Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:35:24, on 20.8.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\EDIMAX\Common\RaUI.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\My Documents\Downloads\HijackThis.exe
C:\Program Files\FarmHelper\FarmHelper.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_Prot
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/batchwork/{0F7E5077-734F-4BA1-8194-DFEF411D3412}
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\DealBulldog Toolbar\tbhelper.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DealBulldog Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Wireless Utility.lnk = C:\Program Files\EDIMAX\Common\RaUI.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
--
End of file - 10467 bytes
Dakujem za pomoc
prosim o kontrolu logu Vyřešeno
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu
Máš dva antiviry!! AVG a AVAST. jeden odinstaluj a ponechej jen jeden!!
Odinstaluj:
DealBulldog Toolbar
Babylon Toolbar
ICQ Toolbar
sweetIM Toolbar
Google Toolbar
v logu fixni:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_Prot
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/batchwork/{0F7E5077-734F-4BA1-8194-DFEF411D3412}
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\DealBulldog Toolbar\tbhelper.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DealBulldog Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.
Odinstaluj:
DealBulldog Toolbar
Babylon Toolbar
ICQ Toolbar
sweetIM Toolbar
Google Toolbar
v logu fixni:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_Prot
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/batchwork/{0F7E5077-734F-4BA1-8194-DFEF411D3412}
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\DealBulldog Toolbar\tbhelper.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DealBulldog Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: prosim o kontrolu logu
Malwarebytes Anti-Malware (Skúšobná verzia) 1.62.0.1300
www.malwarebytes.org
Verzia databázy: v2012.08.20.07
Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Ľuba :: LUBA [administrátor]
Ochrana: Zapnuté
20.8.2012 15:54:34
mbam-log-2012-08-20 (16-04-07).txt
Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 176301
Uplynutý čas: 8 min, 37 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C749E08-6B62-11E0-B6DA-075F4824019B} (Adware.GamePlayLabs) -> Žiadna úloha nevykonaná.
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Škodlivý: (1) Dobrý: (0) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Škodlivý: (1) Dobrý: (0) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Škodlivý: (1) Dobrý: (0) -> Žiadna úloha nevykonaná.
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 3
C:\Documents and Settings\Ľuba\My Documents\Downloads\Webfetti.exe (PUP.FunWebProducts) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\Ľuba\My Documents\Downloads\installfreefileopener_553.exe (PUP.BundleOffers.IIQ) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\Ľuba\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Žiadna úloha nevykonaná.
(koniec)
www.malwarebytes.org
Verzia databázy: v2012.08.20.07
Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Ľuba :: LUBA [administrátor]
Ochrana: Zapnuté
20.8.2012 15:54:34
mbam-log-2012-08-20 (16-04-07).txt
Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 176301
Uplynutý čas: 8 min, 37 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C749E08-6B62-11E0-B6DA-075F4824019B} (Adware.GamePlayLabs) -> Žiadna úloha nevykonaná.
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Škodlivý: (1) Dobrý: (0) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Škodlivý: (1) Dobrý: (0) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Škodlivý: (1) Dobrý: (0) -> Žiadna úloha nevykonaná.
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 3
C:\Documents and Settings\Ľuba\My Documents\Downloads\Webfetti.exe (PUP.FunWebProducts) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\Ľuba\My Documents\Downloads\installfreefileopener_553.exe (PUP.BundleOffers.IIQ) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\Ľuba\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Žiadna úloha nevykonaná.
(koniec)
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu
Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Stáhni si TDSSKiller
Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Stáhni si TDSSKiller
Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: prosim o kontrolu logu
Malwarebytes Anti-Malware (Skúšobná verzia) 1.62.0.1300
www.malwarebytes.org
Verzia databázy: v2012.08.20.07
Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Ľuba :: LUBA [administrátor]
Ochrana: Zapnuté
20.8.2012 16:50:01
mbam-log-2012-08-20 (16-50-01).txt
Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 176219
Uplynutý čas: 8 min, 35 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 0
(Škodlivé položky neboli zistené)
(koniec)
www.malwarebytes.org
Verzia databázy: v2012.08.20.07
Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Ľuba :: LUBA [administrátor]
Ochrana: Zapnuté
20.8.2012 16:50:01
mbam-log-2012-08-20 (16-50-01).txt
Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 176219
Uplynutý čas: 8 min, 35 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 0
(Škodlivé položky neboli zistené)
(koniec)
Re: prosim o kontrolu logu
ComboFix 12-08-20.01 - Ľuba 20.08.2012 17:24:06.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.1014.570 [GMT 2:00]
Running from: c:\documents and settings\-uba\Desktop\ComboFix.exe
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\system32\Cache
c:\windows\system32\Cache\02c9ce2a17ffa806.fb
c:\windows\system32\Cache\270c31f01aa83dd8.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\5dc9edb112b6fb83.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\9c94f18cd8110271.fb
c:\windows\system32\Cache\a2e1db1caa7ff85f.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\cf286427a617be01.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\MUI\041b\tourstart.exe
D:\AUTORUN.INF
.
.
((((((((((((((((((((((((( Files Created from 2012-07-20 to 2012-08-20 )))))))))))))))))))))))))))))))
.
.
2012-08-20 15:34 . 2004-08-03 22:56 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2012-08-20 13:52 . 2012-08-20 13:52 -------- d-----w- c:\documents and settings\Ľuba\Application Data\Malwarebytes
2012-08-20 13:52 . 2012-08-20 13:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-08-20 13:52 . 2012-08-20 13:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-20 13:52 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-04 09:29 . 2012-08-04 10:06 -------- d-----w- c:\program files\VS Revo Group
2012-07-29 12:27 . 2012-07-29 12:27 -------- d-----w- c:\documents and settings\Ľuba\Application Data\Goodsol
2012-07-29 12:26 . 2000-05-22 13:58 244416 ----a-w- c:\windows\system32\msflxgrd.ocx
2012-07-29 12:26 . 2000-05-22 13:58 140488 ----a-w- c:\windows\system32\comdlg32.ocx
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 16:46 . 2012-06-07 20:09 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-15 16:46 . 2011-11-25 17:19 70344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-28 13:50 . 2011-05-03 09:42 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys
2012-04-21 01:18 . 2012-05-23 17:55 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-07-09 21:59 2074208 ----a-w- c:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-09 2074208]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Wireless Utility.lnk - c:\program files\EDIMAX\Common\RaUI.exe [2011-5-3 1642496]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Wireless Utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Wireless Utility.lnk
backup=c:\windows\pss\Wireless Utility.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
2012-03-06 23:15 4241512 ----a-w- c:\program files\AVAST Software\Avast\AvastUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVFX Engine]
2006-06-08 23:11 24576 ------w- c:\program files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-03 22:56 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-03 16:06 1848648 -c--a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-10 16:20 689488 -c--a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-03 22:56 15360 -c--a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-04-14 18:28 136176 ----atw- c:\documents and settings\Ľuba\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-03 23:06 1667584 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 12:02 254696 -c--a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
2011-12-05 11:42 114992 -c--a-r- c:\program files\SweetIM\Messenger\SweetIM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"avast! Antivirus"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SightSpeed\\SightSpeed.exe"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\Documents and Settings\\Ľuba\\My Documents\\Downloads\\SweetImSetup.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
"c:\\Documents and Settings\\Ľuba\\My Documents\\Downloads\\SweetIMSetup (2).exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19.4.2012 4:50 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [11.7.2011 1:13 31952]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.4.2011 22:05 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.4.2011 22:05 337880]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [11.7.2011 1:13 235216]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11.7.2011 1:14 301248]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.4.2011 22:05 20696]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [4.7.2012 17:25 5160568]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14.2.2012 4:53 193288]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [20.8.2012 15:52 655944]
R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [23.12.2011 13:22 19072]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [9.7.2012 23:59 935008]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23.12.2011 13:32 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23.12.2011 13:32 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23.12.2011 13:32 17232]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [20.8.2012 15:52 22344]
S2 Ca1528av;SPCA1528 Video Camera Service;c:\windows\system32\drivers\Ca1528av.sys [20.5.2012 7:40 516480]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [7.6.2012 22:09 250056]
S3 Bulk1528;SPCA1528 Still Camera Service;c:\windows\system32\drivers\Bulk1528.sys [20.5.2012 7:40 14080]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys --> c:\windows\system32\DRIVERS\ew_hwusbdev.sys [?]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys --> c:\windows\system32\DRIVERS\ew_jubusenum.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [23.5.2012 19:55 129976]
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-07 16:46]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.sweetim.com/?crg=2.03001.10 ... =12&barid={87460D7A-3BAF-11E1-8EE5-001F1FE318CE}
uSearch Page =
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com/?crg=2.03001.10 ... =12&barid={87460D7A-3BAF-11E1-8EE5-001F1FE318CE}
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant =
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\Ľuba\Application Data\Mozilla\Firefox\Profiles\uak0jerg.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8 ... &ilc=12&p=
FF - prefs.js: browser.startup.homepage - hxxp://home.sweetim.com/?crg=2.03001.10 ... =12&barid={87460D7A-3BAF-11E1-8EE5-001F1FE318CE}
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
MSConfigStartUp-Creative Live! Cam Manager - c:\program files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
MSConfigStartUp-SearchSettings - c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
MSConfigStartUp-V0250Mon - c:\windows\V0250Mon.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-20 17:35
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Data]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Networking]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET Data Provider for Oracle]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET Data Provider for SqlServer]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NETFramework]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aavmker4]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Abiosdsk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\abp480n5]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACDaemon]
"ImagePath"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPI]
"ImagePath"="system32\DRIVERS\ACPI.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPIEC]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AdobeFlashPlayerUpdateSvc]
"ImagePath"="c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\adpu160m]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aec]
"ImagePath"="system32\drivers\aec.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AegisP]
"ImagePath"="system32\DRIVERS\AegisP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Afc]
"ImagePath"="system32\drivers\Afc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AFD]
"ImagePath"="\SystemRoot\System32\drivers\afd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aha154x]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78u2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78xx]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Alerter]
"ServiceDll"="%SystemRoot%\system32\alrsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AliIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\amsint]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3350p]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3550]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET_2.0.50727]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aspnet_state]
"ImagePath"="%SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswFsBlk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMon2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswRdr]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSnx]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\atapi]
"ImagePath"="system32\DRIVERS\atapi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atdisk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atmarpc]
"ImagePath"="system32\DRIVERS\atmarpc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\audstub]
"ImagePath"="system32\DRIVERS\audstub.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\avast! Antivirus]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avg]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSAgent]
"ImagePath"="\"c:\program files\AVG\AVG2012\AVGIDSAgent.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSDriver]
"ImagePath"="system32\DRIVERS\avgidsdriverx.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSFilter]
"ImagePath"="system32\DRIVERS\avgidsfilterx.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSHX]
"ImagePath"="system32\DRIVERS\avgidshx.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSShim]
"ImagePath"="system32\DRIVERS\avgidsshimx.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avgldx86]
"ImagePath"="system32\DRIVERS\avgldx86.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avgmfx86]
"ImagePath"="system32\DRIVERS\avgmfx86.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avgrkx86]
"ImagePath"="system32\DRIVERS\avgrkx86.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avgtdix]
"ImagePath"="system32\DRIVERS\avgtdix.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\avgwd]
"ImagePath"="\"c:\program files\AVG\AVG2012\avgwdsvc.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BattC]
"MofImagePath"="System32\Drivers\battc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BITS]
"ServiceDll"="c:\windows\system32\qmgr.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BthEnum]
"ImagePath"="system32\DRIVERS\BthEnum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BthPan]
"ImagePath"="system32\DRIVERS\bthpan.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BTHPORT]
"ImagePath"="System32\Drivers\BTHport.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BthServ]
"ServiceDll"="%SystemRoot%\System32\bthserv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BTHUSB]
"ImagePath"="System32\Drivers\BTHUSB.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Bulk1528]
"ImagePath"="System32\Drivers\Bulk1528.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ca1528av]
"ImagePath"="System32\Drivers\Ca1528av.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme]
"ImagePath"="\??\c:\docume~1\UBA~1\LOCALS~1\Temp\catchme.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cbidf2k]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CCDECODE]
"ImagePath"="system32\DRIVERS\CCDECODE.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cd20xrnt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdaudio]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Changer]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CiSvc]
"ImagePath"="%SystemRoot%\system32\cisvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ClipSrv]
"ImagePath"="%SystemRoot%\system32\clipsrv.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\clr_optimization_v2.0.50727_32]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentFilter]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentIndex]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cpqarray]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\System32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac2w2k]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac960nt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dhcp]
"ServiceDll"="%SystemRoot%\System32\dhcpcsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Disk]
"ImagePath"="system32\DRIVERS\disk.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmadmin]
"ImagePath"="%SystemRoot%\System32\dmadmin.exe /com"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmboot]
"ImagePath"="System32\drivers\dmboot.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmio]
"ImagePath"="System32\drivers\dmio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmload]
"ImagePath"="System32\drivers\dmload.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmserver]
"ServiceDll"="%SystemRoot%\System32\dmserver.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DMusic]
"ImagePath"="system32\drivers\DMusic.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dpti2o]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ERSvc]
"ServiceDll"="%SystemRoot%\System32\ersvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog]
"ImagePath"="%SystemRoot%\system32\services.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EventSystem]
"ServiceDll"="c:\windows\system32\es.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ewusbnet]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ew_hwusbdev]
"ImagePath"="system32\DRIVERS\ew_hwusbdev.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fastfat]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FastUserSwitchingCompatibility]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fdc]
"ImagePath"="system32\DRIVERS\fdc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fips]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Flpydisk]
"ImagePath"="system32\DRIVERS\flpydisk.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FltMgr]
"ImagePath"="system32\DRIVERS\fltMgr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fs_Rec]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ftdisk]
"ImagePath"="system32\DRIVERS\ftdisk.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Gpc]
"ImagePath"="system32\DRIVERS\msgpc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\helpsvc]
"ServiceDll"="%SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HidServ]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hpn]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTP]
"ImagePath"="System32\Drivers\HTTP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTPFilter]
"ServiceDll"="%SystemRoot%\System32\w3ssl.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\huawei_enumerator]
"ImagePath"="system32\DRIVERS\ew_jubusenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\huawei_update]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hwdatacard]
"ImagePath"="system32\DRIVERS\ewusbmdm.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hwusbdev]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omgmt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omp]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ialm]
"ImagePath"="system32\DRIVERS\igxpmp32.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Imapi]
"ImagePath"="system32\DRIVERS\imapi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ImapiService]
"ImagePath"="%systemroot%\system32\imapi.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\inetaccs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ini910u]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Inport]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IntcAzAudAddService]
"ImagePath"="system32\drivers\RtkHDAud.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IntelIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\intelppm]
"ImagePath"="system32\DRIVERS\intelppm.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ip6Fw]
"ImagePath"="system32\DRIVERS\Ip6Fw.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpInIp]
"ImagePath"="system32\DRIVERS\ipinip.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpNat]
"ImagePath"="system32\DRIVERS\ipnat.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IPSec]
"ImagePath"="system32\DRIVERS\ipsec.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\irda]
"ImagePath"="system32\DRIVERS\irda.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IRENUM]
"ImagePath"="system32\DRIVERS\irenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Irmon]
"ServiceDll"="%SystemRoot%\System32\irmon.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\irsir]
"ImagePath"="system32\DRIVERS\irsir.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ISAPISearch]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\isapnp]
"ImagePath"="system32\DRIVERS\isapnp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\JavaQuickStarterService]
"ImagePath"="\"c:\program files\Java\jre6\bin\jqs.exe\" -service -config \"c:\program files\Java\jre6\lib\deploy\jqs\jqs.conf\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kbdhid]
"ImagePath"="system32\DRIVERS\kbdhid.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kmixer]
"ImagePath"="system32\drivers\kmixer.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KSecDD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanserver]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanworkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lbrtfdc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ldap]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LicenseService]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LmHosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MBAMProtector]
"ImagePath"="\??\c:\windows\system32\drivers\mbam.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MBAMService]
"ImagePath"="\"c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Messenger]
"ServiceDll"="%SystemRoot%\System32\msgsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmdd]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmsrvc]
"ImagePath"="c:\windows\system32\mnmsrvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Modem]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MountMgr]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MozillaMaintenance]
"ImagePath"="c:\program files\Mozilla Maintenance Service\maintenanceservice.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mraid35x]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxDAV]
"ImagePath"="system32\DRIVERS\mrxdav.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxSmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSDTC]
"ImagePath"="c:\windows\system32\msdtc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Msfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mup]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NABTSFEC]
"ImagePath"="system32\DRIVERS\NABTSFEC.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDIS]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisIP]
"ImagePath"="system32\DRIVERS\NdisIP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDProxy]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBT]
"ImagePath"="system32\DRIVERS\netbt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDE]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDEdsdm]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Nla]
"ServiceDll"="%SystemRoot%\System32\mswsock.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Npfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ntfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtLmSsp]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc]
"ServiceDll"="%SystemRoot%\system32\ntmssvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Null]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFlt]
"ImagePath"="system32\DRIVERS\nwlnkflt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFwd]
"ImagePath"="system32\DRIVERS\nwlnkfwd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ose]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Outlook]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Parport]
"ImagePath"="system32\DRIVERS\parport.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PartMgr]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ParVdm]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCI]
"ImagePath"="system32\DRIVERS\pci.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIDump]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIIde]
"ImagePath"="system32\DRIVERS\pciide.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Pcmcia]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDCOMP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDFRAME]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRELI]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRFRAME]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2hib]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfDisk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfNet]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfOS]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfProc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PlugPlay]
"ImagePath"="%SystemRoot%\system32\services.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PolicyAgent]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PSched]
"ImagePath"="system32\DRIVERS\psched.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ptilink]
"ImagePath"="system32\DRIVERS\ptilink.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1080]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ql10wnt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql12160]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1240]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1280]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RalinkRegistryWriter]
"ImagePath"="c:\program files\EDIMAX\Common\RalinkRegistryWriter.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAcd]
"ImagePath"="system32\DRIVERS\rasacd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rasirda]
"ImagePath"="system32\DRIVERS\rasirda.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Raspti]
"ImagePath"="system32\DRIVERS\raspti.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPDD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rdpdr]
"ImagePath"="system32\DRIVERS\rdpdr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPNP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPWD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDSessMgr]
"ImagePath"="c:\windows\system32\sessmgr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\redbook]
"ImagePath"="system32\DRIVERS\redbook.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RemoteAccess]
"ServiceDll"="%SystemRoot%\System32\mprdim.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RFCOMM]
"ImagePath"="system32\DRIVERS\rfcomm.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcSs]
"ServiceDll"="%SystemRoot%\System32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RSVP]
"ImagePath"="%SystemRoot%\system32\rsvp.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rt2870]
"ImagePath"="system32\DRIVERS\rt2870.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RTLE8023xp]
"ImagePath"="system32\DRIVERS\Rtenicxp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCardSvr]
"ImagePath"="%SystemRoot%\System32\SCardSvr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Schedule]
"ServiceDll"="%SystemRoot%\system32\schedsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Scutum50]
"ImagePath"="System32\Drivers\Scutum50.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Secdrv]
"ImagePath"="system32\DRIVERS\secdrv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\seclogon]
"ServiceDll"="%SystemRoot%\System32\seclogon.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SENS]
"ServiceDll"="%SystemRoot%\System32\sens.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\serenum]
"ImagePath"="system32\DRIVERS\serenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Serial]
"ImagePath"="system32\DRIVERS\serial.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sfloppy]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Simbad]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SLIP]
"ImagePath"="system32\DRIVERS\SLIP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sparrow]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\splitter]
"ImagePath"="system32\drivers\splitter.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Spooler]
"ImagePath"="%SystemRoot%\system32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sr]
"ImagePath"="system32\DRIVERS\sr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\srservice]
"ServiceDll"="c:\windows\system32\srsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Srv]
"ImagePath"="system32\DRIVERS\srv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\stisvc]
"ServiceDll"="%SystemRoot%\system32\wiaservc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\streamip]
"ImagePath"="system32\DRIVERS\StreamIP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swmidi]
"ImagePath"="system32\drivers\swmidi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SwPrv]
"ImagePath"="c:\windows\system32\dllhost.exe /Processid:{E2FDC6AB-7DAB-4F4D-AC54-06054DE5B184}"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc810]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc8xx]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_hi]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_u3]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sysaudio]
"ImagePath"="system32\drivers\sysaudio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SysmonLog]
"ImagePath"="%SystemRoot%\system32\smlogsvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip]
"ImagePath"="system32\DRIVERS\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDPIPE]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDTCP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Themes]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TlntSvr]
"ImagePath"="c:\windows\system32\tlntsvr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TosIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TrkWks]
"ServiceDll"="%SystemRoot%\system32\trkwks.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSDDD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Udfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ultra]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Update]
"ImagePath"="system32\DRIVERS\update.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UPS]
"ImagePath"="%SystemRoot%\System32\ups.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\USBSTOR]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbuhci]
"ImagePath"="system32\DRIVERS\usbuhci.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\USB_RNDIS]
"ImagePath"="system32\DRIVERS\usb8023k.sys"
--
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ViaIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VolSnap]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VSS]
"ImagePath"="%SystemRoot%\System32\vssvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vToolbarUpdater11.2.0]
"ImagePath"="c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W32Time]
"ServiceDll"="c:\windows\system32\w32time.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W3SVC]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wdf01000]
"ImagePath"="System32\Drivers\wdf01000.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WDICA]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wdmaud]
"ImagePath"="system32\drivers\wdmaud.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Winsock]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinSock2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinTrust]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmdmPmSN]
"ServiceDll"="c:\windows\system32\mspmsnsv.dll"
--
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wmi]
"ServiceDll"="%SystemRoot%\System32\advapi32.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApRpl]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApSrv]
"ImagePath"="c:\windows\system32\wbem\wmiapsrv.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WS2IFSL]
"ImagePath"="\SystemRoot\System32\drivers\ws2ifsl.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WSTCODEC]
"ImagePath"="system32\DRIVERS\WSTCODEC.SYS"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wuauserv]
"ServiceDll"="c:\windows\system32\wuauserv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WZCSVC]
"ServiceDll"="%SystemRoot%\System32\wzcsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xmlprov]
"ServiceDll"="%SystemRoot%\System32\xmlprov.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{07171AC2-0D2A-427d-BCE5-B6C2D6C7058B}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{3535683E-9A55-47C0-8AA6-DC07B3CAF13C}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{3F82311E-7F4D-4324-9415-7CE3491DCA1A}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{4265C097-5C32-4770-8CA8-A1BD8B46C4ED}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{C994163F-38A7-4A53-A9FC-FBCB5CC817B7}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{D6A0B452-F621-4E59-8559-E9EA68743542}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FC53160E-1E2B-4A36-8711-79D090D44C1B}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FCA19A71-CC33-4D7E-9D45-6E6FABF83A52}]
.
Completion time: 2012-08-20 17:38:07
ComboFix-quarantined-files.txt 2012-08-20 15:38
.
Pre-Run: 1 231 491 072 bytes free
Post-Run: 1 214 480 384 voľných bajtov
.
- - End Of File - - 8640BD1B5CD908D89BBF5BFDF7EA9DBD
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.1014.570 [GMT 2:00]
Running from: c:\documents and settings\-uba\Desktop\ComboFix.exe
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\system32\Cache
c:\windows\system32\Cache\02c9ce2a17ffa806.fb
c:\windows\system32\Cache\270c31f01aa83dd8.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\5dc9edb112b6fb83.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\9c94f18cd8110271.fb
c:\windows\system32\Cache\a2e1db1caa7ff85f.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\cf286427a617be01.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\MUI\041b\tourstart.exe
D:\AUTORUN.INF
.
.
((((((((((((((((((((((((( Files Created from 2012-07-20 to 2012-08-20 )))))))))))))))))))))))))))))))
.
.
2012-08-20 15:34 . 2004-08-03 22:56 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2012-08-20 13:52 . 2012-08-20 13:52 -------- d-----w- c:\documents and settings\Ľuba\Application Data\Malwarebytes
2012-08-20 13:52 . 2012-08-20 13:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-08-20 13:52 . 2012-08-20 13:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-20 13:52 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-04 09:29 . 2012-08-04 10:06 -------- d-----w- c:\program files\VS Revo Group
2012-07-29 12:27 . 2012-07-29 12:27 -------- d-----w- c:\documents and settings\Ľuba\Application Data\Goodsol
2012-07-29 12:26 . 2000-05-22 13:58 244416 ----a-w- c:\windows\system32\msflxgrd.ocx
2012-07-29 12:26 . 2000-05-22 13:58 140488 ----a-w- c:\windows\system32\comdlg32.ocx
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 16:46 . 2012-06-07 20:09 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-15 16:46 . 2011-11-25 17:19 70344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-28 13:50 . 2011-05-03 09:42 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys
2012-04-21 01:18 . 2012-05-23 17:55 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-07-09 21:59 2074208 ----a-w- c:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-09 2074208]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Wireless Utility.lnk - c:\program files\EDIMAX\Common\RaUI.exe [2011-5-3 1642496]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Wireless Utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Wireless Utility.lnk
backup=c:\windows\pss\Wireless Utility.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
2012-03-06 23:15 4241512 ----a-w- c:\program files\AVAST Software\Avast\AvastUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVFX Engine]
2006-06-08 23:11 24576 ------w- c:\program files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-03 22:56 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-03 16:06 1848648 -c--a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-10 16:20 689488 -c--a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-03 22:56 15360 -c--a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-04-14 18:28 136176 ----atw- c:\documents and settings\Ľuba\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-03 23:06 1667584 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 12:02 254696 -c--a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
2011-12-05 11:42 114992 -c--a-r- c:\program files\SweetIM\Messenger\SweetIM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"avast! Antivirus"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SightSpeed\\SightSpeed.exe"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\Documents and Settings\\Ľuba\\My Documents\\Downloads\\SweetImSetup.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
"c:\\Documents and Settings\\Ľuba\\My Documents\\Downloads\\SweetIMSetup (2).exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19.4.2012 4:50 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [11.7.2011 1:13 31952]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.4.2011 22:05 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.4.2011 22:05 337880]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [11.7.2011 1:13 235216]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11.7.2011 1:14 301248]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.4.2011 22:05 20696]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [4.7.2012 17:25 5160568]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14.2.2012 4:53 193288]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [20.8.2012 15:52 655944]
R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [23.12.2011 13:22 19072]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [9.7.2012 23:59 935008]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23.12.2011 13:32 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23.12.2011 13:32 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23.12.2011 13:32 17232]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [20.8.2012 15:52 22344]
S2 Ca1528av;SPCA1528 Video Camera Service;c:\windows\system32\drivers\Ca1528av.sys [20.5.2012 7:40 516480]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [7.6.2012 22:09 250056]
S3 Bulk1528;SPCA1528 Still Camera Service;c:\windows\system32\drivers\Bulk1528.sys [20.5.2012 7:40 14080]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys --> c:\windows\system32\DRIVERS\ew_hwusbdev.sys [?]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys --> c:\windows\system32\DRIVERS\ew_jubusenum.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [23.5.2012 19:55 129976]
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-07 16:46]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.sweetim.com/?crg=2.03001.10 ... =12&barid={87460D7A-3BAF-11E1-8EE5-001F1FE318CE}
uSearch Page =
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com/?crg=2.03001.10 ... =12&barid={87460D7A-3BAF-11E1-8EE5-001F1FE318CE}
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant =
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\Ľuba\Application Data\Mozilla\Firefox\Profiles\uak0jerg.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8 ... &ilc=12&p=
FF - prefs.js: browser.startup.homepage - hxxp://home.sweetim.com/?crg=2.03001.10 ... =12&barid={87460D7A-3BAF-11E1-8EE5-001F1FE318CE}
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
MSConfigStartUp-Creative Live! Cam Manager - c:\program files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
MSConfigStartUp-SearchSettings - c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
MSConfigStartUp-V0250Mon - c:\windows\V0250Mon.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-20 17:35
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Data]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Networking]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET Data Provider for Oracle]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET Data Provider for SqlServer]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NETFramework]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aavmker4]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Abiosdsk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\abp480n5]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACDaemon]
"ImagePath"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPI]
"ImagePath"="system32\DRIVERS\ACPI.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPIEC]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AdobeFlashPlayerUpdateSvc]
"ImagePath"="c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\adpu160m]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aec]
"ImagePath"="system32\drivers\aec.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AegisP]
"ImagePath"="system32\DRIVERS\AegisP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Afc]
"ImagePath"="system32\drivers\Afc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AFD]
"ImagePath"="\SystemRoot\System32\drivers\afd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aha154x]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78u2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78xx]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Alerter]
"ServiceDll"="%SystemRoot%\system32\alrsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AliIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\amsint]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3350p]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3550]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET_2.0.50727]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aspnet_state]
"ImagePath"="%SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswFsBlk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMon2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswRdr]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSnx]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\atapi]
"ImagePath"="system32\DRIVERS\atapi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atdisk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atmarpc]
"ImagePath"="system32\DRIVERS\atmarpc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\audstub]
"ImagePath"="system32\DRIVERS\audstub.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\avast! Antivirus]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avg]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSAgent]
"ImagePath"="\"c:\program files\AVG\AVG2012\AVGIDSAgent.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSDriver]
"ImagePath"="system32\DRIVERS\avgidsdriverx.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSFilter]
"ImagePath"="system32\DRIVERS\avgidsfilterx.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSHX]
"ImagePath"="system32\DRIVERS\avgidshx.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSShim]
"ImagePath"="system32\DRIVERS\avgidsshimx.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avgldx86]
"ImagePath"="system32\DRIVERS\avgldx86.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avgmfx86]
"ImagePath"="system32\DRIVERS\avgmfx86.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avgrkx86]
"ImagePath"="system32\DRIVERS\avgrkx86.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avgtdix]
"ImagePath"="system32\DRIVERS\avgtdix.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\avgwd]
"ImagePath"="\"c:\program files\AVG\AVG2012\avgwdsvc.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BattC]
"MofImagePath"="System32\Drivers\battc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BITS]
"ServiceDll"="c:\windows\system32\qmgr.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BthEnum]
"ImagePath"="system32\DRIVERS\BthEnum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BthPan]
"ImagePath"="system32\DRIVERS\bthpan.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BTHPORT]
"ImagePath"="System32\Drivers\BTHport.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BthServ]
"ServiceDll"="%SystemRoot%\System32\bthserv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BTHUSB]
"ImagePath"="System32\Drivers\BTHUSB.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Bulk1528]
"ImagePath"="System32\Drivers\Bulk1528.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ca1528av]
"ImagePath"="System32\Drivers\Ca1528av.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme]
"ImagePath"="\??\c:\docume~1\UBA~1\LOCALS~1\Temp\catchme.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cbidf2k]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CCDECODE]
"ImagePath"="system32\DRIVERS\CCDECODE.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cd20xrnt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdaudio]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Changer]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CiSvc]
"ImagePath"="%SystemRoot%\system32\cisvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ClipSrv]
"ImagePath"="%SystemRoot%\system32\clipsrv.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\clr_optimization_v2.0.50727_32]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentFilter]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentIndex]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cpqarray]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\System32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac2w2k]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac960nt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dhcp]
"ServiceDll"="%SystemRoot%\System32\dhcpcsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Disk]
"ImagePath"="system32\DRIVERS\disk.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmadmin]
"ImagePath"="%SystemRoot%\System32\dmadmin.exe /com"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmboot]
"ImagePath"="System32\drivers\dmboot.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmio]
"ImagePath"="System32\drivers\dmio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmload]
"ImagePath"="System32\drivers\dmload.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmserver]
"ServiceDll"="%SystemRoot%\System32\dmserver.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DMusic]
"ImagePath"="system32\drivers\DMusic.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dpti2o]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ERSvc]
"ServiceDll"="%SystemRoot%\System32\ersvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog]
"ImagePath"="%SystemRoot%\system32\services.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EventSystem]
"ServiceDll"="c:\windows\system32\es.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ewusbnet]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ew_hwusbdev]
"ImagePath"="system32\DRIVERS\ew_hwusbdev.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fastfat]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FastUserSwitchingCompatibility]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fdc]
"ImagePath"="system32\DRIVERS\fdc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fips]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Flpydisk]
"ImagePath"="system32\DRIVERS\flpydisk.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FltMgr]
"ImagePath"="system32\DRIVERS\fltMgr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fs_Rec]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ftdisk]
"ImagePath"="system32\DRIVERS\ftdisk.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Gpc]
"ImagePath"="system32\DRIVERS\msgpc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\helpsvc]
"ServiceDll"="%SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HidServ]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hpn]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTP]
"ImagePath"="System32\Drivers\HTTP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTPFilter]
"ServiceDll"="%SystemRoot%\System32\w3ssl.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\huawei_enumerator]
"ImagePath"="system32\DRIVERS\ew_jubusenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\huawei_update]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hwdatacard]
"ImagePath"="system32\DRIVERS\ewusbmdm.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hwusbdev]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omgmt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omp]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ialm]
"ImagePath"="system32\DRIVERS\igxpmp32.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Imapi]
"ImagePath"="system32\DRIVERS\imapi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ImapiService]
"ImagePath"="%systemroot%\system32\imapi.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\inetaccs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ini910u]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Inport]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IntcAzAudAddService]
"ImagePath"="system32\drivers\RtkHDAud.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IntelIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\intelppm]
"ImagePath"="system32\DRIVERS\intelppm.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ip6Fw]
"ImagePath"="system32\DRIVERS\Ip6Fw.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpInIp]
"ImagePath"="system32\DRIVERS\ipinip.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpNat]
"ImagePath"="system32\DRIVERS\ipnat.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IPSec]
"ImagePath"="system32\DRIVERS\ipsec.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\irda]
"ImagePath"="system32\DRIVERS\irda.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IRENUM]
"ImagePath"="system32\DRIVERS\irenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Irmon]
"ServiceDll"="%SystemRoot%\System32\irmon.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\irsir]
"ImagePath"="system32\DRIVERS\irsir.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ISAPISearch]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\isapnp]
"ImagePath"="system32\DRIVERS\isapnp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\JavaQuickStarterService]
"ImagePath"="\"c:\program files\Java\jre6\bin\jqs.exe\" -service -config \"c:\program files\Java\jre6\lib\deploy\jqs\jqs.conf\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kbdhid]
"ImagePath"="system32\DRIVERS\kbdhid.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kmixer]
"ImagePath"="system32\drivers\kmixer.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KSecDD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanserver]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanworkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lbrtfdc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ldap]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LicenseService]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LmHosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MBAMProtector]
"ImagePath"="\??\c:\windows\system32\drivers\mbam.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MBAMService]
"ImagePath"="\"c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Messenger]
"ServiceDll"="%SystemRoot%\System32\msgsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmdd]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmsrvc]
"ImagePath"="c:\windows\system32\mnmsrvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Modem]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MountMgr]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MozillaMaintenance]
"ImagePath"="c:\program files\Mozilla Maintenance Service\maintenanceservice.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mraid35x]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxDAV]
"ImagePath"="system32\DRIVERS\mrxdav.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxSmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSDTC]
"ImagePath"="c:\windows\system32\msdtc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Msfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mup]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NABTSFEC]
"ImagePath"="system32\DRIVERS\NABTSFEC.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDIS]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisIP]
"ImagePath"="system32\DRIVERS\NdisIP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDProxy]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBT]
"ImagePath"="system32\DRIVERS\netbt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDE]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDEdsdm]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Nla]
"ServiceDll"="%SystemRoot%\System32\mswsock.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Npfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ntfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtLmSsp]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc]
"ServiceDll"="%SystemRoot%\system32\ntmssvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Null]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFlt]
"ImagePath"="system32\DRIVERS\nwlnkflt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFwd]
"ImagePath"="system32\DRIVERS\nwlnkfwd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ose]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Outlook]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Parport]
"ImagePath"="system32\DRIVERS\parport.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PartMgr]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ParVdm]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCI]
"ImagePath"="system32\DRIVERS\pci.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIDump]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIIde]
"ImagePath"="system32\DRIVERS\pciide.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Pcmcia]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDCOMP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDFRAME]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRELI]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRFRAME]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2hib]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfDisk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfNet]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfOS]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfProc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PlugPlay]
"ImagePath"="%SystemRoot%\system32\services.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PolicyAgent]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PSched]
"ImagePath"="system32\DRIVERS\psched.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ptilink]
"ImagePath"="system32\DRIVERS\ptilink.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1080]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ql10wnt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql12160]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1240]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1280]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RalinkRegistryWriter]
"ImagePath"="c:\program files\EDIMAX\Common\RalinkRegistryWriter.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAcd]
"ImagePath"="system32\DRIVERS\rasacd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rasirda]
"ImagePath"="system32\DRIVERS\rasirda.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Raspti]
"ImagePath"="system32\DRIVERS\raspti.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPDD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rdpdr]
"ImagePath"="system32\DRIVERS\rdpdr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPNP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPWD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDSessMgr]
"ImagePath"="c:\windows\system32\sessmgr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\redbook]
"ImagePath"="system32\DRIVERS\redbook.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RemoteAccess]
"ServiceDll"="%SystemRoot%\System32\mprdim.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RFCOMM]
"ImagePath"="system32\DRIVERS\rfcomm.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcSs]
"ServiceDll"="%SystemRoot%\System32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RSVP]
"ImagePath"="%SystemRoot%\system32\rsvp.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rt2870]
"ImagePath"="system32\DRIVERS\rt2870.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RTLE8023xp]
"ImagePath"="system32\DRIVERS\Rtenicxp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCardSvr]
"ImagePath"="%SystemRoot%\System32\SCardSvr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Schedule]
"ServiceDll"="%SystemRoot%\system32\schedsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Scutum50]
"ImagePath"="System32\Drivers\Scutum50.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Secdrv]
"ImagePath"="system32\DRIVERS\secdrv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\seclogon]
"ServiceDll"="%SystemRoot%\System32\seclogon.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SENS]
"ServiceDll"="%SystemRoot%\System32\sens.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\serenum]
"ImagePath"="system32\DRIVERS\serenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Serial]
"ImagePath"="system32\DRIVERS\serial.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sfloppy]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Simbad]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SLIP]
"ImagePath"="system32\DRIVERS\SLIP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sparrow]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\splitter]
"ImagePath"="system32\drivers\splitter.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Spooler]
"ImagePath"="%SystemRoot%\system32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sr]
"ImagePath"="system32\DRIVERS\sr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\srservice]
"ServiceDll"="c:\windows\system32\srsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Srv]
"ImagePath"="system32\DRIVERS\srv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\stisvc]
"ServiceDll"="%SystemRoot%\system32\wiaservc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\streamip]
"ImagePath"="system32\DRIVERS\StreamIP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swmidi]
"ImagePath"="system32\drivers\swmidi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SwPrv]
"ImagePath"="c:\windows\system32\dllhost.exe /Processid:{E2FDC6AB-7DAB-4F4D-AC54-06054DE5B184}"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc810]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc8xx]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_hi]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_u3]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sysaudio]
"ImagePath"="system32\drivers\sysaudio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SysmonLog]
"ImagePath"="%SystemRoot%\system32\smlogsvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip]
"ImagePath"="system32\DRIVERS\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDPIPE]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDTCP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Themes]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TlntSvr]
"ImagePath"="c:\windows\system32\tlntsvr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TosIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TrkWks]
"ServiceDll"="%SystemRoot%\system32\trkwks.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSDDD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Udfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ultra]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Update]
"ImagePath"="system32\DRIVERS\update.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UPS]
"ImagePath"="%SystemRoot%\System32\ups.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\USBSTOR]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbuhci]
"ImagePath"="system32\DRIVERS\usbuhci.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\USB_RNDIS]
"ImagePath"="system32\DRIVERS\usb8023k.sys"
--
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ViaIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VolSnap]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VSS]
"ImagePath"="%SystemRoot%\System32\vssvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vToolbarUpdater11.2.0]
"ImagePath"="c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W32Time]
"ServiceDll"="c:\windows\system32\w32time.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W3SVC]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wdf01000]
"ImagePath"="System32\Drivers\wdf01000.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WDICA]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wdmaud]
"ImagePath"="system32\drivers\wdmaud.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Winsock]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinSock2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinTrust]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmdmPmSN]
"ServiceDll"="c:\windows\system32\mspmsnsv.dll"
--
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wmi]
"ServiceDll"="%SystemRoot%\System32\advapi32.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApRpl]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApSrv]
"ImagePath"="c:\windows\system32\wbem\wmiapsrv.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WS2IFSL]
"ImagePath"="\SystemRoot\System32\drivers\ws2ifsl.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WSTCODEC]
"ImagePath"="system32\DRIVERS\WSTCODEC.SYS"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wuauserv]
"ServiceDll"="c:\windows\system32\wuauserv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WZCSVC]
"ServiceDll"="%SystemRoot%\System32\wzcsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xmlprov]
"ServiceDll"="%SystemRoot%\System32\xmlprov.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{07171AC2-0D2A-427d-BCE5-B6C2D6C7058B}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{3535683E-9A55-47C0-8AA6-DC07B3CAF13C}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{3F82311E-7F4D-4324-9415-7CE3491DCA1A}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{4265C097-5C32-4770-8CA8-A1BD8B46C4ED}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{C994163F-38A7-4A53-A9FC-FBCB5CC817B7}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{D6A0B452-F621-4E59-8559-E9EA68743542}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FC53160E-1E2B-4A36-8711-79D090D44C1B}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FCA19A71-CC33-4D7E-9D45-6E6FABF83A52}]
.
Completion time: 2012-08-20 17:38:07
ComboFix-quarantined-files.txt 2012-08-20 15:38
.
Pre-Run: 1 231 491 072 bytes free
Post-Run: 1 214 480 384 voľných bajtov
.
- - End Of File - - 8640BD1B5CD908D89BBF5BFDF7EA9DBD
Re: prosim o kontrolu logu
20:00:50.0750 1856 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
20:00:51.0000 1856 ============================================================
20:00:51.0000 1856 Current date / time: 2012/08/20 20:00:51.0000
20:00:51.0000 1856 SystemInfo:
20:00:51.0000 1856
20:00:51.0000 1856 OS Version: 5.1.2600 ServicePack: 2.0
20:00:51.0000 1856 Product type: Workstation
20:00:51.0000 1856 ComputerName: LUBA
20:00:51.0015 1856 UserName: Ľuba
20:00:51.0015 1856 Windows directory: C:\WINDOWS
20:00:51.0015 1856 System windows directory: C:\WINDOWS
20:00:51.0015 1856 Processor architecture: Intel x86
20:00:51.0015 1856 Number of processors: 2
20:00:51.0015 1856 Page size: 0x1000
20:00:51.0015 1856 Boot type: Normal boot
20:00:51.0015 1856 ============================================================
20:00:54.0234 1856 Drive \Device\Harddisk0\DR0 - Size: 0x4DA9EA000 (19.42 Gb), SectorSize: 0x200, Cylinders: 0x9E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:00:54.0234 1856 Drive \Device\Harddisk1\DR1 - Size: 0xDF8475800 (55.88 Gb), SectorSize: 0x200, Cylinders: 0x1C7E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:00:54.0234 1856 ============================================================
20:00:54.0234 1856 \Device\Harddisk0\DR0:
20:00:54.0234 1856 MBR partitions:
20:00:54.0234 1856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x26CEB66
20:00:54.0234 1856 \Device\Harddisk1\DR1:
20:00:54.0234 1856 MBR partitions:
20:00:54.0250 1856 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x6FBBFFE
20:00:54.0250 1856 ============================================================
20:00:54.0265 1856 D: <-> \Device\Harddisk1\DR1\Partition1
20:00:54.0296 1856 C: <-> \Device\Harddisk0\DR0\Partition1
20:00:54.0296 1856 ============================================================
20:00:54.0296 1856 Initialize success
20:00:54.0296 1856 ============================================================
20:00:59.0093 1860 ============================================================
20:00:59.0093 1860 Scan started
20:00:59.0093 1860 Mode: Manual;
20:00:59.0093 1860 ============================================================
20:01:00.0921 1860 ================ Scan system memory ========================
20:01:00.0921 1860 System memory - ok
20:01:00.0921 1860 ================ Scan services =============================
20:01:01.0015 1860 Abiosdsk - ok
20:01:01.0015 1860 abp480n5 - ok
20:01:01.0187 1860 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:01:01.0187 1860 ACDaemon - ok
20:01:01.0250 1860 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:01:01.0250 1860 ACPI - ok
20:01:01.0296 1860 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:01:01.0312 1860 ACPIEC - ok
20:01:01.0406 1860 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:01:01.0406 1860 AdobeFlashPlayerUpdateSvc - ok
20:01:01.0421 1860 adpu160m - ok
20:01:01.0437 1860 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:01:01.0437 1860 aec - ok
20:01:01.0484 1860 [ 023867B6606FBABCDD52E089C4A507DA ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
20:01:01.0484 1860 AegisP - ok
20:01:01.0531 1860 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\WINDOWS\system32\drivers\Afc.sys
20:01:01.0562 1860 Afc - ok
20:01:01.0609 1860 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:01:01.0609 1860 AFD - ok
20:01:01.0609 1860 Aha154x - ok
20:01:01.0625 1860 aic78u2 - ok
20:01:01.0625 1860 aic78xx - ok
20:01:01.0671 1860 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:01:01.0671 1860 Alerter - ok
20:01:01.0718 1860 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
20:01:01.0718 1860 ALG - ok
20:01:01.0718 1860 AliIde - ok
20:01:01.0718 1860 amsint - ok
20:01:01.0765 1860 [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:01:01.0765 1860 AppMgmt - ok
20:01:01.0765 1860 asc - ok
20:01:01.0781 1860 asc3350p - ok
20:01:01.0781 1860 asc3550 - ok
20:01:01.0921 1860 [ D33C507942299753868204CC7642FA27 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:01:02.0000 1860 aspnet_state - ok
20:01:02.0046 1860 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:01:02.0046 1860 AsyncMac - ok
20:01:02.0062 1860 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:01:02.0062 1860 atapi - ok
20:01:02.0062 1860 Atdisk - ok
20:01:02.0109 1860 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:01:02.0109 1860 Atmarpc - ok
20:01:02.0140 1860 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:01:02.0140 1860 AudioSrv - ok
20:01:02.0187 1860 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:01:02.0187 1860 audstub - ok
20:01:02.0437 1860 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
20:01:02.0609 1860 AVGIDSAgent - ok
20:01:02.0656 1860 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
20:01:02.0671 1860 AVGIDSDriver - ok
20:01:02.0703 1860 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
20:01:02.0703 1860 AVGIDSFilter - ok
20:01:02.0718 1860 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
20:01:02.0718 1860 AVGIDSHX - ok
20:01:02.0781 1860 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
20:01:02.0781 1860 AVGIDSShim - ok
20:01:02.0843 1860 [ DDA6A2A18841E4C9172BB85958B8D948 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
20:01:02.0859 1860 Avgldx86 - ok
20:01:02.0906 1860 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
20:01:02.0906 1860 Avgmfx86 - ok
20:01:02.0906 1860 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
20:01:02.0906 1860 Avgrkx86 - ok
20:01:02.0937 1860 [ 1263F2554ACE925C237A40B4C568D815 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
20:01:02.0953 1860 Avgtdix - ok
20:01:02.0984 1860 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
20:01:03.0000 1860 avgwd - ok
20:01:03.0062 1860 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:01:03.0062 1860 Beep - ok
20:01:03.0109 1860 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\system32\qmgr.dll
20:01:03.0171 1860 BITS - ok
20:01:03.0218 1860 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
20:01:03.0218 1860 Browser - ok
20:01:03.0265 1860 [ D24B8D1784C68A25060FFFBE8ED34B76 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
20:01:03.0265 1860 BthEnum - ok
20:01:03.0296 1860 [ 10355270BE12641B9764235DA39DCF0F ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
20:01:03.0296 1860 BthPan - ok
20:01:03.0328 1860 [ 30B76EC553B202890E90A93A4E1A27B5 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
20:01:03.0343 1860 BTHPORT - ok
20:01:03.0375 1860 [ A18CC8C9B3890B1B68BED213716FEF6B ] BthServ C:\WINDOWS\System32\bthserv.dll
20:01:03.0375 1860 BthServ - ok
20:01:03.0406 1860 [ F06D4CB9918B462A84D9AC00027EFC30 ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
20:01:03.0406 1860 BTHUSB - ok
20:01:03.0468 1860 [ A775A7DC5F5D121E566F5F12B341E0EE ] Bulk1528 C:\WINDOWS\system32\Drivers\Bulk1528.sys
20:01:03.0781 1860 Bulk1528 - ok
20:01:03.0843 1860 [ 94BF1CD4CDF4B02BE835D78CA5104734 ] Ca1528av C:\WINDOWS\system32\Drivers\Ca1528av.sys
20:01:03.0906 1860 Ca1528av - ok
20:01:04.0062 1860 catchme - ok
20:01:04.0093 1860 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:01:04.0109 1860 cbidf2k - ok
20:01:04.0140 1860 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:01:04.0140 1860 CCDECODE - ok
20:01:04.0140 1860 cd20xrnt - ok
20:01:04.0171 1860 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:01:04.0171 1860 Cdaudio - ok
20:01:04.0234 1860 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:01:04.0234 1860 Cdfs - ok
20:01:04.0281 1860 [ 7B53584D94E9D8716B2DE91D5F1CB42D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:01:04.0390 1860 Cdrom - ok
20:01:04.0406 1860 Changer - ok
20:01:04.0453 1860 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:01:04.0453 1860 CiSvc - ok
20:01:04.0484 1860 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:01:04.0484 1860 ClipSrv - ok
20:01:04.0515 1860 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:01:04.0609 1860 clr_optimization_v2.0.50727_32 - ok
20:01:04.0609 1860 CmdIde - ok
20:01:04.0625 1860 COMSysApp - ok
20:01:04.0640 1860 Cpqarray - ok
20:01:04.0687 1860 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:01:04.0687 1860 CryptSvc - ok
20:01:04.0687 1860 dac2w2k - ok
20:01:04.0703 1860 dac960nt - ok
20:01:04.0734 1860 [ 5C83A4408604F737717AB96371201680 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:01:04.0796 1860 DcomLaunch - ok
20:01:04.0812 1860 [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:01:04.0828 1860 Dhcp - ok
20:01:04.0875 1860 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:01:04.0875 1860 Disk - ok
20:01:04.0890 1860 dmadmin - ok
20:01:04.0953 1860 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:01:04.0984 1860 dmboot - ok
20:01:05.0031 1860 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:01:05.0031 1860 dmio - ok
20:01:05.0078 1860 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:01:05.0078 1860 dmload - ok
20:01:05.0140 1860 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
20:01:05.0140 1860 dmserver - ok
20:01:05.0187 1860 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:01:05.0187 1860 DMusic - ok
20:01:05.0203 1860 [ 7379DE06FD196E396A00AA97B990C00D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:01:05.0203 1860 Dnscache - ok
20:01:05.0203 1860 dpti2o - ok
20:01:05.0265 1860 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:01:05.0265 1860 drmkaud - ok
20:01:05.0328 1860 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:01:05.0328 1860 ERSvc - ok
20:01:05.0390 1860 [ C6CE6EEC82F187615D1002BB3BB50ED4 ] Eventlog C:\WINDOWS\system32\services.exe
20:01:05.0390 1860 Eventlog - ok
20:01:05.0437 1860 [ ACD36A2DD7D1E9D8A060AA651DC07E63 ] EventSystem C:\WINDOWS\system32\es.dll
20:01:05.0453 1860 EventSystem - ok
20:01:05.0453 1860 ew_hwusbdev - ok
20:01:05.0484 1860 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:01:05.0484 1860 Fastfat - ok
20:01:05.0500 1860 [ E7518DC542D3EBDCB80EDD98462C7821 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:01:05.0500 1860 FastUserSwitchingCompatibility - ok
20:01:05.0531 1860 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:01:05.0531 1860 Fdc - ok
20:01:05.0578 1860 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:01:05.0578 1860 Fips - ok
20:01:05.0578 1860 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:01:05.0578 1860 Flpydisk - ok
20:01:05.0640 1860 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:01:05.0640 1860 FltMgr - ok
20:01:05.0656 1860 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:01:05.0656 1860 Fs_Rec - ok
20:01:05.0671 1860 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:01:05.0671 1860 Ftdisk - ok
20:01:05.0718 1860 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:01:05.0718 1860 Gpc - ok
20:01:05.0796 1860 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:01:05.0796 1860 HDAudBus - ok
20:01:05.0859 1860 helpsvc - ok
20:01:05.0859 1860 HidServ - ok
20:01:05.0921 1860 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:01:05.0921 1860 HidUsb - ok
20:01:05.0937 1860 hpn - ok
20:01:06.0000 1860 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:01:06.0015 1860 HTTP - ok
20:01:06.0062 1860 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:01:06.0062 1860 HTTPFilter - ok
20:01:06.0062 1860 huawei_enumerator - ok
20:01:06.0078 1860 hwdatacard - ok
20:01:06.0078 1860 i2omgmt - ok
20:01:06.0093 1860 i2omp - ok
20:01:06.0125 1860 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:01:06.0125 1860 i8042prt - ok
20:01:06.0390 1860 [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
20:01:06.0578 1860 ialm - ok
20:01:06.0625 1860 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:01:06.0625 1860 Imapi - ok
20:01:06.0687 1860 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:01:06.0703 1860 ImapiService - ok
20:01:06.0703 1860 ini910u - ok
20:01:06.0875 1860 [ 811B31E0E0AC7BE484EFBFFC42AFCBBE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:01:07.0046 1860 IntcAzAudAddService - ok
20:01:07.0046 1860 IntelIde - ok
20:01:07.0093 1860 [ 279FB78702454DFF2BB445F238C048D2 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:01:07.0093 1860 intelppm - ok
20:01:07.0125 1860 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:01:07.0125 1860 Ip6Fw - ok
20:01:07.0171 1860 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:01:07.0171 1860 IpFilterDriver - ok
20:01:07.0187 1860 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:01:07.0187 1860 IpInIp - ok
20:01:07.0265 1860 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:01:07.0265 1860 IpNat - ok
20:01:07.0281 1860 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:01:07.0281 1860 IPSec - ok
20:01:07.0328 1860 [ 86C204836FEEC22510D434982D4221B8 ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
20:01:07.0328 1860 irda - ok
20:01:07.0390 1860 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:01:07.0390 1860 IRENUM - ok
20:01:07.0406 1860 [ A02512C315C84F475BD89F847048B27B ] Irmon C:\WINDOWS\System32\irmon.dll
20:01:07.0406 1860 Irmon - ok
20:01:07.0453 1860 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
20:01:07.0468 1860 irsir - ok
20:01:07.0468 1860 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:01:07.0484 1860 isapnp - ok
20:01:07.0625 1860 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
20:01:07.0625 1860 JavaQuickStarterService - ok
20:01:07.0671 1860 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:01:07.0671 1860 Kbdclass - ok
20:01:07.0734 1860 [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:01:07.0734 1860 kbdhid - ok
20:01:07.0750 1860 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:01:07.0750 1860 kmixer - ok
20:01:07.0812 1860 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:01:07.0828 1860 KSecDD - ok
20:01:07.0875 1860 [ 93D32468D34E000CB3407947D1D6E22A ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:01:07.0875 1860 lanmanserver - ok
20:01:07.0937 1860 [ 2C0A7B2AE9C26F2C163627679B42783C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:01:07.0937 1860 lanmanworkstation - ok
20:01:07.0953 1860 lbrtfdc - ok
20:01:08.0000 1860 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:01:08.0000 1860 LmHosts - ok
20:01:08.0062 1860 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
20:01:08.0062 1860 MBAMProtector - ok
20:01:08.0187 1860 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:01:08.0203 1860 MBAMService - ok
20:01:08.0234 1860 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:01:08.0234 1860 Messenger - ok
20:01:08.0281 1860 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:01:08.0281 1860 mnmdd - ok
20:01:08.0328 1860 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:01:08.0343 1860 mnmsrvc - ok
20:01:08.0375 1860 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:01:08.0390 1860 Modem - ok
20:01:08.0406 1860 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:01:08.0406 1860 Mouclass - ok
20:01:08.0421 1860 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:01:08.0421 1860 MountMgr - ok
20:01:08.0468 1860 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:01:08.0531 1860 MozillaMaintenance - ok
20:01:08.0531 1860 mraid35x - ok
20:01:08.0562 1860 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:01:08.0562 1860 MRxDAV - ok
20:01:08.0625 1860 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:01:08.0656 1860 MRxSmb - ok
20:01:08.0687 1860 [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:01:08.0703 1860 MSDTC - ok
20:01:08.0718 1860 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:01:08.0718 1860 Msfs - ok
20:01:08.0781 1860 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:01:08.0781 1860 MSKSSRV - ok
20:01:08.0781 1860 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:01:08.0781 1860 MSPCLOCK - ok
20:01:08.0828 1860 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:01:08.0828 1860 MSPQM - ok
20:01:08.0875 1860 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:01:08.0875 1860 mssmbios - ok
20:01:08.0921 1860 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:01:08.0921 1860 MSTEE - ok
20:01:08.0968 1860 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:01:08.0968 1860 Mup - ok
20:01:09.0031 1860 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:01:09.0031 1860 NABTSFEC - ok
20:01:09.0046 1860 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:01:09.0046 1860 NDIS - ok
20:01:09.0078 1860 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:01:09.0078 1860 NdisIP - ok
20:01:09.0125 1860 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:01:09.0125 1860 NdisTapi - ok
20:01:09.0171 1860 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:01:09.0171 1860 Ndisuio - ok
20:01:09.0218 1860 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:01:09.0218 1860 NdisWan - ok
20:01:09.0218 1860 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:01:09.0218 1860 NDProxy - ok
20:01:09.0250 1860 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:01:09.0250 1860 NetBIOS - ok
20:01:09.0265 1860 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:01:09.0265 1860 NetBT - ok
20:01:09.0312 1860 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
20:01:09.0312 1860 NetDDE - ok
20:01:09.0328 1860 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:01:09.0328 1860 NetDDEdsdm - ok
20:01:09.0359 1860 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:01:09.0359 1860 Netlogon - ok
20:01:09.0421 1860 [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman C:\WINDOWS\System32\netman.dll
20:01:09.0421 1860 Netman - ok
20:01:09.0468 1860 [ 4E74AF063C3271FBEA20DD940CFD1184 ] Nla C:\WINDOWS\System32\mswsock.dll
20:01:09.0468 1860 Nla - ok
20:01:09.0515 1860 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:01:09.0515 1860 Npfs - ok
20:01:09.0593 1860 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:01:09.0656 1860 Ntfs - ok
20:01:09.0671 1860 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:01:09.0671 1860 NtLmSsp - ok
20:01:09.0718 1860 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:01:09.0734 1860 NtmsSvc - ok
20:01:09.0765 1860 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:01:09.0781 1860 Null - ok
20:01:09.0828 1860 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:01:09.0828 1860 NwlnkFlt - ok
20:01:09.0875 1860 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:01:09.0875 1860 NwlnkFwd - ok
20:01:09.0968 1860 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:01:10.0000 1860 ose - ok
20:01:10.0046 1860 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:01:10.0046 1860 Parport - ok
20:01:10.0093 1860 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:01:10.0093 1860 PartMgr - ok
20:01:10.0140 1860 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:01:10.0156 1860 ParVdm - ok
20:01:10.0203 1860 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:01:10.0203 1860 PCI - ok
20:01:10.0203 1860 PCIDump - ok
20:01:10.0250 1860 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:01:10.0250 1860 PCIIde - ok
20:01:10.0296 1860 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:01:10.0296 1860 Pcmcia - ok
20:01:10.0296 1860 PDCOMP - ok
20:01:10.0312 1860 PDFRAME - ok
20:01:10.0312 1860 PDRELI - ok
20:01:10.0328 1860 PDRFRAME - ok
20:01:10.0328 1860 perc2 - ok
20:01:10.0343 1860 perc2hib - ok
20:01:10.0390 1860 [ C6CE6EEC82F187615D1002BB3BB50ED4 ] PlugPlay C:\WINDOWS\system32\services.exe
20:01:10.0390 1860 PlugPlay - ok
20:01:10.0406 1860 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:01:10.0406 1860 PolicyAgent - ok
20:01:10.0421 1860 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:01:10.0421 1860 PptpMiniport - ok
20:01:10.0437 1860 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:01:10.0437 1860 ProtectedStorage - ok
20:01:10.0453 1860 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:01:10.0453 1860 PSched - ok
20:01:10.0468 1860 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:01:10.0468 1860 Ptilink - ok
20:01:10.0468 1860 ql1080 - ok
20:01:10.0484 1860 Ql10wnt - ok
20:01:10.0484 1860 ql12160 - ok
20:01:10.0500 1860 ql1240 - ok
20:01:10.0500 1860 ql1280 - ok
20:01:10.0609 1860 [ 432F5B15E21A54B48072593F03570326 ] RalinkRegistryWriter C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
20:01:10.0609 1860 RalinkRegistryWriter - ok
20:01:10.0625 1860 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:01:10.0625 1860 RasAcd - ok
20:01:10.0671 1860 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:01:10.0671 1860 RasAuto - ok
20:01:10.0718 1860 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
20:01:10.0718 1860 Rasirda - ok
20:01:10.0734 1860 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:01:10.0734 1860 Rasl2tp - ok
20:01:10.0796 1860 [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:01:10.0796 1860 RasMan - ok
20:01:10.0828 1860 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:01:10.0828 1860 RasPppoe - ok
20:01:10.0843 1860 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:01:10.0843 1860 Raspti - ok
20:01:10.0890 1860 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:01:10.0906 1860 Rdbss - ok
20:01:10.0953 1860 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:01:10.0953 1860 RDPCDD - ok
20:01:11.0015 1860 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:01:11.0015 1860 rdpdr - ok
20:01:11.0062 1860 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:01:11.0078 1860 RDPWD - ok
20:01:11.0109 1860 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:01:11.0109 1860 RDSessMgr - ok
20:01:11.0156 1860 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:01:11.0171 1860 redbook - ok
20:01:11.0218 1860 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:01:11.0218 1860 RemoteAccess - ok
20:01:11.0265 1860 [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:01:11.0265 1860 RemoteRegistry - ok
20:01:11.0312 1860 [ 99C4B74981A1413F142A3903130088CB ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
20:01:11.0312 1860 RFCOMM - ok
20:01:11.0359 1860 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
20:01:11.0359 1860 RpcLocator - ok
20:01:11.0390 1860 [ 5C83A4408604F737717AB96371201680 ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:01:11.0406 1860 RpcSs - ok
20:01:11.0453 1860 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:01:11.0453 1860 RSVP - ok
20:01:11.0515 1860 [ 5532F69D0A845FFE9D70B9E0392FE50A ] rt2870 C:\WINDOWS\system32\DRIVERS\rt2870.sys
20:01:11.0578 1860 rt2870 - ok
20:01:11.0625 1860 [ BADABE0940C01619E8510B90FB314929 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
20:01:11.0703 1860 RTLE8023xp - ok
20:01:11.0718 1860 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
20:01:11.0718 1860 SamSs - ok
20:01:11.0750 1860 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:01:11.0765 1860 SCardSvr - ok
20:01:11.0828 1860 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:01:11.0843 1860 Schedule - ok
20:01:11.0890 1860 [ F34C06D1C706A6D9433570B087A18B02 ] Scutum50 C:\WINDOWS\system32\Drivers\Scutum50.sys
20:01:11.0890 1860 Scutum50 - ok
20:01:11.0937 1860 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:01:11.0937 1860 Secdrv - ok
20:01:11.0984 1860 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
20:01:11.0984 1860 seclogon - ok
20:01:12.0015 1860 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
20:01:12.0015 1860 SENS - ok
20:01:12.0031 1860 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:01:12.0031 1860 serenum - ok
20:01:12.0046 1860 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:01:12.0046 1860 Serial - ok
20:01:12.0046 1860 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:01:12.0046 1860 Sfloppy - ok
20:01:12.0078 1860 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:01:12.0109 1860 SharedAccess - ok
20:01:12.0140 1860 [ E7518DC542D3EBDCB80EDD98462C7821 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:01:12.0140 1860 ShellHWDetection - ok
20:01:12.0140 1860 Simbad - ok
20:01:12.0187 1860 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:01:12.0187 1860 SLIP - ok
20:01:12.0187 1860 Sparrow - ok
20:01:12.0250 1860 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:01:12.0265 1860 splitter - ok
20:01:12.0281 1860 [ 7435B108B935E42EA92CA94F59C8E717 ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:01:12.0296 1860 Spooler - ok
20:01:12.0359 1860 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:01:12.0359 1860 sr - ok
20:01:12.0390 1860 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\system32\srsvc.dll
20:01:12.0390 1860 srservice - ok
20:01:12.0421 1860 [ 20B7E396720353E4117D64D9DCB926CA ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:01:12.0453 1860 Srv - ok
20:01:12.0500 1860 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:01:12.0515 1860 SSDPSRV - ok
20:01:12.0593 1860 [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:01:12.0625 1860 stisvc - ok
20:01:12.0671 1860 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:01:12.0671 1860 streamip - ok
20:01:12.0703 1860 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:01:12.0703 1860 swenum - ok
20:01:12.0718 1860 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:01:12.0718 1860 swmidi - ok
20:01:12.0718 1860 SwPrv - ok
20:01:12.0734 1860 symc810 - ok
20:01:12.0734 1860 symc8xx - ok
20:01:12.0750 1860 sym_hi - ok
20:01:12.0750 1860 sym_u3 - ok
20:01:12.0781 1860 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:01:12.0796 1860 sysaudio - ok
20:01:12.0843 1860 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:01:12.0859 1860 SysmonLog - ok
20:01:12.0921 1860 [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:01:12.0921 1860 TapiSrv - ok
20:01:12.0968 1860 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:01:13.0000 1860 Tcpip - ok
20:01:13.0015 1860 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:01:13.0031 1860 TDPIPE - ok
20:01:13.0062 1860 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:01:13.0062 1860 TDTCP - ok
20:01:13.0093 1860 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:01:13.0093 1860 TermDD - ok
20:01:13.0171 1860 [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService C:\WINDOWS\System32\termsrv.dll
20:01:13.0171 1860 TermService - ok
20:01:13.0203 1860 [ E7518DC542D3EBDCB80EDD98462C7821 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:01:13.0203 1860 Themes - ok
20:01:13.0250 1860 [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:01:13.0250 1860 TlntSvr - ok
20:01:13.0265 1860 TosIde - ok
20:01:13.0281 1860 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:01:13.0296 1860 TrkWks - ok
20:01:13.0328 1860 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:01:13.0328 1860 Udfs - ok
20:01:13.0328 1860 ultra - ok
20:01:13.0375 1860 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:01:13.0390 1860 Update - ok
20:01:13.0421 1860 [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost C:\WINDOWS\System32\upnphost.dll
20:01:13.0421 1860 upnphost - ok
20:01:13.0437 1860 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
20:01:13.0437 1860 UPS - ok
20:01:13.0484 1860 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:01:13.0484 1860 usbccgp - ok
20:01:13.0531 1860 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:01:13.0531 1860 usbehci - ok
20:01:13.0546 1860 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:01:13.0546 1860 usbhub - ok
20:01:13.0578 1860 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:01:13.0578 1860 usbprint - ok
20:01:13.0609 1860 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:01:13.0609 1860 usbscan - ok
20:01:13.0656 1860 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:01:13.0656 1860 USBSTOR - ok
20:01:13.0671 1860 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:01:13.0671 1860 usbuhci - ok
20:01:13.0718 1860 [ F39039D5C96C1D3AC2A637A659DBF282 ] USB_RNDIS C:\WINDOWS\system32\DRIVERS\usb8023k.sys
20:01:13.0984 1860 USB_RNDIS - ok
20:01:14.0015 1860 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:01:14.0031 1860 VgaSave - ok
20:01:14.0031 1860 ViaIde - ok
20:01:14.0078 1860 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:01:14.0078 1860 VolSnap - ok
20:01:14.0125 1860 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
20:01:14.0140 1860 VSS - ok
20:01:14.0250 1860 [ 8ED347BAD8D1FB7C40B593BFB01786D2 ] vToolbarUpdater11.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
20:01:14.0296 1860 vToolbarUpdater11.2.0 - ok
20:01:14.0359 1860 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
20:01:14.0359 1860 W32Time - ok
20:01:14.0406 1860 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:01:14.0406 1860 Wanarp - ok
20:01:14.0484 1860 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
20:01:14.0562 1860 Wdf01000 - ok
20:01:14.0562 1860 WDICA - ok
20:01:14.0609 1860 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:01:14.0625 1860 wdmaud - ok
20:01:14.0671 1860 [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:01:14.0671 1860 WebClient - ok
20:01:14.0796 1860 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:01:14.0796 1860 winmgmt - ok
20:01:14.0843 1860 [ C086483E3DBA8C1C0A687EC8D5B3D4C1 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
20:01:14.0843 1860 WmdmPmSN - ok
20:01:14.0921 1860 [ 1AFF244CA134956C54474F4E2433E4CE ] Wmi C:\WINDOWS\System32\advapi32.dll
20:01:14.0968 1860 Wmi - ok
20:01:15.0031 1860 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:01:15.0031 1860 WmiApSrv - ok
20:01:15.0093 1860 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:01:15.0093 1860 WS2IFSL - ok
20:01:15.0140 1860 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:01:15.0140 1860 wscsvc - ok
20:01:15.0187 1860 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:01:15.0187 1860 WSTCODEC - ok
20:01:15.0250 1860 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:01:15.0250 1860 wuauserv - ok
20:01:15.0296 1860 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:01:15.0359 1860 WZCSVC - ok
20:01:15.0390 1860 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:01:15.0390 1860 xmlprov - ok
20:01:15.0421 1860 ================ Scan global ===============================
20:01:15.0468 1860 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
20:01:15.0484 1860 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
20:01:15.0500 1860 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
20:01:15.0515 1860 [ C6CE6EEC82F187615D1002BB3BB50ED4 ] C:\WINDOWS\system32\services.exe
20:01:15.0515 1860 [Global] - ok
20:01:15.0515 1860 ================ Scan MBR ==================================
20:01:15.0546 1860 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:01:15.0718 1860 \Device\Harddisk0\DR0 - ok
20:01:15.0718 1860 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
20:01:15.0750 1860 \Device\Harddisk1\DR1 - ok
20:01:15.0750 1860 ================ Scan VBR ==================================
20:01:15.0765 1860 [ 7E7D59187D413661EB0A32797919EB8D ] \Device\Harddisk0\DR0\Partition1
20:01:15.0765 1860 \Device\Harddisk0\DR0\Partition1 - ok
20:01:15.0765 1860 [ B219621D87C974346AE1BE2C9EE1AC7C ] \Device\Harddisk1\DR1\Partition1
20:01:15.0765 1860 \Device\Harddisk1\DR1\Partition1 - ok
20:01:15.0765 1860 ============================================================
20:01:15.0765 1860 Scan finished
20:01:15.0765 1860 ============================================================
20:01:15.0796 1288 Detected object count: 0
20:01:15.0796 1288 Actual detected object count: 0
20:00:51.0000 1856 ============================================================
20:00:51.0000 1856 Current date / time: 2012/08/20 20:00:51.0000
20:00:51.0000 1856 SystemInfo:
20:00:51.0000 1856
20:00:51.0000 1856 OS Version: 5.1.2600 ServicePack: 2.0
20:00:51.0000 1856 Product type: Workstation
20:00:51.0000 1856 ComputerName: LUBA
20:00:51.0015 1856 UserName: Ľuba
20:00:51.0015 1856 Windows directory: C:\WINDOWS
20:00:51.0015 1856 System windows directory: C:\WINDOWS
20:00:51.0015 1856 Processor architecture: Intel x86
20:00:51.0015 1856 Number of processors: 2
20:00:51.0015 1856 Page size: 0x1000
20:00:51.0015 1856 Boot type: Normal boot
20:00:51.0015 1856 ============================================================
20:00:54.0234 1856 Drive \Device\Harddisk0\DR0 - Size: 0x4DA9EA000 (19.42 Gb), SectorSize: 0x200, Cylinders: 0x9E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:00:54.0234 1856 Drive \Device\Harddisk1\DR1 - Size: 0xDF8475800 (55.88 Gb), SectorSize: 0x200, Cylinders: 0x1C7E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:00:54.0234 1856 ============================================================
20:00:54.0234 1856 \Device\Harddisk0\DR0:
20:00:54.0234 1856 MBR partitions:
20:00:54.0234 1856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x26CEB66
20:00:54.0234 1856 \Device\Harddisk1\DR1:
20:00:54.0234 1856 MBR partitions:
20:00:54.0250 1856 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x6FBBFFE
20:00:54.0250 1856 ============================================================
20:00:54.0265 1856 D: <-> \Device\Harddisk1\DR1\Partition1
20:00:54.0296 1856 C: <-> \Device\Harddisk0\DR0\Partition1
20:00:54.0296 1856 ============================================================
20:00:54.0296 1856 Initialize success
20:00:54.0296 1856 ============================================================
20:00:59.0093 1860 ============================================================
20:00:59.0093 1860 Scan started
20:00:59.0093 1860 Mode: Manual;
20:00:59.0093 1860 ============================================================
20:01:00.0921 1860 ================ Scan system memory ========================
20:01:00.0921 1860 System memory - ok
20:01:00.0921 1860 ================ Scan services =============================
20:01:01.0015 1860 Abiosdsk - ok
20:01:01.0015 1860 abp480n5 - ok
20:01:01.0187 1860 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:01:01.0187 1860 ACDaemon - ok
20:01:01.0250 1860 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:01:01.0250 1860 ACPI - ok
20:01:01.0296 1860 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:01:01.0312 1860 ACPIEC - ok
20:01:01.0406 1860 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:01:01.0406 1860 AdobeFlashPlayerUpdateSvc - ok
20:01:01.0421 1860 adpu160m - ok
20:01:01.0437 1860 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:01:01.0437 1860 aec - ok
20:01:01.0484 1860 [ 023867B6606FBABCDD52E089C4A507DA ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
20:01:01.0484 1860 AegisP - ok
20:01:01.0531 1860 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\WINDOWS\system32\drivers\Afc.sys
20:01:01.0562 1860 Afc - ok
20:01:01.0609 1860 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:01:01.0609 1860 AFD - ok
20:01:01.0609 1860 Aha154x - ok
20:01:01.0625 1860 aic78u2 - ok
20:01:01.0625 1860 aic78xx - ok
20:01:01.0671 1860 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:01:01.0671 1860 Alerter - ok
20:01:01.0718 1860 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
20:01:01.0718 1860 ALG - ok
20:01:01.0718 1860 AliIde - ok
20:01:01.0718 1860 amsint - ok
20:01:01.0765 1860 [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:01:01.0765 1860 AppMgmt - ok
20:01:01.0765 1860 asc - ok
20:01:01.0781 1860 asc3350p - ok
20:01:01.0781 1860 asc3550 - ok
20:01:01.0921 1860 [ D33C507942299753868204CC7642FA27 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:01:02.0000 1860 aspnet_state - ok
20:01:02.0046 1860 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:01:02.0046 1860 AsyncMac - ok
20:01:02.0062 1860 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:01:02.0062 1860 atapi - ok
20:01:02.0062 1860 Atdisk - ok
20:01:02.0109 1860 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:01:02.0109 1860 Atmarpc - ok
20:01:02.0140 1860 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:01:02.0140 1860 AudioSrv - ok
20:01:02.0187 1860 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:01:02.0187 1860 audstub - ok
20:01:02.0437 1860 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
20:01:02.0609 1860 AVGIDSAgent - ok
20:01:02.0656 1860 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
20:01:02.0671 1860 AVGIDSDriver - ok
20:01:02.0703 1860 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
20:01:02.0703 1860 AVGIDSFilter - ok
20:01:02.0718 1860 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
20:01:02.0718 1860 AVGIDSHX - ok
20:01:02.0781 1860 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
20:01:02.0781 1860 AVGIDSShim - ok
20:01:02.0843 1860 [ DDA6A2A18841E4C9172BB85958B8D948 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
20:01:02.0859 1860 Avgldx86 - ok
20:01:02.0906 1860 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
20:01:02.0906 1860 Avgmfx86 - ok
20:01:02.0906 1860 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
20:01:02.0906 1860 Avgrkx86 - ok
20:01:02.0937 1860 [ 1263F2554ACE925C237A40B4C568D815 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
20:01:02.0953 1860 Avgtdix - ok
20:01:02.0984 1860 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
20:01:03.0000 1860 avgwd - ok
20:01:03.0062 1860 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:01:03.0062 1860 Beep - ok
20:01:03.0109 1860 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\system32\qmgr.dll
20:01:03.0171 1860 BITS - ok
20:01:03.0218 1860 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
20:01:03.0218 1860 Browser - ok
20:01:03.0265 1860 [ D24B8D1784C68A25060FFFBE8ED34B76 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
20:01:03.0265 1860 BthEnum - ok
20:01:03.0296 1860 [ 10355270BE12641B9764235DA39DCF0F ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
20:01:03.0296 1860 BthPan - ok
20:01:03.0328 1860 [ 30B76EC553B202890E90A93A4E1A27B5 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
20:01:03.0343 1860 BTHPORT - ok
20:01:03.0375 1860 [ A18CC8C9B3890B1B68BED213716FEF6B ] BthServ C:\WINDOWS\System32\bthserv.dll
20:01:03.0375 1860 BthServ - ok
20:01:03.0406 1860 [ F06D4CB9918B462A84D9AC00027EFC30 ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
20:01:03.0406 1860 BTHUSB - ok
20:01:03.0468 1860 [ A775A7DC5F5D121E566F5F12B341E0EE ] Bulk1528 C:\WINDOWS\system32\Drivers\Bulk1528.sys
20:01:03.0781 1860 Bulk1528 - ok
20:01:03.0843 1860 [ 94BF1CD4CDF4B02BE835D78CA5104734 ] Ca1528av C:\WINDOWS\system32\Drivers\Ca1528av.sys
20:01:03.0906 1860 Ca1528av - ok
20:01:04.0062 1860 catchme - ok
20:01:04.0093 1860 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:01:04.0109 1860 cbidf2k - ok
20:01:04.0140 1860 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:01:04.0140 1860 CCDECODE - ok
20:01:04.0140 1860 cd20xrnt - ok
20:01:04.0171 1860 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:01:04.0171 1860 Cdaudio - ok
20:01:04.0234 1860 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:01:04.0234 1860 Cdfs - ok
20:01:04.0281 1860 [ 7B53584D94E9D8716B2DE91D5F1CB42D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:01:04.0390 1860 Cdrom - ok
20:01:04.0406 1860 Changer - ok
20:01:04.0453 1860 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:01:04.0453 1860 CiSvc - ok
20:01:04.0484 1860 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:01:04.0484 1860 ClipSrv - ok
20:01:04.0515 1860 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:01:04.0609 1860 clr_optimization_v2.0.50727_32 - ok
20:01:04.0609 1860 CmdIde - ok
20:01:04.0625 1860 COMSysApp - ok
20:01:04.0640 1860 Cpqarray - ok
20:01:04.0687 1860 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:01:04.0687 1860 CryptSvc - ok
20:01:04.0687 1860 dac2w2k - ok
20:01:04.0703 1860 dac960nt - ok
20:01:04.0734 1860 [ 5C83A4408604F737717AB96371201680 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:01:04.0796 1860 DcomLaunch - ok
20:01:04.0812 1860 [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:01:04.0828 1860 Dhcp - ok
20:01:04.0875 1860 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:01:04.0875 1860 Disk - ok
20:01:04.0890 1860 dmadmin - ok
20:01:04.0953 1860 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:01:04.0984 1860 dmboot - ok
20:01:05.0031 1860 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:01:05.0031 1860 dmio - ok
20:01:05.0078 1860 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:01:05.0078 1860 dmload - ok
20:01:05.0140 1860 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
20:01:05.0140 1860 dmserver - ok
20:01:05.0187 1860 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:01:05.0187 1860 DMusic - ok
20:01:05.0203 1860 [ 7379DE06FD196E396A00AA97B990C00D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:01:05.0203 1860 Dnscache - ok
20:01:05.0203 1860 dpti2o - ok
20:01:05.0265 1860 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:01:05.0265 1860 drmkaud - ok
20:01:05.0328 1860 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:01:05.0328 1860 ERSvc - ok
20:01:05.0390 1860 [ C6CE6EEC82F187615D1002BB3BB50ED4 ] Eventlog C:\WINDOWS\system32\services.exe
20:01:05.0390 1860 Eventlog - ok
20:01:05.0437 1860 [ ACD36A2DD7D1E9D8A060AA651DC07E63 ] EventSystem C:\WINDOWS\system32\es.dll
20:01:05.0453 1860 EventSystem - ok
20:01:05.0453 1860 ew_hwusbdev - ok
20:01:05.0484 1860 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:01:05.0484 1860 Fastfat - ok
20:01:05.0500 1860 [ E7518DC542D3EBDCB80EDD98462C7821 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:01:05.0500 1860 FastUserSwitchingCompatibility - ok
20:01:05.0531 1860 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:01:05.0531 1860 Fdc - ok
20:01:05.0578 1860 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:01:05.0578 1860 Fips - ok
20:01:05.0578 1860 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:01:05.0578 1860 Flpydisk - ok
20:01:05.0640 1860 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:01:05.0640 1860 FltMgr - ok
20:01:05.0656 1860 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:01:05.0656 1860 Fs_Rec - ok
20:01:05.0671 1860 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:01:05.0671 1860 Ftdisk - ok
20:01:05.0718 1860 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:01:05.0718 1860 Gpc - ok
20:01:05.0796 1860 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:01:05.0796 1860 HDAudBus - ok
20:01:05.0859 1860 helpsvc - ok
20:01:05.0859 1860 HidServ - ok
20:01:05.0921 1860 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:01:05.0921 1860 HidUsb - ok
20:01:05.0937 1860 hpn - ok
20:01:06.0000 1860 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:01:06.0015 1860 HTTP - ok
20:01:06.0062 1860 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:01:06.0062 1860 HTTPFilter - ok
20:01:06.0062 1860 huawei_enumerator - ok
20:01:06.0078 1860 hwdatacard - ok
20:01:06.0078 1860 i2omgmt - ok
20:01:06.0093 1860 i2omp - ok
20:01:06.0125 1860 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:01:06.0125 1860 i8042prt - ok
20:01:06.0390 1860 [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
20:01:06.0578 1860 ialm - ok
20:01:06.0625 1860 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:01:06.0625 1860 Imapi - ok
20:01:06.0687 1860 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:01:06.0703 1860 ImapiService - ok
20:01:06.0703 1860 ini910u - ok
20:01:06.0875 1860 [ 811B31E0E0AC7BE484EFBFFC42AFCBBE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:01:07.0046 1860 IntcAzAudAddService - ok
20:01:07.0046 1860 IntelIde - ok
20:01:07.0093 1860 [ 279FB78702454DFF2BB445F238C048D2 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:01:07.0093 1860 intelppm - ok
20:01:07.0125 1860 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:01:07.0125 1860 Ip6Fw - ok
20:01:07.0171 1860 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:01:07.0171 1860 IpFilterDriver - ok
20:01:07.0187 1860 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:01:07.0187 1860 IpInIp - ok
20:01:07.0265 1860 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:01:07.0265 1860 IpNat - ok
20:01:07.0281 1860 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:01:07.0281 1860 IPSec - ok
20:01:07.0328 1860 [ 86C204836FEEC22510D434982D4221B8 ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
20:01:07.0328 1860 irda - ok
20:01:07.0390 1860 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:01:07.0390 1860 IRENUM - ok
20:01:07.0406 1860 [ A02512C315C84F475BD89F847048B27B ] Irmon C:\WINDOWS\System32\irmon.dll
20:01:07.0406 1860 Irmon - ok
20:01:07.0453 1860 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
20:01:07.0468 1860 irsir - ok
20:01:07.0468 1860 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:01:07.0484 1860 isapnp - ok
20:01:07.0625 1860 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
20:01:07.0625 1860 JavaQuickStarterService - ok
20:01:07.0671 1860 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:01:07.0671 1860 Kbdclass - ok
20:01:07.0734 1860 [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:01:07.0734 1860 kbdhid - ok
20:01:07.0750 1860 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:01:07.0750 1860 kmixer - ok
20:01:07.0812 1860 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:01:07.0828 1860 KSecDD - ok
20:01:07.0875 1860 [ 93D32468D34E000CB3407947D1D6E22A ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:01:07.0875 1860 lanmanserver - ok
20:01:07.0937 1860 [ 2C0A7B2AE9C26F2C163627679B42783C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:01:07.0937 1860 lanmanworkstation - ok
20:01:07.0953 1860 lbrtfdc - ok
20:01:08.0000 1860 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:01:08.0000 1860 LmHosts - ok
20:01:08.0062 1860 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
20:01:08.0062 1860 MBAMProtector - ok
20:01:08.0187 1860 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:01:08.0203 1860 MBAMService - ok
20:01:08.0234 1860 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:01:08.0234 1860 Messenger - ok
20:01:08.0281 1860 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:01:08.0281 1860 mnmdd - ok
20:01:08.0328 1860 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:01:08.0343 1860 mnmsrvc - ok
20:01:08.0375 1860 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:01:08.0390 1860 Modem - ok
20:01:08.0406 1860 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:01:08.0406 1860 Mouclass - ok
20:01:08.0421 1860 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:01:08.0421 1860 MountMgr - ok
20:01:08.0468 1860 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:01:08.0531 1860 MozillaMaintenance - ok
20:01:08.0531 1860 mraid35x - ok
20:01:08.0562 1860 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:01:08.0562 1860 MRxDAV - ok
20:01:08.0625 1860 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:01:08.0656 1860 MRxSmb - ok
20:01:08.0687 1860 [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:01:08.0703 1860 MSDTC - ok
20:01:08.0718 1860 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:01:08.0718 1860 Msfs - ok
20:01:08.0781 1860 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:01:08.0781 1860 MSKSSRV - ok
20:01:08.0781 1860 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:01:08.0781 1860 MSPCLOCK - ok
20:01:08.0828 1860 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:01:08.0828 1860 MSPQM - ok
20:01:08.0875 1860 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:01:08.0875 1860 mssmbios - ok
20:01:08.0921 1860 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:01:08.0921 1860 MSTEE - ok
20:01:08.0968 1860 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:01:08.0968 1860 Mup - ok
20:01:09.0031 1860 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:01:09.0031 1860 NABTSFEC - ok
20:01:09.0046 1860 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:01:09.0046 1860 NDIS - ok
20:01:09.0078 1860 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:01:09.0078 1860 NdisIP - ok
20:01:09.0125 1860 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:01:09.0125 1860 NdisTapi - ok
20:01:09.0171 1860 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:01:09.0171 1860 Ndisuio - ok
20:01:09.0218 1860 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:01:09.0218 1860 NdisWan - ok
20:01:09.0218 1860 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:01:09.0218 1860 NDProxy - ok
20:01:09.0250 1860 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:01:09.0250 1860 NetBIOS - ok
20:01:09.0265 1860 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:01:09.0265 1860 NetBT - ok
20:01:09.0312 1860 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
20:01:09.0312 1860 NetDDE - ok
20:01:09.0328 1860 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:01:09.0328 1860 NetDDEdsdm - ok
20:01:09.0359 1860 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:01:09.0359 1860 Netlogon - ok
20:01:09.0421 1860 [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman C:\WINDOWS\System32\netman.dll
20:01:09.0421 1860 Netman - ok
20:01:09.0468 1860 [ 4E74AF063C3271FBEA20DD940CFD1184 ] Nla C:\WINDOWS\System32\mswsock.dll
20:01:09.0468 1860 Nla - ok
20:01:09.0515 1860 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:01:09.0515 1860 Npfs - ok
20:01:09.0593 1860 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:01:09.0656 1860 Ntfs - ok
20:01:09.0671 1860 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:01:09.0671 1860 NtLmSsp - ok
20:01:09.0718 1860 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:01:09.0734 1860 NtmsSvc - ok
20:01:09.0765 1860 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:01:09.0781 1860 Null - ok
20:01:09.0828 1860 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:01:09.0828 1860 NwlnkFlt - ok
20:01:09.0875 1860 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:01:09.0875 1860 NwlnkFwd - ok
20:01:09.0968 1860 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:01:10.0000 1860 ose - ok
20:01:10.0046 1860 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:01:10.0046 1860 Parport - ok
20:01:10.0093 1860 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:01:10.0093 1860 PartMgr - ok
20:01:10.0140 1860 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:01:10.0156 1860 ParVdm - ok
20:01:10.0203 1860 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:01:10.0203 1860 PCI - ok
20:01:10.0203 1860 PCIDump - ok
20:01:10.0250 1860 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:01:10.0250 1860 PCIIde - ok
20:01:10.0296 1860 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:01:10.0296 1860 Pcmcia - ok
20:01:10.0296 1860 PDCOMP - ok
20:01:10.0312 1860 PDFRAME - ok
20:01:10.0312 1860 PDRELI - ok
20:01:10.0328 1860 PDRFRAME - ok
20:01:10.0328 1860 perc2 - ok
20:01:10.0343 1860 perc2hib - ok
20:01:10.0390 1860 [ C6CE6EEC82F187615D1002BB3BB50ED4 ] PlugPlay C:\WINDOWS\system32\services.exe
20:01:10.0390 1860 PlugPlay - ok
20:01:10.0406 1860 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:01:10.0406 1860 PolicyAgent - ok
20:01:10.0421 1860 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:01:10.0421 1860 PptpMiniport - ok
20:01:10.0437 1860 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:01:10.0437 1860 ProtectedStorage - ok
20:01:10.0453 1860 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:01:10.0453 1860 PSched - ok
20:01:10.0468 1860 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:01:10.0468 1860 Ptilink - ok
20:01:10.0468 1860 ql1080 - ok
20:01:10.0484 1860 Ql10wnt - ok
20:01:10.0484 1860 ql12160 - ok
20:01:10.0500 1860 ql1240 - ok
20:01:10.0500 1860 ql1280 - ok
20:01:10.0609 1860 [ 432F5B15E21A54B48072593F03570326 ] RalinkRegistryWriter C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
20:01:10.0609 1860 RalinkRegistryWriter - ok
20:01:10.0625 1860 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:01:10.0625 1860 RasAcd - ok
20:01:10.0671 1860 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:01:10.0671 1860 RasAuto - ok
20:01:10.0718 1860 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
20:01:10.0718 1860 Rasirda - ok
20:01:10.0734 1860 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:01:10.0734 1860 Rasl2tp - ok
20:01:10.0796 1860 [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:01:10.0796 1860 RasMan - ok
20:01:10.0828 1860 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:01:10.0828 1860 RasPppoe - ok
20:01:10.0843 1860 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:01:10.0843 1860 Raspti - ok
20:01:10.0890 1860 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:01:10.0906 1860 Rdbss - ok
20:01:10.0953 1860 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:01:10.0953 1860 RDPCDD - ok
20:01:11.0015 1860 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:01:11.0015 1860 rdpdr - ok
20:01:11.0062 1860 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:01:11.0078 1860 RDPWD - ok
20:01:11.0109 1860 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:01:11.0109 1860 RDSessMgr - ok
20:01:11.0156 1860 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:01:11.0171 1860 redbook - ok
20:01:11.0218 1860 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:01:11.0218 1860 RemoteAccess - ok
20:01:11.0265 1860 [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:01:11.0265 1860 RemoteRegistry - ok
20:01:11.0312 1860 [ 99C4B74981A1413F142A3903130088CB ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
20:01:11.0312 1860 RFCOMM - ok
20:01:11.0359 1860 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
20:01:11.0359 1860 RpcLocator - ok
20:01:11.0390 1860 [ 5C83A4408604F737717AB96371201680 ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:01:11.0406 1860 RpcSs - ok
20:01:11.0453 1860 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:01:11.0453 1860 RSVP - ok
20:01:11.0515 1860 [ 5532F69D0A845FFE9D70B9E0392FE50A ] rt2870 C:\WINDOWS\system32\DRIVERS\rt2870.sys
20:01:11.0578 1860 rt2870 - ok
20:01:11.0625 1860 [ BADABE0940C01619E8510B90FB314929 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
20:01:11.0703 1860 RTLE8023xp - ok
20:01:11.0718 1860 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
20:01:11.0718 1860 SamSs - ok
20:01:11.0750 1860 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:01:11.0765 1860 SCardSvr - ok
20:01:11.0828 1860 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:01:11.0843 1860 Schedule - ok
20:01:11.0890 1860 [ F34C06D1C706A6D9433570B087A18B02 ] Scutum50 C:\WINDOWS\system32\Drivers\Scutum50.sys
20:01:11.0890 1860 Scutum50 - ok
20:01:11.0937 1860 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:01:11.0937 1860 Secdrv - ok
20:01:11.0984 1860 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
20:01:11.0984 1860 seclogon - ok
20:01:12.0015 1860 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
20:01:12.0015 1860 SENS - ok
20:01:12.0031 1860 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:01:12.0031 1860 serenum - ok
20:01:12.0046 1860 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:01:12.0046 1860 Serial - ok
20:01:12.0046 1860 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:01:12.0046 1860 Sfloppy - ok
20:01:12.0078 1860 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:01:12.0109 1860 SharedAccess - ok
20:01:12.0140 1860 [ E7518DC542D3EBDCB80EDD98462C7821 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:01:12.0140 1860 ShellHWDetection - ok
20:01:12.0140 1860 Simbad - ok
20:01:12.0187 1860 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:01:12.0187 1860 SLIP - ok
20:01:12.0187 1860 Sparrow - ok
20:01:12.0250 1860 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:01:12.0265 1860 splitter - ok
20:01:12.0281 1860 [ 7435B108B935E42EA92CA94F59C8E717 ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:01:12.0296 1860 Spooler - ok
20:01:12.0359 1860 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:01:12.0359 1860 sr - ok
20:01:12.0390 1860 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\system32\srsvc.dll
20:01:12.0390 1860 srservice - ok
20:01:12.0421 1860 [ 20B7E396720353E4117D64D9DCB926CA ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:01:12.0453 1860 Srv - ok
20:01:12.0500 1860 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:01:12.0515 1860 SSDPSRV - ok
20:01:12.0593 1860 [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:01:12.0625 1860 stisvc - ok
20:01:12.0671 1860 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:01:12.0671 1860 streamip - ok
20:01:12.0703 1860 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:01:12.0703 1860 swenum - ok
20:01:12.0718 1860 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:01:12.0718 1860 swmidi - ok
20:01:12.0718 1860 SwPrv - ok
20:01:12.0734 1860 symc810 - ok
20:01:12.0734 1860 symc8xx - ok
20:01:12.0750 1860 sym_hi - ok
20:01:12.0750 1860 sym_u3 - ok
20:01:12.0781 1860 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:01:12.0796 1860 sysaudio - ok
20:01:12.0843 1860 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:01:12.0859 1860 SysmonLog - ok
20:01:12.0921 1860 [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:01:12.0921 1860 TapiSrv - ok
20:01:12.0968 1860 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:01:13.0000 1860 Tcpip - ok
20:01:13.0015 1860 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:01:13.0031 1860 TDPIPE - ok
20:01:13.0062 1860 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:01:13.0062 1860 TDTCP - ok
20:01:13.0093 1860 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:01:13.0093 1860 TermDD - ok
20:01:13.0171 1860 [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService C:\WINDOWS\System32\termsrv.dll
20:01:13.0171 1860 TermService - ok
20:01:13.0203 1860 [ E7518DC542D3EBDCB80EDD98462C7821 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:01:13.0203 1860 Themes - ok
20:01:13.0250 1860 [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:01:13.0250 1860 TlntSvr - ok
20:01:13.0265 1860 TosIde - ok
20:01:13.0281 1860 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:01:13.0296 1860 TrkWks - ok
20:01:13.0328 1860 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:01:13.0328 1860 Udfs - ok
20:01:13.0328 1860 ultra - ok
20:01:13.0375 1860 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:01:13.0390 1860 Update - ok
20:01:13.0421 1860 [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost C:\WINDOWS\System32\upnphost.dll
20:01:13.0421 1860 upnphost - ok
20:01:13.0437 1860 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
20:01:13.0437 1860 UPS - ok
20:01:13.0484 1860 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:01:13.0484 1860 usbccgp - ok
20:01:13.0531 1860 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:01:13.0531 1860 usbehci - ok
20:01:13.0546 1860 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:01:13.0546 1860 usbhub - ok
20:01:13.0578 1860 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:01:13.0578 1860 usbprint - ok
20:01:13.0609 1860 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:01:13.0609 1860 usbscan - ok
20:01:13.0656 1860 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:01:13.0656 1860 USBSTOR - ok
20:01:13.0671 1860 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:01:13.0671 1860 usbuhci - ok
20:01:13.0718 1860 [ F39039D5C96C1D3AC2A637A659DBF282 ] USB_RNDIS C:\WINDOWS\system32\DRIVERS\usb8023k.sys
20:01:13.0984 1860 USB_RNDIS - ok
20:01:14.0015 1860 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:01:14.0031 1860 VgaSave - ok
20:01:14.0031 1860 ViaIde - ok
20:01:14.0078 1860 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:01:14.0078 1860 VolSnap - ok
20:01:14.0125 1860 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
20:01:14.0140 1860 VSS - ok
20:01:14.0250 1860 [ 8ED347BAD8D1FB7C40B593BFB01786D2 ] vToolbarUpdater11.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
20:01:14.0296 1860 vToolbarUpdater11.2.0 - ok
20:01:14.0359 1860 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
20:01:14.0359 1860 W32Time - ok
20:01:14.0406 1860 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:01:14.0406 1860 Wanarp - ok
20:01:14.0484 1860 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
20:01:14.0562 1860 Wdf01000 - ok
20:01:14.0562 1860 WDICA - ok
20:01:14.0609 1860 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:01:14.0625 1860 wdmaud - ok
20:01:14.0671 1860 [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:01:14.0671 1860 WebClient - ok
20:01:14.0796 1860 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:01:14.0796 1860 winmgmt - ok
20:01:14.0843 1860 [ C086483E3DBA8C1C0A687EC8D5B3D4C1 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
20:01:14.0843 1860 WmdmPmSN - ok
20:01:14.0921 1860 [ 1AFF244CA134956C54474F4E2433E4CE ] Wmi C:\WINDOWS\System32\advapi32.dll
20:01:14.0968 1860 Wmi - ok
20:01:15.0031 1860 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:01:15.0031 1860 WmiApSrv - ok
20:01:15.0093 1860 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:01:15.0093 1860 WS2IFSL - ok
20:01:15.0140 1860 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:01:15.0140 1860 wscsvc - ok
20:01:15.0187 1860 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:01:15.0187 1860 WSTCODEC - ok
20:01:15.0250 1860 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:01:15.0250 1860 wuauserv - ok
20:01:15.0296 1860 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:01:15.0359 1860 WZCSVC - ok
20:01:15.0390 1860 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:01:15.0390 1860 xmlprov - ok
20:01:15.0421 1860 ================ Scan global ===============================
20:01:15.0468 1860 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
20:01:15.0484 1860 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
20:01:15.0500 1860 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
20:01:15.0515 1860 [ C6CE6EEC82F187615D1002BB3BB50ED4 ] C:\WINDOWS\system32\services.exe
20:01:15.0515 1860 [Global] - ok
20:01:15.0515 1860 ================ Scan MBR ==================================
20:01:15.0546 1860 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:01:15.0718 1860 \Device\Harddisk0\DR0 - ok
20:01:15.0718 1860 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
20:01:15.0750 1860 \Device\Harddisk1\DR1 - ok
20:01:15.0750 1860 ================ Scan VBR ==================================
20:01:15.0765 1860 [ 7E7D59187D413661EB0A32797919EB8D ] \Device\Harddisk0\DR0\Partition1
20:01:15.0765 1860 \Device\Harddisk0\DR0\Partition1 - ok
20:01:15.0765 1860 [ B219621D87C974346AE1BE2C9EE1AC7C ] \Device\Harddisk1\DR1\Partition1
20:01:15.0765 1860 \Device\Harddisk1\DR1\Partition1 - ok
20:01:15.0765 1860 ============================================================
20:01:15.0765 1860 Scan finished
20:01:15.0765 1860 ============================================================
20:01:15.0796 1288 Detected object count: 0
20:01:15.0796 1288 Actual detected object count: 0
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Jsou nějaké problémy??
Doinstaluj si později SP3 a IE máš zastaralý , verze 6! Taky upgade!
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
File::
c:\windows\system32\drivers\aswSnx.sys
c:\windows\system32\drivers\aswSP.sys
c:\windows\system32\drivers\aswFsBlk.sys
Driver::
aswSnx
aswSP
aswFsBlk
huawei_enumerator
FixCSet::
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Jsou nějaké problémy??
Doinstaluj si později SP3 a IE máš zastaralý , verze 6! Taky upgade!
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosim o kontrolu logu
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-21 01:44:21
-----------------------------
01:44:21.281 OS Version: Windows 5.1.2600 Service Pack 2
01:44:21.281 Number of processors: 2 586 0xF0D
01:44:21.281 ComputerName: LUBA UserName: Ľuba
01:44:23.031 Initialize success
01:44:33.187 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
01:44:33.187 Disk 0 Vendor: Maxtor_2F020L0 VAM51JJ0 Size: 19881MB BusType: 3
01:44:33.187 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
01:44:33.187 Disk 1 Vendor: WDC_WD600BB-75CAA0 16.06V16 Size: 57220MB BusType: 3
01:44:33.218 Disk 0 MBR read successfully
01:44:33.218 Disk 0 MBR scan
01:44:33.218 Disk 0 Windows XP default MBR code
01:44:33.218 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 19869 MB offset 63
01:44:33.218 Disk 0 scanning sectors +40692645
01:44:33.312 Disk 0 scanning C:\WINDOWS\system32\drivers
01:44:42.828 Service scanning
01:45:05.796 Modules scanning
01:45:40.906 Disk 0 trace - called modules:
01:45:40.921 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
01:45:40.953 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86afdab8]
01:45:40.953 3 CLASSPNP.SYS[f763f05b] -> nt!IofCallDriver -> \Device\00000070[0x86b81260]
01:45:40.953 5 ACPI.sys[f74d5620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x86b8c940]
01:45:40.968 Scan finished successfully
01:46:27.734 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Ľuba\Desktop\MBR.dat"
01:46:27.765 The log file has been saved successfully to "C:\Documents and Settings\Ľuba\Desktop\aswMBR.txt"
Run date: 2012-08-21 01:44:21
-----------------------------
01:44:21.281 OS Version: Windows 5.1.2600 Service Pack 2
01:44:21.281 Number of processors: 2 586 0xF0D
01:44:21.281 ComputerName: LUBA UserName: Ľuba
01:44:23.031 Initialize success
01:44:33.187 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
01:44:33.187 Disk 0 Vendor: Maxtor_2F020L0 VAM51JJ0 Size: 19881MB BusType: 3
01:44:33.187 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
01:44:33.187 Disk 1 Vendor: WDC_WD600BB-75CAA0 16.06V16 Size: 57220MB BusType: 3
01:44:33.218 Disk 0 MBR read successfully
01:44:33.218 Disk 0 MBR scan
01:44:33.218 Disk 0 Windows XP default MBR code
01:44:33.218 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 19869 MB offset 63
01:44:33.218 Disk 0 scanning sectors +40692645
01:44:33.312 Disk 0 scanning C:\WINDOWS\system32\drivers
01:44:42.828 Service scanning
01:45:05.796 Modules scanning
01:45:40.906 Disk 0 trace - called modules:
01:45:40.921 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
01:45:40.953 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86afdab8]
01:45:40.953 3 CLASSPNP.SYS[f763f05b] -> nt!IofCallDriver -> \Device\00000070[0x86b81260]
01:45:40.953 5 ACPI.sys[f74d5620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x86b8c940]
01:45:40.968 Scan finished successfully
01:46:27.734 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Ľuba\Desktop\MBR.dat"
01:46:27.765 The log file has been saved successfully to "C:\Documents and Settings\Ľuba\Desktop\aswMBR.txt"
Re: prosim o kontrolu logu
neviem kde robim chybu, ked som preniesla CFScript.txt na combofix.exe spustilo sa to, ale po chvilke mi vzdy zamrzol pc a musela som ho resetnut
Re: prosim o kontrolu logu
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:53:06, on 21.8.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\EDIMAX\Common\RaUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\My Documents\Downloads\hijackthis (3).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=2.03001.10 ... =12&barid={87460D7A-3BAF-11E1-8EE5-001F1FE318CE}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=2.03001.10 ... =12&barid={87460D7A-3BAF-11E1-8EE5-001F1FE318CE}
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Wireless Utility.lnk = C:\Program Files\EDIMAX\Common\RaUI.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
--
End of file - 8286 bytes
Scan saved at 1:53:06, on 21.8.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\EDIMAX\Common\RaUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ľuba\My Documents\Downloads\hijackthis (3).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=2.03001.10 ... =12&barid={87460D7A-3BAF-11E1-8EE5-001F1FE318CE}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=2.03001.10 ... =12&barid={87460D7A-3BAF-11E1-8EE5-001F1FE318CE}
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Wireless Utility.lnk = C:\Program Files\EDIMAX\Common\RaUI.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
--
End of file - 8286 bytes
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu
Zkus to v nouzovém režimu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 77 hostů