43:50.0446 5392 QWAVEdrv - ok
09:43:50.0477 5392 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
09:43:50.0477 5392 RasAcd - ok
09:43:50.0524 5392 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:43:50.0524 5392 RasAgileVpn - ok
09:43:50.0555 5392 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
09:43:50.0570 5392 RasAuto - ok
09:43:50.0602 5392 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:43:50.0602 5392 Rasl2tp - ok
09:43:50.0648 5392 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
09:43:50.0648 5392 RasMan - ok
09:43:50.0680 5392 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
09:43:50.0680 5392 RasPppoe - ok
09:43:50.0711 5392 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
09:43:50.0711 5392 RasSstp - ok
09:43:50.0742 5392 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
09:43:50.0742 5392 rdbss - ok
09:43:50.0789 5392 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
09:43:50.0789 5392 rdpbus - ok
09:43:50.0820 5392 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:43:50.0820 5392 RDPCDD - ok
09:43:50.0867 5392 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
09:43:50.0867 5392 RDPDR - ok
09:43:50.0914 5392 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
09:43:50.0914 5392 RDPENCDD - ok
09:43:50.0929 5392 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
09:43:50.0929 5392 RDPREFMP - ok
09:43:50.0976 5392 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
09:43:50.0976 5392 RdpVideoMiniport - ok
09:43:51.0038 5392 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
09:43:51.0054 5392 RDPWD - ok
09:43:51.0085 5392 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
09:43:51.0085 5392 rdyboost - ok
09:43:51.0132 5392 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
09:43:51.0132 5392 RemoteAccess - ok
09:43:51.0194 5392 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
09:43:51.0194 5392 RemoteRegistry - ok
09:43:51.0241 5392 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
09:43:51.0241 5392 RFCOMM - ok
09:43:51.0272 5392 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
09:43:51.0272 5392 RpcEptMapper - ok
09:43:51.0304 5392 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
09:43:51.0304 5392 RpcLocator - ok
09:43:51.0366 5392 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:43:51.0366 5392 RpcSs - ok
09:43:51.0397 5392 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
09:43:51.0397 5392 rspndr - ok
09:43:51.0428 5392 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
09:43:51.0444 5392 s3cap - ok
09:43:51.0460 5392 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:43:51.0475 5392 SamSs - ok
09:43:51.0506 5392 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
09:43:51.0506 5392 sbp2port - ok
09:43:51.0538 5392 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
09:43:51.0553 5392 SCardSvr - ok
09:43:51.0584 5392 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
09:43:51.0584 5392 scfilter - ok
09:43:51.0647 5392 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
09:43:51.0662 5392 Schedule - ok
09:43:51.0694 5392 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:43:51.0694 5392 SCPolicySvc - ok
09:43:51.0725 5392 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
09:43:51.0740 5392 SDRSVC - ok
09:43:51.0772 5392 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:43:51.0772 5392 secdrv - ok
09:43:51.0818 5392 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
09:43:51.0818 5392 seclogon - ok
09:43:51.0850 5392 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
09:43:51.0850 5392 SENS - ok
09:43:51.0865 5392 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
09:43:51.0881 5392 SensrSvc - ok
09:43:51.0912 5392 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
09:43:51.0912 5392 Serenum - ok
09:43:51.0928 5392 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
09:43:51.0943 5392 Serial - ok
09:43:51.0974 5392 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
09:43:51.0974 5392 sermouse - ok
09:43:52.0037 5392 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
09:43:52.0052 5392 SessionEnv - ok
09:43:52.0084 5392 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
09:43:52.0084 5392 sffdisk - ok
09:43:52.0115 5392 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
09:43:52.0115 5392 sffp_mmc - ok
09:43:52.0130 5392 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
09:43:52.0130 5392 sffp_sd - ok
09:43:52.0177 5392 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
09:43:52.0177 5392 sfloppy - ok
09:43:52.0240 5392 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
09:43:52.0240 5392 SharedAccess - ok
09:43:52.0302 5392 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
09:43:52.0302 5392 ShellHWDetection - ok
09:43:52.0349 5392 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
09:43:52.0349 5392 sisagp - ok
09:43:52.0396 5392 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:43:52.0396 5392 SiSRaid2 - ok
09:43:52.0427 5392 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
09:43:52.0427 5392 SiSRaid4 - ok
09:43:52.0661 5392 Skype C2C Service (0f97e7a47a52f4a36969f0fc319654c2) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
09:43:52.0708 5392 Skype C2C Service - ok
09:43:52.0770 5392 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
09:43:52.0770 5392 SkypeUpdate - ok
09:43:52.0910 5392 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
09:43:52.0926 5392 Smb - ok
09:43:52.0973 5392 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
09:43:52.0973 5392 SNMPTRAP - ok
09:43:52.0988 5392 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
09:43:53.0020 5392 spldr - ok
09:43:53.0066 5392 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
09:43:53.0082 5392 Spooler - ok
09:43:53.0222 5392 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
09:43:53.0269 5392 sppsvc - ok
09:43:53.0410 5392 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
09:43:53.0410 5392 sppuinotify - ok
09:43:53.0503 5392 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
09:43:53.0503 5392 srv - ok
09:43:53.0534 5392 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
09:43:53.0550 5392 srv2 - ok
09:43:53.0566 5392 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
09:43:53.0581 5392 srvnet - ok
09:43:53.0628 5392 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
09:43:53.0628 5392 SSDPSRV - ok
09:43:53.0659 5392 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
09:43:53.0675 5392 SstpSvc - ok
09:43:53.0706 5392 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
09:43:53.0706 5392 stexstor - ok
09:43:53.0753 5392 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
09:43:53.0768 5392 StiSvc - ok
09:43:53.0815 5392 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
09:43:53.0815 5392 storflt - ok
09:43:53.0846 5392 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
09:43:53.0846 5392 storvsc - ok
09:43:53.0862 5392 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
09:43:53.0862 5392 swenum - ok
09:43:53.0909 5392 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
09:43:53.0924 5392 swprv - ok
09:43:53.0924 5392 Synth3dVsc - ok
09:43:54.0002 5392 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
09:43:54.0018 5392 SysMain - ok
09:43:54.0080 5392 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
09:43:54.0096 5392 TabletInputService - ok
09:43:54.0158 5392 tap0901 (1e89de7a4fb7a854ebb241d0aa8996dd) C:\Windows\system32\DRIVERS\tap0901.sys
09:43:54.0158 5392 tap0901 - ok
09:43:54.0221 5392 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
09:43:54.0236 5392 TapiSrv - ok
09:43:54.0283 5392 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
09:43:54.0299 5392 TBS - ok
09:43:54.0377 5392 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
09:43:54.0408 5392 Tcpip - ok
09:43:54.0595 5392 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
09:43:54.0611 5392 TCPIP6 - ok
09:43:54.0736 5392 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
09:43:54.0736 5392 tcpipreg - ok
09:43:54.0814 5392 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
09:43:54.0814 5392 TDPIPE - ok
09:43:54.0860 5392 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
09:43:54.0876 5392 TDTCP - ok
09:43:54.0907 5392 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
09:43:54.0923 5392 tdx - ok
09:43:54.0954 5392 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
09:43:54.0970 5392 TermDD - ok
09:43:55.0048 5392 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
09:43:55.0063 5392 TermService - ok
09:43:55.0094 5392 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
09:43:55.0110 5392 Themes - ok
09:43:55.0141 5392 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:43:55.0141 5392 THREADORDER - ok
09:43:55.0172 5392 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
09:43:55.0172 5392 TrkWks - ok
09:43:55.0235 5392 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
09:43:55.0250 5392 TrustedInstaller - ok
09:43:55.0266 5392 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:43:55.0282 5392 tssecsrv - ok
09:43:55.0297 5392 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
09:43:55.0297 5392 TsUsbFlt - ok
09:43:55.0313 5392 tsusbhub - ok
09:43:55.0360 5392 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
09:43:55.0360 5392 tunnel - ok
09:43:55.0391 5392 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
09:43:55.0391 5392 uagp35 - ok
09:43:55.0438 5392 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
09:43:55.0453 5392 udfs - ok
09:43:55.0500 5392 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
09:43:55.0500 5392 UI0Detect - ok
09:43:55.0531 5392 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
09:43:55.0531 5392 uliagpkx - ok
09:43:55.0578 5392 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
09:43:55.0578 5392 umbus - ok
09:43:55.0609 5392 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
09:43:55.0625 5392 UmPass - ok
09:43:55.0656 5392 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
09:43:55.0656 5392 UmRdpService - ok
09:43:55.0703 5392 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
09:43:55.0718 5392 upnphost - ok
09:43:55.0765 5392 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
09:43:55.0765 5392 usbccgp - ok
09:43:55.0796 5392 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
09:43:55.0812 5392 usbcir - ok
09:43:55.0828 5392 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
09:43:55.0828 5392 usbehci - ok
09:43:55.0859 5392 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
09:43:55.0859 5392 usbhub - ok
09:43:55.0906 5392 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
09:43:55.0906 5392 usbohci - ok
09:43:55.0952 5392 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
09:43:55.0952 5392 usbprint - ok
09:43:55.0984 5392 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:43:55.0984 5392 USBSTOR - ok
09:43:56.0046 5392 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
09:43:56.0046 5392 usbuhci - ok
09:43:56.0077 5392 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
09:43:56.0093 5392 UxSms - ok
09:43:56.0140 5392 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:43:56.0140 5392 VaultSvc - ok
09:43:56.0171 5392 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
09:43:56.0171 5392 vdrvroot - ok
09:43:56.0233 5392 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
09:43:56.0233 5392 vds - ok
09:43:56.0264 5392 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
09:43:56.0280 5392 vga - ok
09:43:56.0296 5392 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
09:43:56.0296 5392 VgaSave - ok
09:43:56.0311 5392 VGPU - ok
09:43:56.0358 5392 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
09:43:56.0358 5392 vhdmp - ok
09:43:56.0389 5392 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
09:43:56.0389 5392 viaagp - ok
09:43:56.0420 5392 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
09:43:56.0420 5392 ViaC7 - ok
09:43:56.0436 5392 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
09:43:56.0436 5392 viaide - ok
09:43:56.0467 5392 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
09:43:56.0467 5392 vmbus - ok
09:43:56.0498 5392 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
09:43:56.0498 5392 VMBusHID - ok
09:43:56.0530 5392 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
09:43:56.0530 5392 volmgr - ok
09:43:56.0576 5392 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
09:43:56.0592 5392 volmgrx - ok
09:43:56.0639 5392 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
09:43:56.0639 5392 volsnap - ok
09:43:56.0670 5392 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
09:43:56.0670 5392 vsmraid - ok
09:43:56.0748 5392 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
09:43:56.0764 5392 VSS - ok
09:43:56.0795 5392 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
09:43:56.0795 5392 vwifibus - ok
09:43:56.0842 5392 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
09:43:56.0857 5392 W32Time - ok
09:43:56.0904 5392 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
09:43:56.0904 5392 WacomPen - ok
09:43:56.0951 5392 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
09:43:56.0951 5392 WANARP - ok
09:43:56.0966 5392 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
09:43:56.0966 5392 Wanarpv6 - ok
09:43:57.0076 5392 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
09:43:57.0091 5392 WatAdminSvc - ok
09:43:57.0278 5392 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
09:43:57.0294 5392 wbengine - ok
09:43:57.0325 5392 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
09:43:57.0341 5392 WbioSrvc - ok
09:43:57.0388 5392 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
09:43:57.0388 5392 wcncsvc - ok
09:43:57.0419 5392 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
09:43:57.0419 5392 WcsPlugInService - ok
09:43:57.0481 5392 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
09:43:57.0481 5392 Wd - ok
09:43:57.0528 5392 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
09:43:57.0528 5392 Wdf01000 - ok
09:43:57.0559 5392 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
09:43:57.0575 5392 WdiServiceHost - ok
09:43:57.0590 5392 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
09:43:57.0590 5392 WdiSystemHost - ok
09:43:57.0622 5392 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
09:43:57.0637 5392 WebClient - ok

Jurajxxx · Příspěvekod **Jurajxxx** » 03 srp 2012 09:51

09:43:57.0653 5392 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
09:43:57.0668 5392 Wecsvc - ok
09:43:57.0700 5392 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
09:43:57.0700 5392 wercplsupport - ok
09:43:57.0731 5392 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
09:43:57.0731 5392 WerSvc - ok
09:43:57.0746 5392 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
09:43:57.0762 5392 WfpLwf - ok
09:43:57.0793 5392 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
09:43:57.0793 5392 WIMMount - ok
09:43:57.0918 5392 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
09:43:57.0918 5392 WinDefend - ok
09:43:57.0949 5392 WinHttpAutoProxySvc - ok
09:43:58.0012 5392 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
09:43:58.0012 5392 Winmgmt - ok
09:43:58.0105 5392 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
09:43:58.0121 5392 WinRM - ok
09:43:58.0230 5392 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
09:43:58.0230 5392 WinUsb - ok
09:43:58.0308 5392 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
09:43:58.0324 5392 Wlansvc - ok
09:43:58.0355 5392 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
09:43:58.0355 5392 WmiAcpi - ok
09:43:58.0433 5392 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
09:43:58.0433 5392 wmiApSrv - ok
09:43:58.0604 5392 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
09:43:58.0620 5392 WMPNetworkSvc - ok
09:43:58.0760 5392 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
09:43:58.0760 5392 WPCSvc - ok
09:43:58.0807 5392 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
09:43:58.0807 5392 WPDBusEnum - ok
09:43:58.0870 5392 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
09:43:58.0870 5392 ws2ifsl - ok
09:43:58.0901 5392 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
09:43:58.0916 5392 wscsvc - ok
09:43:58.0932 5392 WSearch - ok
09:43:59.0104 5392 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
09:43:59.0135 5392 wuauserv - ok
09:43:59.0275 5392 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
09:43:59.0291 5392 WudfPf - ok
09:43:59.0322 5392 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:43:59.0322 5392 WUDFRd - ok
09:43:59.0353 5392 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
09:43:59.0369 5392 wudfsvc - ok
09:43:59.0400 5392 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
09:43:59.0416 5392 WwanSvc - ok
09:43:59.0462 5392 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:43:59.0915 5392 \Device\Harddisk0\DR0 - ok
09:43:59.0915 5392 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
09:43:59.0930 5392 \Device\Harddisk1\DR1 - ok
09:43:59.0930 5392 Boot (0x1200) (6e96821d77f573a55bb62ea3351e25bb) \Device\Harddisk0\DR0\Partition0
09:43:59.0946 5392 \Device\Harddisk0\DR0\Partition0 - ok
09:43:59.0962 5392 Boot (0x1200) (e2160ba88d4db075a30aee7f5f110605) \Device\Harddisk0\DR0\Partition1
09:43:59.0962 5392 \Device\Harddisk0\DR0\Partition1 - ok
09:43:59.0977 5392 Boot (0x1200) (ef1617f0512f47ee721cdb2c4f3e1027) \Device\Harddisk1\DR1\Partition0
09:43:59.0977 5392 \Device\Harddisk1\DR1\Partition0 - ok
09:43:59.0977 5392 ============================================================
09:43:59.0977 5392 Scan finished
09:43:59.0977 5392 ============================================================
09:44:00.0008 5384 Detected object count: 0
09:44:00.0008 5384 Actual detected object count: 0

Jurajxxx · Příspěvekod **Jurajxxx** » 03 srp 2012 10:14

ComboFix 12-07-31.05 - Juraj . 08. 2012 9:58.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1029.18.3071.1870 [GMT 2:00]
Running from: c:\users\Juraj\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Hyperionics DB Toolbar\tbHElper.dll
c:\users\Juraj\AppData\Local\Minibar
c:\users\Juraj\AppData\Local\Minibar\common.js
c:\users\Juraj\AppData\Local\Minibar\chrome\background.html
c:\users\Juraj\AppData\Local\Minibar\chrome\cached_http_request.js
c:\users\Juraj\AppData\Local\Minibar\chrome\extension_info.json
c:\users\Juraj\AppData\Local\Minibar\chrome\icons\icon128.png
c:\users\Juraj\AppData\Local\Minibar\chrome\icons\icon19.png
c:\users\Juraj\AppData\Local\Minibar\chrome\icons\icon32.png
c:\users\Juraj\AppData\Local\Minibar\chrome\icons\icon48.png
c:\users\Juraj\AppData\Local\Minibar\chrome\includes\content.js
c:\users\Juraj\AppData\Local\Minibar\chrome\includes\content_kango.js
c:\users\Juraj\AppData\Local\Minibar\chrome\includes\content_messaging.js
c:\users\Juraj\AppData\Local\Minibar\chrome\includes\content_userscript.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango-ui\button.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango-ui\ui.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango\browser.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango\console.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango\event_listener.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango\initialize.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango\io.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango\jsonstorage.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango\kango.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango\lang.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango\messaging.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango\userscript_engine.js
c:\users\Juraj\AppData\Local\Minibar\chrome\kango\xhr.js
c:\users\Juraj\AppData\Local\Minibar\chrome\main.js
c:\users\Juraj\AppData\Local\Minibar\chrome\manifest.json
c:\users\Juraj\AppData\Local\Minibar\chrome\minibar\actions.js
c:\users\Juraj\AppData\Local\Minibar\chrome\minibar\cachedxhr.js
c:\users\Juraj\AppData\Local\Minibar\chrome\minibar\config.js
c:\users\Juraj\AppData\Local\Minibar\chrome\minibar\macros.js
c:\users\Juraj\AppData\Local\Minibar\chrome\minibar\minibar.js
c:\users\Juraj\AppData\Local\Minibar\chrome\popup.html
c:\users\Juraj\AppData\Local\Minibar\chrome\popup.js
c:\users\Juraj\AppData\Local\Minibar\chrome\tab.html
c:\users\Juraj\AppData\Local\Minibar\chrome\tab.js
c:\users\Juraj\AppData\Local\Minibar\chrome_installer.js
c:\users\Juraj\AppData\Local\Minibar\install.json
c:\users\Juraj\AppData\Local\Minibar\minibar.crx
c:\users\Juraj\AppData\Local\Minibar\sqlite3.exe
c:\users\Juraj\AppData\Local\Minibar\Uninstall.exe
c:\windows\system32\spool\prtprocs\w32x86\LXAXPP5C.DLL
.
.
((((((((((((((((((((((((( Files Created from 2012-07-03 to 2012-08-03 )))))))))))))))))))))))))))))))
.
.
2012-08-03 08:07 . 2012-08-03 08:07 -------- d-----w- c:\users\Juraj\AppData\Local\temp
2012-08-03 08:07 . 2012-08-03 08:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-03 07:58 . 2012-08-03 07:58 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B39F103C-00D0-43CB-90D5-8DB0B7D5464E}\offreg.dll
2012-08-03 07:28 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B39F103C-00D0-43CB-90D5-8DB0B7D5464E}\mpengine.dll
2012-08-03 07:24 . 2012-08-03 07:24 -------- d-----w- c:\users\Juraj\AppData\Local\Ahead
2012-08-02 22:28 . 2012-08-02 22:28 -------- d-----w- c:\users\Juraj\AppData\Roaming\Malwarebytes
2012-08-02 22:28 . 2012-08-02 22:28 -------- d-----w- c:\programdata\Malwarebytes
2012-08-02 22:28 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-02 21:49 . 2012-08-02 21:49 388096 ----a-r- c:\users\Juraj\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-02 21:40 . 2012-08-02 21:40 -------- d-----w- c:\users\Juraj\AppData\Local\ElevatedDiagnostics
2012-08-02 14:15 . 2012-08-02 14:15 -------- dc----w- c:\users\Juraj\AppData\Local\MigWiz
2012-08-01 20:30 . 2012-08-01 20:30 -------- d-----w- c:\programdata\ATI
2012-08-01 20:30 . 2012-08-01 20:30 -------- d-----w- c:\program files\AMD AVT
2012-08-01 20:30 . 2012-08-01 20:30 -------- d-----w- c:\program files\AMD APP
2012-08-01 20:30 . 2012-08-01 20:30 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-08-01 20:27 . 2012-08-01 20:30 -------- d-----w- c:\program files\ATI Technologies
2012-08-01 20:27 . 2012-08-01 20:27 -------- d-----w- c:\program files\ATI
2012-07-30 13:26 . 2012-07-30 13:26 -------- d-----w- c:\users\Juraj\AppData\Local\AMD
2012-07-30 13:23 . 2012-07-30 13:23 -------- d-----w- c:\users\Juraj\AppData\Roaming\ATI
2012-07-30 13:23 . 2012-07-30 13:23 -------- d-----w- c:\users\Juraj\AppData\Local\ATI
2012-07-30 12:29 . 2012-08-01 20:30 -------- d-----w- c:\programdata\AMD
2012-07-30 12:28 . 2010-02-18 07:18 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2012-07-30 12:27 . 2012-07-30 12:27 -------- d-----w- C:\AMD
2012-07-28 16:57 . 2004-07-14 13:36 57344 ----a-w- c:\windows\system32\ico.exe
2012-07-20 16:42 . 2012-07-20 16:42 -------- d-----w- c:\users\Juraj\temp
2012-07-17 11:47 . 2012-07-21 18:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2012-07-14 08:51 . 2009-11-06 14:32 420352 ----a-w- c:\windows\system32\pwNative.exe
2012-07-14 08:51 . 2009-11-04 09:47 16456 ----a-w- c:\windows\system32\pwdrvio.sys
2012-07-14 08:51 . 2009-11-04 09:47 11088 ----a-w- c:\windows\system32\pwdspio.sys
2012-07-11 09:34 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-05 16:45 . 2012-07-05 16:45 5030088 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 22:01 . 2012-04-14 10:16 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-02 22:01 . 2011-05-17 05:41 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-04 06:58 . 2012-07-04 06:58 10070016 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-07-04 06:35 . 2012-07-04 06:35 19586048 ----a-w- c:\windows\system32\atioglxx.dll
2012-07-04 06:27 . 2012-07-04 06:27 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-04 06:27 . 2012-07-04 06:27 918528 ----a-w- c:\windows\system32\aticfx32.dll
2012-07-04 06:21 . 2012-07-04 06:21 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-04 06:21 . 2012-07-04 06:21 453632 ----a-w- c:\windows\system32\atieclxx.exe
2012-07-04 06:20 . 2012-07-04 06:20 217088 ----a-w- c:\windows\system32\atiesrxx.exe
2012-07-04 06:19 . 2012-07-04 06:19 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-07-04 06:19 . 2012-07-04 06:19 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-07-04 06:19 . 2012-07-04 06:19 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-07-04 06:18 . 2009-08-18 01:31 6811648 ----a-w- c:\windows\system32\atidxx32.dll
2012-07-04 05:36 . 2012-07-04 05:36 1960960 ----a-w- c:\windows\system32\atiumdmv.dll
2012-07-04 05:35 . 2009-08-18 01:20 6245888 ----a-w- c:\windows\system32\atiumdag.dll
2012-07-04 05:28 . 2009-08-18 01:05 4749312 ----a-w- c:\windows\system32\atiumdva.dll
2012-07-04 05:11 . 2012-07-04 05:11 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-07-04 05:11 . 2012-07-04 05:11 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-07-04 05:11 . 2012-07-04 05:11 364544 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-04 05:11 . 2012-07-04 05:11 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-07-04 05:11 . 2012-07-04 05:11 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-07-04 05:10 . 2012-07-04 05:10 290304 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-07-04 05:09 . 2012-07-04 05:09 42496 ----a-w- c:\windows\system32\atiuxpag.dll
2012-07-04 05:09 . 2012-07-04 05:09 32768 ----a-w- c:\windows\system32\atiu9pag.dll
2012-07-04 05:09 . 2012-07-04 05:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-04 05:04 . 2012-07-04 05:04 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-07-04 05:04 . 2012-07-04 05:04 44544 ----a-w- c:\windows\system32\aticalcl.dll
2012-07-04 04:59 . 2012-07-04 04:59 13402112 ----a-w- c:\windows\system32\aticaldd.dll
2012-07-04 00:32 . 2012-07-04 00:32 159232 ----a-w- c:\windows\system32\clinfo.exe
2012-07-01 17:36 . 2012-07-01 17:36 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-06-11 11:50 . 2012-06-11 11:50 65024 ----a-w- c:\windows\system32\OpenVideo.dll
2012-06-11 11:50 . 2012-06-11 11:50 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-06-11 11:49 . 2012-06-11 11:49 13008896 ----a-w- c:\windows\system32\amdocl.dll
2012-06-11 11:48 . 2012-06-11 11:48 50176 ----a-w- c:\windows\system32\OpenCL.dll
2012-06-02 22:19 . 2012-06-22 10:51 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 10:51 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 10:50 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 10:50 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-22 10:51 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-22 10:51 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-22 10:50 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 10:50 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-22 10:50 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 04:40 . 2012-07-11 06:15 225280 ----a-w- c:\windows\system32\schannel.dll
2012-05-31 10:25 . 2010-12-25 09:28 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-07-17 20:42 . 2012-02-23 17:49 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 3080264]
"Mouse Suite 98 Daemon"="ICO.EXE" [2004-07-14 57344]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
"Malwarebytes' Anti-Malware"="d:\malwarebytes' anti-malware\mbamgui.exe" [2012-07-03 462920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ESET NOD32 Antivirus.lnk - c:\program files\ESET\ESET NOD32 Antivirus\egui.exe [2011-9-22 3080264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAF Start
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
2011-09-22 11:03 3080264 ----a-w- c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
.
R1 bbcap;bbcap;c:\windows\system32\DRIVERS\bbcap.sys [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Juraj\AppData\Local\Temp\ALSysIO.sys [x]
R3 Nbdrv;NetBalancer Service;c:\windows\system32\DRIVERS\nbdrv.sys [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 MBAMService;MBAMService;d:\malwarebytes' anti-malware\mbamservice.exe [x]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 22:01]
.
.
------- Supplementary Scan -------
.
IE: E&xportovat do aplikace Microsoft Excel - d:\micros~1\Office12\EXCEL.EXE/3000
IE: {{09E90109-A9AA-4980-BCEF-76F8D924E902}
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} -
TCP: DhcpNameServer = 192.168.100.1
FF - ProfilePath - c:\users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\tstw6p5u.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... 2832595&q=
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Časovač - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-980284151-1687861372-3465359882-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0FA75526-4A89-4CBF-8938-CD14FC1604E5}*]
@Allowed: (Read) (RestrictedCode)
"pafdplggkgccnofpdbfobepbcnmbjlkm"=hex:69,61,61,63,6c,62,69,61,66,6b,65,6a,66,
61,68,65,70,6f,00,00
"oaldgdjfcahlgoojebpemgafkllfhb"=hex:69,61,61,63,6c,62,69,61,66,6b,65,6a,66,61,
68,65,70,6f,00,00
.
[HKEY_USERS\S-1-5-21-980284151-1687861372-3465359882-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F59269D4-F82A-3E27-46EF-8D2A2D23EFCD}*]
"paghbndmianofliodfapegdbfomjgobc"=hex:6a,61,63,63,6e,69,63,6b,62,68,67,6c,6e,
67,6b,65,61,66,65,70,00,00
"oaaolofalbpcnpcmdpehdjgfkmknoj"=hex:6a,61,63,63,6e,69,63,6b,62,68,67,6c,6e,67,
6b,65,61,66,65,70,00,00
"pacibphmcolifflenakgfpbcofkfgemn"=hex:64,61,66,63,68,6d,64,66,00,fc
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-08-03 10:11:09
ComboFix-quarantined-files.txt 2012-08-03 08:11
.
Pre-Run: Volných bajtů: 12 011 368 448
Post-Run: Volných bajtů: 11 799 310 336
.
- - End Of File - - 39CCA1E225E88D9470AD65CAB61A2901

Jurajxxx · Příspěvekod **Jurajxxx** » 04 srp 2012 10:41

Čo ďalej ?

Příspěvekod **Žbeky** » 04 srp 2012 17:09

Toto otestuj na Virustotal
c:\windows\system32\ico.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Prosím o preventívnu kontrolu logu Vyřešeno

Prosím o preventívnu kontrolu logu Vyřešeno

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Kdo je online