Zpomaleny PC prosim o kontrolu Diky

TTT_111 · Příspěvekod **TTT_111** » 22 říj 2012 12:25

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:21:23, on 22.10.2012
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

--
End of file - 6802 bytes

Reklama

Příspěvekod **memphisto** » 22 říj 2012 12:52

V logu fixni:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

TTT_111 · Příspěvekod **TTT_111** » 23 říj 2012 11:40

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.10.21.05

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.16982
Uživatel :: UŽIVATEL-PC [administrátor]

23.10.2012 11:34:18
mbam-log-2012-10-23 (11-34-18).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 185857
Uplynulý čas: 4 minut, 45 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

TTT_111 · Příspěvekod **TTT_111** » 23 říj 2012 11:41

novy HJ log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:41:20, on 23.10.2012
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

--
End of file - 5945 bytes

Příspěvekod **memphisto** » 23 říj 2012 14:47

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

TTT_111 · Příspěvekod **TTT_111** » 23 říj 2012 21:26

21:21:22.0312 4012 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
21:21:22.0499 4012 ============================================================
21:21:22.0499 4012 Current date / time: 2012/10/23 21:21:22.0499
21:21:22.0499 4012 SystemInfo:
21:21:22.0499 4012
21:21:22.0499 4012 OS Version: 6.0.6000 ServicePack: 0.0
21:21:22.0499 4012 Product type: Workstation
21:21:22.0499 4012 ComputerName: UŽIVATEL-PC
21:21:22.0499 4012 UserName: Uživatel
21:21:22.0499 4012 Windows directory: C:\Windows
21:21:22.0499 4012 System windows directory: C:\Windows
21:21:22.0499 4012 Processor architecture: Intel x86
21:21:22.0499 4012 Number of processors: 2
21:21:22.0499 4012 Page size: 0x1000
21:21:22.0499 4012 Boot type: Normal boot
21:21:22.0499 4012 ============================================================
21:21:24.0106 4012 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:21:24.0106 4012 ============================================================
21:21:24.0106 4012 \Device\Harddisk0\DR0:
21:21:24.0106 4012 MBR partitions:
21:21:24.0106 4012 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
21:21:24.0106 4012 ============================================================
21:21:24.0137 4012 C: <-> \Device\Harddisk0\DR0\Partition1
21:21:24.0137 4012 ============================================================
21:21:24.0137 4012 Initialize success
21:21:24.0137 4012 ============================================================
21:21:25.0869 3252 ============================================================
21:21:25.0869 3252 Scan started
21:21:25.0869 3252 Mode: Manual;
21:21:25.0869 3252 ============================================================
21:21:29.0145 3252 ================ Scan system memory ========================
21:21:29.0145 3252 System memory - ok
21:21:29.0145 3252 ================ Scan services =============================
21:21:29.0270 3252 [ F11D68E40ED62FDB7C460C445F1EC4E5 ] 602XML Updater C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
21:21:29.0270 3252 602XML Updater - ok
21:21:29.0784 3252 [ 4DF5E6215A102A192B2B6DBB61F2FBA5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
21:21:29.0784 3252 Accelerometer - ok
21:21:29.0878 3252 [ 192BDBD1540645C4A2AA69F24CCE197F ] ACPI C:\Windows\system32\drivers\acpi.sys
21:21:29.0878 3252 ACPI - ok
21:21:29.0925 3252 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:21:29.0925 3252 AdobeARMservice - ok
21:21:29.0972 3252 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:21:29.0987 3252 AdobeFlashPlayerUpdateSvc - ok
21:21:30.0018 3252 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:21:30.0018 3252 adp94xx - ok
21:21:30.0065 3252 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:21:30.0065 3252 adpahci - ok
21:21:30.0096 3252 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
21:21:30.0096 3252 adpu160m - ok
21:21:30.0128 3252 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:21:30.0128 3252 adpu320 - ok
21:21:30.0159 3252 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:21:30.0159 3252 AeLookupSvc - ok
21:21:30.0221 3252 [ 20F078136F3BDC4C0405C0527B769303 ] AESTAud C:\Windows\system32\drivers\AESTAud.sys
21:21:30.0237 3252 AESTAud - ok
21:21:30.0330 3252 [ 2DF51AD2961282D68D90A03AC2294194 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\aestsrv.exe
21:21:30.0330 3252 AESTFilters - ok
21:21:30.0424 3252 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
21:21:30.0424 3252 AFD - ok
21:21:30.0455 3252 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:21:30.0471 3252 agp440 - ok
21:21:30.0502 3252 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:21:30.0502 3252 aic78xx - ok
21:21:30.0533 3252 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
21:21:30.0533 3252 ALG - ok
21:21:30.0549 3252 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
21:21:30.0549 3252 aliide - ok
21:21:30.0580 3252 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:21:30.0580 3252 amdagp - ok
21:21:30.0627 3252 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
21:21:30.0627 3252 amdide - ok
21:21:30.0658 3252 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
21:21:30.0658 3252 AmdK7 - ok
21:21:30.0674 3252 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:21:30.0674 3252 AmdK8 - ok
21:21:30.0736 3252 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
21:21:30.0736 3252 Appinfo - ok
21:21:30.0798 3252 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:21:30.0798 3252 Apple Mobile Device - ok
21:21:30.0861 3252 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
21:21:30.0876 3252 arc - ok
21:21:30.0939 3252 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:21:30.0939 3252 arcsas - ok
21:21:30.0986 3252 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:21:30.0986 3252 AsyncMac - ok
21:21:31.0017 3252 [ 4F4FCB8B6EA06784FB6D475B7EC7300F ] atapi C:\Windows\system32\drivers\atapi.sys
21:21:31.0017 3252 atapi - ok
21:21:31.0064 3252 [ 99FDF0E65F82C0E47BC04363C09DE146 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
21:21:31.0064 3252 Ati External Event Utility - ok
21:21:31.0376 3252 [ E8044E9976D43B1D00EADE351E447349 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:21:31.0500 3252 atikmdag - ok
21:21:31.0563 3252 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:21:31.0563 3252 AudioEndpointBuilder - ok
21:21:31.0563 3252 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:21:31.0578 3252 Audiosrv - ok
21:21:31.0781 3252 [ D99B2C8C5F2F6EF05590198B0FB4FA1A ] AVerAF15 C:\Windows\system32\Drivers\AVerAF15.sys
21:21:31.0859 3252 AVerAF15 - ok
21:21:31.0968 3252 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
21:21:31.0968 3252 Beep - ok
21:21:32.0000 3252 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
21:21:32.0000 3252 BFE - ok
21:21:32.0046 3252 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
21:21:32.0062 3252 BITS - ok
21:21:32.0062 3252 blbdrive - ok
21:21:32.0124 3252 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:21:32.0124 3252 Bonjour Service - ok
21:21:32.0156 3252 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:21:32.0156 3252 bowser - ok
21:21:32.0187 3252 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
21:21:32.0187 3252 BrFiltLo - ok
21:21:32.0218 3252 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
21:21:32.0218 3252 BrFiltUp - ok
21:21:32.0249 3252 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
21:21:32.0249 3252 Browser - ok
21:21:32.0280 3252 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
21:21:32.0280 3252 Brserid - ok
21:21:32.0296 3252 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
21:21:32.0312 3252 BrSerWdm - ok
21:21:32.0327 3252 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
21:21:32.0327 3252 BrUsbMdm - ok
21:21:32.0327 3252 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
21:21:32.0327 3252 BrUsbSer - ok
21:21:32.0405 3252 [ CF97C2D6A011EE9403B42191B5F95BA8 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
21:21:32.0405 3252 BthEnum - ok
21:21:32.0436 3252 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:21:32.0436 3252 BTHMODEM - ok
21:21:32.0483 3252 [ B8C3D9DDF85FD197C3E5F849FEF71144 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:21:32.0483 3252 BthPan - ok
21:21:32.0499 3252 [ B4CE8000AAB30A9AB16CD0FB3DB4D7CF ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
21:21:32.0499 3252 BTHPORT - ok
21:21:32.0530 3252 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
21:21:32.0530 3252 BthServ - ok
21:21:32.0546 3252 [ 9A4DDC8544C1459AA2A118A8858DADE3 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
21:21:32.0546 3252 BTHUSB - ok
21:21:32.0561 3252 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:21:32.0561 3252 cdfs - ok
21:21:32.0592 3252 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:21:32.0592 3252 cdrom - ok
21:21:32.0608 3252 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
21:21:32.0608 3252 CertPropSvc - ok
21:21:32.0624 3252 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:21:32.0624 3252 circlass - ok
21:21:32.0670 3252 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
21:21:32.0686 3252 CLFS - ok
21:21:32.0780 3252 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:21:32.0780 3252 clr_optimization_v2.0.50727_32 - ok
21:21:32.0858 3252 [ 0FED59EDB4A83FF17F1778827B88AB1A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:21:32.0858 3252 CmBatt - ok
21:21:32.0889 3252 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:21:32.0889 3252 cmdide - ok
21:21:32.0951 3252 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:21:32.0951 3252 Compbatt - ok
21:21:32.0951 3252 COMSysApp - ok
21:21:32.0967 3252 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:21:32.0967 3252 crcdisk - ok
21:21:32.0998 3252 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
21:21:33.0014 3252 Crusoe - ok
21:21:33.0060 3252 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:21:33.0060 3252 CryptSvc - ok
21:21:33.0123 3252 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
21:21:33.0138 3252 DcomLaunch - ok
21:21:33.0138 3252 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:21:33.0138 3252 DfsC - ok
21:21:33.0341 3252 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
21:21:33.0388 3252 DFSR - ok
21:21:33.0435 3252 [ 17210D8064EC116A3FC6B5E45E577D43 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
21:21:33.0450 3252 Dhcp - ok
21:21:33.0466 3252 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
21:21:33.0466 3252 disk - ok
21:21:33.0528 3252 [ EECBA1DD142BF8693C476BE8F32FE253 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:21:33.0528 3252 Dnscache - ok
21:21:33.0544 3252 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
21:21:33.0560 3252 dot3svc - ok
21:21:33.0606 3252 [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:21:33.0622 3252 Dot4 - ok
21:21:33.0653 3252 [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:21:33.0653 3252 Dot4Print - ok
21:21:33.0669 3252 [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:21:33.0669 3252 dot4usb - ok
21:21:33.0747 3252 [ 49D1EF79A514F8386C30E290C50552CC ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
21:21:33.0747 3252 DpHost - ok
21:21:33.0778 3252 [ 8EF243E3BAF1AB4F6202EDEB8890319B ] DPS C:\Windows\system32\dps.dll
21:21:33.0778 3252 DPS - ok
21:21:33.0809 3252 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:21:33.0809 3252 drmkaud - ok
21:21:33.0856 3252 [ F032A2F91287A0B800891C7BEF9CA7A8 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:21:33.0872 3252 DXGKrnl - ok
21:21:33.0903 3252 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
21:21:33.0903 3252 E1G60 - ok
21:21:33.0950 3252 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
21:21:33.0950 3252 EapHost - ok
21:21:33.0996 3252 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
21:21:33.0996 3252 Ecache - ok
21:21:34.0043 3252 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:21:34.0043 3252 ehRecvr - ok
21:21:34.0059 3252 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
21:21:34.0074 3252 ehSched - ok
21:21:34.0074 3252 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
21:21:34.0090 3252 ehstart - ok
21:21:34.0121 3252 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:21:34.0121 3252 elxstor - ok
21:21:34.0168 3252 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
21:21:34.0184 3252 EMDMgmt - ok
21:21:34.0215 3252 [ 004B2EA6CC2598EC5F0552E43CE29CEF ] enecir C:\Windows\system32\DRIVERS\enecir.sys
21:21:34.0215 3252 enecir - ok
21:21:34.0262 3252 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
21:21:34.0277 3252 EventSystem - ok
21:21:34.0308 3252 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:21:34.0308 3252 fastfat - ok
21:21:34.0340 3252 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:21:34.0340 3252 fdc - ok
21:21:34.0371 3252 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
21:21:34.0371 3252 fdPHost - ok
21:21:34.0386 3252 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
21:21:34.0386 3252 FDResPub - ok
21:21:34.0402 3252 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:21:34.0402 3252 FileInfo - ok
21:21:34.0433 3252 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:21:34.0433 3252 Filetrace - ok
21:21:34.0480 3252 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:21:34.0480 3252 flpydisk - ok
21:21:34.0496 3252 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:21:34.0496 3252 FltMgr - ok
21:21:34.0589 3252 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:21:34.0589 3252 FontCache3.0.0.0 - ok
21:21:34.0636 3252 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:21:34.0636 3252 Fs_Rec - ok
21:21:34.0667 3252 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:21:34.0667 3252 gagp30kx - ok
21:21:34.0714 3252 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:21:34.0714 3252 GEARAspiWDM - ok
21:21:34.0761 3252 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
21:21:34.0776 3252 gpsvc - ok
21:21:34.0808 3252 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:21:34.0808 3252 HdAudAddService - ok
21:21:34.0839 3252 [ 5FD053F305B77EBE97F284B20D89DC1C ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:21:34.0839 3252 HDAudBus - ok
21:21:34.0854 3252 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:21:34.0854 3252 HidBth - ok
21:21:34.0870 3252 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:21:34.0870 3252 HidIr - ok
21:21:34.0886 3252 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
21:21:34.0886 3252 hidserv - ok
21:21:34.0917 3252 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:21:34.0917 3252 HidUsb - ok
21:21:34.0932 3252 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
21:21:34.0948 3252 hkmsvc - ok
21:21:34.0964 3252 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
21:21:34.0964 3252 HpCISSs - ok
21:21:34.0979 3252 [ E1D82F0C8456ABB03B7DF5D623CA47D1 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
21:21:34.0979 3252 hpdskflt - ok
21:21:34.0979 3252 [ D1F817E61D52816996B8F1EBA9A38276 ] hpsrv C:\Windows\system32\Hpservice.exe
21:21:34.0995 3252 hpsrv - ok
21:21:35.0010 3252 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:21:35.0026 3252 HTTP - ok
21:21:35.0057 3252 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
21:21:35.0057 3252 i2omp - ok
21:21:35.0151 3252 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:21:35.0166 3252 i8042prt - ok
21:21:35.0182 3252 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
21:21:35.0182 3252 iaStorV - ok
21:21:35.0276 3252 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:21:35.0354 3252 idsvc - ok
21:21:35.0369 3252 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:21:35.0369 3252 iirsp - ok
21:21:35.0400 3252 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
21:21:35.0400 3252 IKEEXT - ok
21:21:35.0432 3252 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
21:21:35.0432 3252 intelide - ok
21:21:35.0447 3252 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:21:35.0447 3252 intelppm - ok
21:21:35.0463 3252 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:21:35.0463 3252 IPBusEnum - ok
21:21:35.0494 3252 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:21:35.0494 3252 IpFilterDriver - ok
21:21:35.0572 3252 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:21:35.0572 3252 iphlpsvc - ok
21:21:35.0572 3252 IpInIp - ok
21:21:35.0603 3252 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
21:21:35.0603 3252 IPMIDRV - ok
21:21:35.0619 3252 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
21:21:35.0634 3252 IPNAT - ok
21:21:35.0681 3252 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:21:35.0712 3252 iPod Service - ok
21:21:35.0728 3252 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:21:35.0728 3252 IRENUM - ok
21:21:35.0744 3252 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:21:35.0744 3252 isapnp - ok
21:21:35.0790 3252 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:21:35.0790 3252 iScsiPrt - ok
21:21:35.0806 3252 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
21:21:35.0806 3252 iteatapi - ok
21:21:35.0822 3252 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
21:21:35.0822 3252 iteraid - ok
21:21:35.0884 3252 [ AB772E9CC29C29F59CB4B75F9D6F3F96 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
21:21:35.0884 3252 JMCR - ok
21:21:35.0900 3252 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:21:35.0900 3252 kbdclass - ok
21:21:35.0931 3252 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:21:35.0946 3252 kbdhid - ok
21:21:35.0993 3252 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
21:21:35.0993 3252 KeyIso - ok
21:21:36.0040 3252 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:21:36.0165 3252 KSecDD - ok
21:21:36.0196 3252 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
21:21:36.0212 3252 KtmRm - ok
21:21:36.0227 3252 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll
21:21:36.0227 3252 LanmanServer - ok
21:21:36.0258 3252 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:21:36.0274 3252 LanmanWorkstation - ok
21:21:36.0290 3252 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:21:36.0305 3252 lltdio - ok
21:21:36.0321 3252 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:21:36.0321 3252 lltdsvc - ok
21:21:36.0336 3252 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:21:36.0336 3252 lmhosts - ok
21:21:36.0368 3252 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:21:36.0368 3252 LSI_FC - ok
21:21:36.0399 3252 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:21:36.0399 3252 LSI_SAS - ok
21:21:36.0430 3252 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:21:36.0430 3252 LSI_SCSI - ok
21:21:36.0461 3252 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
21:21:36.0461 3252 luafv - ok
21:21:36.0555 3252 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:21:36.0555 3252 MBAMProtector - ok
21:21:36.0664 3252 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:21:36.0695 3252 MBAMScheduler - ok
21:21:36.0773 3252 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:21:36.0789 3252 MBAMService - ok
21:21:36.0820 3252 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:21:36.0820 3252 Mcx2Svc - ok
21:21:36.0851 3252 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
21:21:36.0851 3252 megasas - ok
21:21:36.0882 3252 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
21:21:36.0882 3252 MMCSS - ok
21:21:36.0914 3252 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
21:21:36.0914 3252 Modem - ok
21:21:36.0945 3252 [ EC839BA91E45CCE6EADAFC418FFF8206 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:21:36.0945 3252 monitor - ok
21:21:37.0070 3252 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:21:37.0070 3252 mouclass - ok
21:21:37.0101 3252 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:21:37.0116 3252 mouhid - ok
21:21:37.0179 3252 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
21:21:37.0194 3252 MountMgr - ok
21:21:37.0226 3252 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
21:21:37.0226 3252 mpio - ok
21:21:37.0257 3252 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:21:37.0257 3252 mpsdrv - ok
21:21:37.0272 3252 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
21:21:37.0288 3252 MpsSvc - ok
21:21:37.0304 3252 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
21:21:37.0319 3252 Mraid35x - ok
21:21:37.0366 3252 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:21:37.0366 3252 MRxDAV - ok
21:21:37.0382 3252 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:21:37.0382 3252 mrxsmb - ok
21:21:37.0397 3252 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:21:37.0413 3252 mrxsmb10 - ok
21:21:37.0413 3252 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:21:37.0413 3252 mrxsmb20 - ok
21:21:37.0428 3252 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
21:21:37.0428 3252 msahci - ok
21:21:37.0444 3252 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:21:37.0460 3252 msdsm - ok
21:21:37.0460 3252 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
21:21:37.0460 3252 MSDTC - ok
21:21:37.0475 3252 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:21:37.0475 3252 Msfs - ok
21:21:37.0491 3252 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:21:37.0491 3252 msisadrv - ok
21:21:37.0522 3252 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:21:37.0522 3252 MSiSCSI - ok
21:21:37.0522 3252 msiserver - ok
21:21:37.0553 3252 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:21:37.0553 3252 MSKSSRV - ok
21:21:37.0584 3252 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:21:37.0584 3252 MSPCLOCK - ok
21:21:37.0600 3252 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:21:37.0600 3252 MSPQM - ok
21:21:37.0600 3252 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:21:37.0616 3252 MsRPC - ok
21:21:37.0616 3252 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:21:37.0616 3252 mssmbios - ok
21:21:37.0647 3252 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:21:37.0662 3252 MSTEE - ok
21:21:37.0662 3252 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
21:21:37.0662 3252 Mup - ok
21:21:37.0709 3252 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
21:21:37.0709 3252 napagent - ok
21:21:37.0725 3252 [ 497DE786240303EE67AB01F5690C24C2 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:21:37.0740 3252 NativeWifiP - ok
21:21:37.0772 3252 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:21:37.0772 3252 NDIS - ok
21:21:37.0803 3252 [ 7584F1794B23B83D63CC124A8C56D103 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:21:37.0818 3252 NdisTapi - ok
21:21:37.0834 3252 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:21:37.0834 3252 Ndisuio - ok
21:21:37.0850 3252 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:21:37.0850 3252 NdisWan - ok
21:21:37.0850 3252 [ 874C12E3AD1431CABC854697D302C563 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:21:37.0865 3252 NDProxy - ok
21:21:37.0865 3252 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:21:37.0865 3252 NetBIOS - ok
21:21:37.0896 3252 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
21:21:37.0896 3252 netbt - ok
21:21:37.0912 3252 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
21:21:37.0912 3252 Netlogon - ok
21:21:37.0928 3252 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
21:21:37.0943 3252 Netman - ok
21:21:37.0943 3252 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
21:21:37.0959 3252 netprofm - ok
21:21:38.0021 3252 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:21:38.0021 3252 NetTcpPortSharing - ok
21:21:38.0177 3252 [ 83F310BF50985F2A52121F2614787C38 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
21:21:38.0255 3252 NETw5v32 - ok
21:21:38.0286 3252 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:21:38.0286 3252 nfrd960 - ok
21:21:38.0318 3252 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
21:21:38.0318 3252 NlaSvc - ok
21:21:38.0333 3252 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:21:38.0333 3252 Npfs - ok
21:21:38.0349 3252 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
21:21:38.0349 3252 nsi - ok
21:21:38.0380 3252 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:21:38.0380 3252 nsiproxy - ok
21:21:38.0411 3252 [ 3F379380A4A2637F559444E338CF1B51 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:21:38.0442 3252 Ntfs - ok
21:21:38.0458 3252 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
21:21:38.0458 3252 ntrigdigi - ok
21:21:38.0505 3252 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
21:21:38.0505 3252 Null - ok
21:21:38.0552 3252 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:21:38.0567 3252 nvraid - ok
21:21:38.0598 3252 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:21:38.0598 3252 nvstor - ok
21:21:38.0630 3252 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:21:38.0630 3252 nv_agp - ok
21:21:38.0645 3252 NwlnkFlt - ok
21:21:38.0645 3252 NwlnkFwd - ok
21:21:38.0864 3252 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:21:38.0864 3252 odserv - ok
21:21:38.0895 3252 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:21:38.0910 3252 ohci1394 - ok
21:21:38.0988 3252 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:21:38.0988 3252 ose - ok
21:21:39.0066 3252 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
21:21:39.0082 3252 p2pimsvc - ok
21:21:39.0113 3252 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
21:21:39.0113 3252 p2psvc - ok
21:21:39.0160 3252 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
21:21:39.0160 3252 Parport - ok
21:21:39.0191 3252 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:21:39.0191 3252 partmgr - ok
21:21:39.0222 3252 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
21:21:39.0222 3252 Parvdm - ok
21:21:39.0269 3252 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:21:39.0269 3252 PcaSvc - ok
21:21:39.0285 3252 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
21:21:39.0285 3252 pci - ok
21:21:39.0300 3252 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
21:21:39.0300 3252 pciide - ok
21:21:39.0347 3252 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:21:39.0347 3252 pcmcia - ok
21:21:39.0394 3252 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:21:39.0425 3252 PEAUTH - ok
21:21:39.0581 3252 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
21:21:39.0690 3252 pla - ok
21:21:39.0753 3252 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:21:39.0753 3252 PlugPlay - ok
21:21:39.0784 3252 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
21:21:39.0784 3252 PNRPAutoReg - ok
21:21:39.0815 3252 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
21:21:39.0815 3252 PNRPsvc - ok
21:21:39.0846 3252 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:21:39.0846 3252 PolicyAgent - ok
21:21:39.0893 3252 [ 6C359AC71D7B550A0D41F9DB4563CE05 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:21:39.0893 3252 PptpMiniport - ok
21:21:39.0924 3252 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
21:21:39.0924 3252 Processor - ok
21:21:39.0956 3252 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
21:21:39.0971 3252 ProfSvc - ok
21:21:39.0971 3252 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:21:39.0987 3252 ProtectedStorage - ok
21:21:39.0987 3252 [ B74EDF14453C9987E99E66535047EBEE ] PSched C:\Windows\system32\DRIVERS\pacer.sys
21:21:39.0987 3252 PSched - ok
21:21:40.0049 3252 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:21:40.0096 3252 ql2300 - ok
21:21:40.0127 3252 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:21:40.0127 3252 ql40xx - ok
21:21:40.0158 3252 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
21:21:40.0158 3252 QWAVE - ok
21:21:40.0174 3252 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:21:40.0174 3252 QWAVEdrv - ok
21:21:40.0190 3252 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:21:40.0190 3252 RasAcd - ok
21:21:40.0205 3252 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
21:21:40.0205 3252 RasAuto - ok
21:21:40.0252 3252 [ 88587DD843E2059848995B407B67F6CF ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:21:40.0252 3252 Rasl2tp - ok
21:21:40.0283 3252 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
21:21:40.0283 3252 RasMan - ok
21:21:40.0330 3252 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:21:40.0330 3252 RasPppoe - ok
21:21:40.0346 3252 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:21:40.0361 3252 rdbss - ok
21:21:40.0377 3252 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:21:40.0377 3252 RDPCDD - ok
21:21:40.0408 3252 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
21:21:40.0408 3252 rdpdr - ok
21:21:40.0408 3252 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:21:40.0408 3252 RDPENCDD - ok
21:21:40.0424 3252 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:21:40.0439 3252 RDPWD - ok
21:21:40.0486 3252 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
21:21:40.0486 3252 RemoteAccess - ok
21:21:40.0517 3252 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:21:40.0517 3252 RemoteRegistry - ok
21:21:40.0548 3252 [ 7EC90C316177BA3F1BCE92005264B447 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:21:40.0548 3252 RFCOMM - ok
21:21:40.0642 3252 [ 8804BCB4383859F66FFD51F049A1D744 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
21:21:40.0642 3252 RMCAST - ok
21:21:40.0689 3252 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
21:21:40.0704 3252 RpcLocator - ok
21:21:40.0720 3252 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
21:21:40.0720 3252 RpcSs - ok
21:21:40.0751 3252 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:21:40.0751 3252 rspndr - ok
21:21:40.0782 3252 [ 174B9514CD1A0C33CE4BBC02A3C81A62 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
21:21:40.0782 3252 RTL8169 - ok
21:21:40.0782 3252 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
21:21:40.0798 3252 SamSs - ok
21:21:40.0829 3252 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:21:40.0829 3252 sbp2port - ok
21:21:40.0907 3252 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:21:40.0907 3252 SCardSvr - ok
21:21:41.0016 3252 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
21:21:41.0048 3252 Schedule - ok
21:21:41.0063 3252 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:21:41.0063 3252 SCPolicySvc - ok
21:21:41.0094 3252 [ 4339A2585708C7D9B0C0CE5AAD3DD6FF ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
21:21:41.0094 3252 sdbus - ok
21:21:41.0110 3252 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:21:41.0126 3252 SDRSVC - ok
21:21:41.0141 3252 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:21:41.0141 3252 secdrv - ok
21:21:41.0157 3252 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
21:21:41.0157 3252 seclogon - ok
21:21:41.0157 3252 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
21:21:41.0172 3252 SENS - ok
21:21:41.0188 3252 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:21:41.0188 3252 Serenum - ok
21:21:41.0204 3252 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
21:21:41.0204 3252 Serial - ok
21:21:41.0219 3252 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:21:41.0219 3252 sermouse - ok
21:21:41.0250 3252 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
21:21:41.0266 3252 SessionEnv - ok
21:21:41.0313 3252 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:21:41.0313 3252 sffdisk - ok
21:21:41.0344 3252 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:21:41.0344 3252 sffp_mmc - ok
21:21:41.0360 3252 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:21:41.0360 3252 sffp_sd - ok
21:21:41.0375 3252 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:21:41.0375 3252 sfloppy - ok
21:21:41.0406 3252 [ 11AAC56C04D26195D21C4F5229DB4726 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:21:41.0422 3252 SharedAccess - ok
21:21:41.0438 3252 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:21:41.0438 3252 ShellHWDetection - ok
21:21:41.0469 3252 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:21:41.0469 3252 sisagp - ok
21:21:41.0484 3252 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
21:21:41.0484 3252 SiSRaid2 - ok
21:21:41.0500 3252 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:21:41.0500 3252 SiSRaid4 - ok
21:21:41.0640 3252 [ 7610645679BB5994210D21A347E0C479 ] slsvc C:\Windows\system32\SLsvc.exe
21:21:41.0687 3252 slsvc - ok
21:21:41.0734 3252 [ 49670F3E42A0178A0AB425AE15D88E7C ] SLUINotify C:\Windows\system32\SLUINotify.dll
21:21:41.0734 3252 SLUINotify - ok
21:21:41.0750 3252 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:21:41.0750 3252 Smb - ok
21:21:41.0765 3252 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:21:41.0765 3252 SNMPTRAP - ok
21:21:41.0781 3252 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
21:21:41.0781 3252 spldr - ok
21:21:41.0796 3252 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
21:21:41.0796 3252 Spooler - ok
21:21:41.0859 3252 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys
21:21:41.0890 3252 srv - ok
21:21:41.0937 3252 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:21:41.0937 3252 srv2 - ok
21:21:41.0937 3252 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:21:41.0937 3252 srvnet - ok
21:21:41.0968 3252 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:21:41.0984 3252 SSDPSRV - ok
21:21:42.0030 3252 [ 3603F3DB9FBA2A8FA91829681BA25AFA ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\STacSV.exe
21:21:42.0030 3252 STacSV - ok
21:21:42.0124 3252 [ 9AEFC1BC01E03A4AFB8E718FC2F72C10 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
21:21:42.0202 3252 STHDA - ok
21:21:42.0233 3252 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
21:21:42.0233 3252 stisvc - ok
21:21:42.0249 3252 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:21:42.0249 3252 swenum - ok
21:21:42.0296 3252 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
21:21:42.0327 3252 swprv - ok
21:21:42.0358 3252 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
21:21:42.0374 3252 Symc8xx - ok
21:21:42.0389 3252 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
21:21:42.0389 3252 Sym_hi - ok
21:21:42.0420 3252 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
21:21:42.0420 3252 Sym_u3 - ok
21:21:42.0514 3252 [ C2C883E965B6F2219480AB2F3DA6D145 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:21:42.0514 3252 SynTP - ok
21:21:42.0545 3252 [ C1FDFF9AFD8C6C905485981B41DCFB40 ] SysMain C:\Windows\system32\sysmain.dll
21:21:42.0561 3252 SysMain - ok
21:21:42.0576 3252 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:21:42.0576 3252 TabletInputService - ok
21:21:42.0592 3252 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:21:42.0592 3252 TapiSrv - ok
21:21:42.0608 3252 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
21:21:42.0623 3252 TBS - ok
21:21:42.0732 3252 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:21:42.0810 3252 Tcpip - ok
21:21:42.0842 3252 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
21:21:42.0842 3252 Tcpip6 - ok
21:21:42.0857 3252 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:21:42.0873 3252 tcpipreg - ok
21:21:42.0888 3252 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:21:42.0888 3252 TDPIPE - ok
21:21:42.0904 3252 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:21:42.0904 3252 TDTCP - ok
21:21:42.0935 3252 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:21:42.0935 3252 tdx - ok
21:21:42.0966 3252 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:21:42.0966 3252 TermDD - ok
21:21:42.0998 3252 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
21:21:43.0013 3252 TermService - ok
21:21:43.0013 3252 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
21:21:43.0029 3252 Themes - ok
21:21:43.0044 3252 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
21:21:43.0044 3252 THREADORDER - ok
21:21:43.0060 3252 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
21:21:43.0060 3252 TrkWks - ok
21:21:43.0138 3252 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:21:43.0138 3252 TrustedInstaller - ok
21:21:43.0232 3252 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:21:43.0232 3252 tssecsrv - ok
21:21:43.0310 3252 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
21:21:43.0310 3252 tunmp - ok
21:21:43.0325 3252 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:21:43.0325 3252 tunnel - ok
21:21:43.0356 3252 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:21:43.0356 3252 uagp35 - ok
21:21:43.0372 3252 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:21:43.0372 3252 udfs - ok
21:21:43.0419 3252 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:21:43.0419 3252 UI0Detect - ok
21:21:43.0434 3252 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:21:43.0434 3252 uliagpkx - ok
21:21:43.0466 3252 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
21:21:43.0466 3252 uliahci - ok
21:21:43.0481 3252 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
21:21:43.0497 3252 UlSata - ok
21:21:43.0512 3252 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
21:21:43.0512 3252 ulsata2 - ok
21:21:43.0528 3252 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:21:43.0528 3252 umbus - ok
21:21:43.0544 3252 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
21:21:43.0559 3252 upnphost - ok
21:21:43.0575 3252 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
21:21:43.0575 3252 USBAAPL - ok
21:21:43.0606 3252 [ 8BD3AE150D97BA4E633C6C5C51B41AE1 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:21:43.0606 3252 usbccgp - ok
21:21:43.0622 3252 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:21:43.0622 3252 usbcir - ok
21:21:43.0668 3252 [ 63FE924D8A1113C3BA6750693FBEC7D3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:21:43.0668 3252 usbehci - ok
21:21:43.0684 3252 [ 5EDEC5510592C905E91817707DCE62A2 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:21:43.0684 3252 usbhub - ok
21:21:43.0715 3252 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:21:43.0715 3252 usbohci - ok
21:21:43.0731 3252 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:21:43.0731 3252 usbprint - ok
21:21:43.0778 3252 [ FDBAABF07244C60B0F4E0A6E71A107C6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:21:43.0778 3252 USBSTOR - ok
21:21:43.0809 3252 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:21:43.0809 3252 usbuhci - ok
21:21:43.0856 3252 [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:21:43.0856 3252 usbvideo - ok
21:21:43.0887 3252 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
21:21:43.0887 3252 UxSms - ok
21:21:43.0902 3252 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
21:21:43.0918 3252 vds - ok
21:21:43.0965 3252 [ EDFB7F3DEC6E0C1F820BE678E1FCAF02 ] vfsFPService C:\Windows\system32\vfsFPService.exe
21:21:43.0980 3252 vfsFPService - ok
21:21:44.0043 3252 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:21:44.0043 3252 vga - ok
21:21:44.0058 3252 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
21:21:44.0074 3252 VgaSave - ok
21:21:44.0090 3252 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:21:44.0090 3252 viaagp - ok
21:21:44.0121 3252 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
21:21:44.0121 3252 ViaC7 - ok
21:21:44.0136 3252 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
21:21:44.0136 3252 viaide - ok
21:21:44.0152 3252 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:21:44.0152 3252 volmgr - ok
21:21:44.0168 3252 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:21:44.0183 3252 volmgrx - ok
21:21:44.0199 3252 [ 11EF6C1CAEF76B685233450A126125D6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:21:44.0214 3252 volsnap - ok
21:21:44.0246 3252 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:21:44.0261 3252 vsmraid - ok
21:21:44.0339 3252 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
21:21:44.0386 3252 VSS - ok
21:21:44.0402 3252 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
21:21:44.0402 3252 W32Time - ok
21:21:44.0433 3252 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:21:44.0433 3252 WacomPen - ok
21:21:44.0464 3252 [ 6E1A5BE9A0605F3D932FF35FBA2B22B3 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:21:44.0464 3252 Wanarp - ok
21:21:44.0464 3252 [ 6E1A5BE9A0605F3D932FF35FBA2B22B3 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:21:44.0480 3252 Wanarpv6 - ok
21:21:44.0495 3252 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:21:44.0495 3252 wcncsvc - ok
21:21:44.0495 3252 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:21:44.0511 3252 WcsPlugInService - ok
21:21:44.0542 3252 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
21:21:44.0542 3252 Wd - ok
21:21:44.0604 3252 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:21:44.0620 3252 Wdf01000 - ok
21:21:44.0651 3252 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:21:44.0651 3252 WdiServiceHost - ok
21:21:44.0651 3252 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:21:44.0651 3252 WdiSystemHost - ok
21:21:44.0682 3252 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
21:21:44.0698 3252 WebClient - ok
21:21:44.0729 3252 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
21:21:44.0729 3252 Wecsvc - ok
21:21:44.0745 3252 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:21:44.0745 3252 wercplsupport - ok
21:21:44.0760 3252 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
21:21:44.0776 3252 WerSvc - ok
21:21:44.0823 3252 [ EC0180032C6D201EF26FAD1A0C14E674 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:21:44.0823 3252 WinDefend - ok
21:21:44.0823 3252 WinHttpAutoProxySvc - ok
21:21:44.0870 3252 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:21:44.0870 3252 Winmgmt - ok
21:21:44.0901 3252 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
21:21:44.0916 3252 WinRM - ok
21:21:44.0932 3252 [ 086D2E78EECD6195667282ADC6CA109F ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
21:21:44.0932 3252 WinUSB - ok
21:21:44.0963 3252 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:21:44.0994 3252 Wlansvc - ok
21:21:45.0010 3252 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:21:45.0010 3252 WmiAcpi - ok
21:21:45.0041 3252 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:21:45.0041 3252 wmiApSrv - ok
21:21:45.0182 3252 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:21:45.0197 3252 WMPNetworkSvc - ok
21:21:45.0228 3252 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:21:45.0228 3252 WPCSvc - ok
21:21:45.0260 3252 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:21:45.0260 3252 WPDBusEnum - ok
21:21:45.0291 3252 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
21:21:45.0306 3252 WpdUsb - ok
21:21:45.0338 3252 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:21:45.0338 3252 ws2ifsl - ok
21:21:45.0353 3252 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
21:21:45.0353 3252 wscsvc - ok
21:21:45.0353 3252 WSearch - ok
21:21:45.0431 3252 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
21:21:45.0478 3252 wuauserv - ok
21:21:45.0494 3252 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:21:45.0494 3252 WUDFRd - ok
21:21:45.0525 3252 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:21:45.0525 3252 wudfsvc - ok
21:21:45.0540 3252 ================ Scan global ===============================
21:21:45.0572 3252 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
21:21:45.0603 3252 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
21:21:45.0603 3252 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
21:21:45.0634 3252 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
21:21:45.0634 3252 [Global] - ok
21:21:45.0634 3252 ================ Scan MBR ==================================
21:21:45.0634 3252 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:21:46.0648 3252 \Device\Harddisk0\DR0 - ok
21:21:46.0648 3252 ================ Scan VBR ==================================
21:21:46.0710 3252 [ 181921BD83A102CF000D7BC6271D5828 ] \Device\Harddisk0\DR0\Partition1
21:21:46.0726 3252 \Device\Harddisk0\DR0\Partition1 - ok
21:21:46.0726 3252 ============================================================
21:21:46.0726 3252 Scan finished
21:21:46.0726 3252 ============================================================
21:21:46.0742 3328 Detected object count: 0
21:21:46.0742 3328 Actual detected object count: 0
21:22:14.0868 1948 Deinitialize success

TTT_111 · Příspěvekod **TTT_111** » 23 říj 2012 21:39

ComboFix 12-10-23.01 - Uživatel 23.10.2012 21:30:12.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.3038.2029 [GMT 2:00]
Spuštěný z: c:\users\U×ivatel\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Windows
c:\programdata\windows\dsdd.dat
c:\programdata\Windows\nudr.dat
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-23 do 2012-10-23 )))))))))))))))))))))))))))))))
.
.
2012-10-23 09:42 . 2012-10-23 09:42 -------- d-----w- c:\users\Uživatel\AppData\Local\Adobe
2012-10-23 09:32 . 2012-10-17 00:32 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2AA26FC9-6099-44E1-B9AA-D4AD9730F419}\mpengine.dll
2012-10-22 10:20 . 2012-10-22 10:20 388096 ----a-r- c:\users\Uživatel\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-22 10:20 . 2012-10-22 10:20 -------- d-----w- c:\program files\Trend Micro
2012-10-22 09:52 . 2012-09-24 21:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-20 20:57 . 2012-02-26 22:15 55144 -c--a-w- c:\programdata\Microsoft\Windows\WER\ReportQueue\Report09b28a44\AppleMobileDeviceService.exe
2012-10-20 20:38 . 2006-11-02 09:45 62976 -c--a-w- c:\programdata\Microsoft\Windows\WER\ReportQueue\Report074fe233\smss.exe
2012-10-08 21:38 . 2012-10-08 21:39 -------- d-----w- c:\users\Uživatel\AppData\Roaming\pdfforge
2012-10-08 21:37 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2012-10-08 21:37 . 2012-07-29 11:59 81920 ----a-w- c:\windows\system32\pdfcmon.dll
2012-10-08 21:37 . 2012-05-05 09:54 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2012-10-08 21:37 . 2012-10-08 21:38 -------- d-----w- c:\program files\PDFCreator
2012-10-08 21:37 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2012-10-01 12:03 . 2012-10-01 12:03 -------- d-----w- c:\program files\Common Files\Java
2012-10-01 11:45 . 2012-10-01 11:45 -------- d-----w- c:\programdata\McAfee
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-22 10:20 . 2012-10-22 10:20 388096 ----a-r- c:\users\Uživatel\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-22 10:20 . 2012-10-22 10:20 388096 ----a-r- c:\users\Uživatel\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-10 14:37 . 2012-04-02 21:19 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-10 14:37 . 2012-04-02 21:19 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-01 12:02 . 2012-08-15 06:19 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-01 12:02 . 2012-04-05 22:17 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-29 17:54 . 2012-04-10 09:11 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17149576]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Facebook Update"="c:\users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-28 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-04-30 1529128]
"UCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-04-17 842816]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-02-22 483420]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
.
c:\users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [x]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\aestsrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 14:37]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-AESTFltr - c:\windows\system32\AESTFltr.exe
AddRemove-AVerMedia A309 (MiniCard, DVB-T) - c:\program files\AVerMedia\AVerMedia A309 (MiniCard
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-23 21:34
Windows 6.0.6000 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(648)
c:\windows\system32\DPPWDFLT.dll
.
Celkový čas: 2012-10-23 21:36:49
ComboFix-quarantined-files.txt 2012-10-23 19:36
.
Před spuštěním: Volných bajtů: 440 949 530 624
Po spuštění: Volných bajtů: 440 909 639 680
.
- - End Of File - - 7E9B4DE8BC73CB474B88E0C2E0A44614

Příspěvekod **Žbeky** » 24 říj 2012 17:56

Kde máš antivir?

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\programdata\McAfee

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

TTT_111 · Příspěvekod **TTT_111** » 26 říj 2012 15:36

ComboFix 12-10-23.01 - Uživatel 26.10.2012 14:32:10.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.3038.2113 [GMT 2:00]
Spuštěný z: c:\users\U×ivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\U×ivatel\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-26 do 2012-10-26 )))))))))))))))))))))))))))))))
.
.
2012-10-26 12:36 . 2012-10-26 12:36 -------- d-----w- c:\users\Uživatel\AppData\Local\temp
2012-10-26 12:36 . 2012-10-26 12:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-24 19:33 . 2012-10-24 19:33 -------- d-----w- c:\users\Uživatel\AppData\Local\Apple
2012-10-23 19:41 . 2012-10-23 19:41 -------- d-----w- c:\windows\Sun
2012-10-23 09:42 . 2012-10-23 09:42 -------- d-----w- c:\users\Uživatel\AppData\Local\Adobe
2012-10-23 09:32 . 2012-10-17 00:32 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2AA26FC9-6099-44E1-B9AA-D4AD9730F419}\mpengine.dll
2012-10-22 10:20 . 2012-10-22 10:20 388096 ----a-r- c:\users\Uživatel\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-22 10:20 . 2012-10-22 10:20 -------- d-----w- c:\program files\Trend Micro
2012-10-22 09:52 . 2012-09-24 21:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-20 20:57 . 2012-02-26 22:15 55144 -c--a-w- c:\programdata\Microsoft\Windows\WER\ReportQueue\Report09b28a44\AppleMobileDeviceService.exe
2012-10-20 20:38 . 2006-11-02 09:45 62976 -c--a-w- c:\programdata\Microsoft\Windows\WER\ReportQueue\Report074fe233\smss.exe
2012-10-08 21:38 . 2012-10-08 21:39 -------- d-----w- c:\users\Uživatel\AppData\Roaming\pdfforge
2012-10-08 21:37 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2012-10-08 21:37 . 2012-07-29 11:59 81920 ----a-w- c:\windows\system32\pdfcmon.dll
2012-10-08 21:37 . 2012-05-05 09:54 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2012-10-08 21:37 . 2012-10-08 21:38 -------- d-----w- c:\program files\PDFCreator
2012-10-08 21:37 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2012-10-01 12:03 . 2012-10-01 12:03 -------- d-----w- c:\program files\Common Files\Java
2012-10-01 11:45 . 2012-10-01 11:45 -------- d-----w- c:\programdata\McAfee
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-22 10:20 . 2012-10-22 10:20 388096 ----a-r- c:\users\Uživatel\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-22 10:20 . 2012-10-22 10:20 388096 ----a-r- c:\users\Uživatel\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-10 14:37 . 2012-04-02 21:19 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-10 14:37 . 2012-04-02 21:19 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-01 12:02 . 2012-08-15 06:19 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-01 12:02 . 2012-04-05 22:17 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-29 17:54 . 2012-04-10 09:11 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17149576]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Facebook Update"="c:\users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-28 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-04-30 1529128]
"UCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-04-17 842816]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-02-22 483420]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
.
c:\users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [x]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\aestsrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 14:37]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-26 14:36
Windows 6.0.6000 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(652)
c:\windows\system32\DPPWDFLT.dll
.
- - - - - - - > 'Explorer.exe'(4956)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\program files\DigitalPersona\Bin\DpoSet.dll
.
Celkový čas: 2012-10-26 14:38:45
ComboFix-quarantined-files.txt 2012-10-26 12:38
ComboFix2.txt 2012-10-23 19:36
.
Před spuštěním: Volných bajtů: 436 902 146 048
Po spuštění: Volných bajtů: 439 185 154 048
.
- - End Of File - - 778FB9AEC1733FB25BAC458EF8685D95

Příspěvekod **Orcus** » 26 říj 2012 19:24

Žbeky píše:Kde máš antivir?

TTT_111 · Příspěvekod **TTT_111** » 26 říj 2012 20:39

mam to odinstalovanej uz delsi dobu

Příspěvekod **memphisto** » 26 říj 2012 22:46

Nic se neprovedlo. Znovu v nouzovém režimu. Antivir je důležitý...

Zpomaleny PC prosim o kontrolu Diky

Zpomaleny PC prosim o kontrolu Diky

Re: Zpomaleny PC prosim o kontrolu Diky

Re: Zpomaleny PC prosim o kontrolu Diky

Re: Zpomaleny PC prosim o kontrolu Diky

Re: Zpomaleny PC prosim o kontrolu Diky

Re: Zpomaleny PC prosim o kontrolu Diky

Re: Zpomaleny PC prosim o kontrolu Diky

Re: Zpomaleny PC prosim o kontrolu Diky

Re: Zpomaleny PC prosim o kontrolu Diky

Re: Zpomaleny PC prosim o kontrolu Diky

Re: Zpomaleny PC prosim o kontrolu Diky

Re: Zpomaleny PC prosim o kontrolu Diky

Kdo je online