HJT kontrola - zpomalený PC

psouk300 · Příspěvekod **psouk300** » 30 zář 2012 22:18

Čau, mám docela dost zasekaný PC, MBAM nic nenašel. Díky.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:00:42, on 30.9.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\Pšouk\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
C:\Users\Pšouk\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_Prot
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10005&barid={32086A84-000E-11E2-A7B6-F46D046607A3}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.3\dealioToolbarIE.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.3\dealioToolbarIE.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
O2 - BHO: ADDICT-THING - {CE473620-AC56-1B7F-3476-20EB777BD468} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.3\dealioToolbarIE.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Pšouk\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pšouk\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [Media Finder] "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
O4 - Startup: Facebook Messenger.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: ThinVNC Service (ThinVNCService) - Cybele Software, Inc. - C:\Program Files (x86)\ThinVNC\ThinVnc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17009 bytes

Reklama

Příspěvekod **Žbeky** » 01 říj 2012 15:57

Odinstaluj:
uTorrentBar Toolbar
Babylon Toolbar
Nero Toolbar
SweetPacks Toolbar for Internet Explorer
Google Toolbar
Dealio Toolbar
Spigot

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_Prot
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10005&barid={32086A84-000E-11E2-A7B6-F46D046607A3}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.3\dealioToolbarIE.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.3\dealioToolbarIE.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
O2 - BHO: ADDICT-THING - {CE473620-AC56-1B7F-3476-20EB777BD468} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files (x86)\Dealio Toolbar\IE\6.3\dealioToolbarIE.dll
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Pšouk\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pšouk\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

psouk300 · Příspěvekod **psouk300** » 01 říj 2012 17:39

ComboFix
ComboFix 12-09-30.03 - Pšouk 01.10.2012 17:26:24.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.8173.6076 [GMT 2:00]
Spuštěný z: c:\users\Pšouk\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
c:\windows\SysWow64\tmp953D.tmp
c:\windows\SysWow64\tmp953E.tmp
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-01 do 2012-10-01 )))))))))))))))))))))))))))))))
.
.
2012-09-30 20:04 . 2012-09-30 20:04 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-23 13:30 . 2012-09-23 13:31 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-09-23 13:18 . 2012-09-23 13:18 286720 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-09-23 13:18 . 2012-09-23 13:18 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-09-23 13:18 . 2002-12-05 12:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-09-23 13:18 . 2002-12-05 12:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-09-23 13:18 . 2002-12-02 13:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-09-23 13:18 . 2002-12-02 11:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-09-23 13:18 . 2002-12-02 11:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-09-17 16:42 . 2012-09-17 16:42 -------- d-----w- c:\users\Pšouk\AppData\Local\FLT
2012-09-17 16:42 . 2012-09-17 16:42 -------- d-----w- c:\programdata\Codemasters
2012-09-10 14:37 . 2012-09-10 14:37 -------- d-----w- c:\users\Pšouk\AppData\Roaming\OpenCandy
2012-09-09 13:49 . 2012-09-09 13:49 -------- d-----w- c:\users\Pšouk\AppData\Local\Codemasters
2012-09-08 10:05 . 2012-09-08 10:05 -------- d-----w- c:\users\Pšouk\AppData\Roaming\Ubisoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-01 13:38 . 2011-11-07 17:03 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-10-01 13:38 . 2011-11-06 19:24 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-10-01 13:37 . 2011-11-06 19:03 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-09-30 20:04 . 2012-05-01 15:44 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-21 17:52 . 2012-04-21 06:53 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-21 17:52 . 2011-11-13 02:04 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-17 16:40 . 2011-11-20 01:04 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-09-07 15:04 . 2011-11-18 20:55 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-30 18:07 . 2012-08-30 18:07 31080 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2012-08-24 13:43 . 2012-08-24 13:43 384352 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2012-07-30 11:32 . 2012-07-30 11:32 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-07-30 11:32 . 2012-07-30 11:32 102240 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-07-26 01:21 . 2012-07-26 01:21 291680 ----a-w- c:\windows\system32\drivers\avgldx64.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-08-30 18:07 1734240 ----a-w- c:\program files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-06-04 14:12 1310040 ----a-w- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll" [2012-08-30 1734240]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-06-04 1310040]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-08-04 1353080]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"Facebook Update"="c:\users\Pšouk\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-13 138096]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-08-30 947808]
"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-16 928096]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-08-07 3524536]
"AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2012-03-01 285072]
"ROC_ROC_JULY_P1"="c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-08-30 1022048]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Pšouk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Pšouk\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe [2012-9-25 247728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-12-08 36328]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-11 129976]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2011-12-08 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2011-12-08 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2011-12-08 161280]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2011-12-08 128000]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-12-08 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-12-08 146920]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-07 1255736]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-07-26 291680]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-08-30 31080]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-19 279616]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
S2 ThinVNCService;ThinVNC Service;c:\program files (x86)\ThinVNC\ThinVnc.exe -svc [x]
S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-08-30 722528]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 dfmirage;dfmirage;c:\windows\system32\DRIVERS\dfmirage.sys [2010-10-28 36432]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-28 17:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-28 11905128]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\SYSTEM32\blank.htm
mStart Page = hxxp://home.sweetim.com/?st=1&crg=3.101 ... 005&barid={32086A84-000E-11E2-A7B6-F46D046607A3}
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.98.231.66 10.98.0.209
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
FF - ProfilePath - c:\users\Pšouk\AppData\Roaming\Mozilla\Firefox\Profiles\rr5qrj7z.default\
FF - prefs.js: browser.startup.homepage - hxxp://isearch.claro-search.com/?affID= ... 6d046607a3
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =616163&p=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.claro.id - 6cb379e0000000000000f46d046607a3
FF - user.js: extensions.claro.instlDay - 15574
FF - user.js: extensions.claro.vrsn - 1.6.4.1
FF - user.js: extensions.claro.vrsni - 1.6.4.1
FF - user.js: extensions.claro_i.vrsnTs - 1.6.4.122:23
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - iclaro
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Clownfish - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3224453168-2168799-1383361859-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-3224453168-2168799-1383361859-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3224453168-2168799-1383361859-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-3224453168-2168799-1383361859-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3224453168-2168799-1383361859-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-3224453168-2168799-1383361859-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3224453168-2168799-1383361859-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-3224453168-2168799-1383361859-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3224453168-2168799-1383361859-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-3224453168-2168799-1383361859-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3224453168-2168799-1383361859-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (S-1-5-21-3224453168-2168799-1383361859-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-10-01 17:34:48
ComboFix-quarantined-files.txt 2012-10-01 15:34
.
Před spuštěním: Volných bajtů: 30 819 418 112
Po spuštění: Volných bajtů: 31 795 384 320
.
- - End Of File - - C742DAD2B4F88594599DA843BDC7C4C6

psouk300 · Příspěvekod **psouk300** » 01 říj 2012 17:42

TDSSKiller 1. část
17:12:44.0620 5712 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:12:44.0824 5712 ============================================================
17:12:44.0824 5712 Current date / time: 2012/10/01 17:12:44.0824
17:12:44.0824 5712 SystemInfo:
17:12:44.0824 5712
17:12:44.0824 5712 OS Version: 6.1.7600 ServicePack: 0.0
17:12:44.0824 5712 Product type: Workstation
17:12:44.0824 5712 ComputerName: PŠOUK-PC
17:12:44.0824 5712 UserName: Pšouk
17:12:44.0824 5712 Windows directory: C:\Windows
17:12:44.0824 5712 System windows directory: C:\Windows
17:12:44.0824 5712 Running under WOW64
17:12:44.0824 5712 Processor architecture: Intel x64
17:12:44.0824 5712 Number of processors: 4
17:12:44.0824 5712 Page size: 0x1000
17:12:44.0824 5712 Boot type: Normal boot
17:12:44.0824 5712 ============================================================
17:12:45.0552 5712 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:12:45.0570 5712 ============================================================
17:12:45.0570 5712 \Device\Harddisk0\DR0:
17:12:45.0570 5712 MBR partitions:
17:12:45.0570 5712 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x27100000
17:12:45.0570 5712 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x27100800, BlocksNum 0x4D605000
17:12:45.0570 5712 ============================================================
17:12:45.0594 5712 C: <-> \Device\Harddisk0\DR0\Partition1
17:12:45.0632 5712 D: <-> \Device\Harddisk0\DR0\Partition2
17:12:45.0632 5712 ============================================================
17:12:45.0632 5712 Initialize success
17:12:45.0632 5712 ============================================================
17:12:47.0303 6448 ============================================================
17:12:47.0303 6448 Scan started
17:12:47.0303 6448 Mode: Manual;
17:12:47.0303 6448 ============================================================
17:12:48.0319 6448 ================ Scan system memory ========================
17:12:48.0319 6448 System memory - ok
17:12:48.0320 6448 ================ Scan services =============================
17:12:48.0429 6448 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:12:48.0431 6448 1394ohci - ok
17:12:48.0476 6448 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
17:12:48.0478 6448 acedrv11 - ok
17:12:48.0487 6448 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:12:48.0489 6448 ACPI - ok
17:12:48.0512 6448 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:12:48.0513 6448 AcpiPmi - ok
17:12:48.0623 6448 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:12:48.0625 6448 AdobeFlashPlayerUpdateSvc - ok
17:12:48.0637 6448 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:12:48.0641 6448 adp94xx - ok
17:12:48.0667 6448 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:12:48.0670 6448 adpahci - ok
17:12:48.0688 6448 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:12:48.0691 6448 adpu320 - ok
17:12:48.0709 6448 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:12:48.0710 6448 AeLookupSvc - ok
17:12:48.0745 6448 [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD C:\Windows\system32\drivers\afd.sys
17:12:48.0749 6448 AFD - ok
17:12:48.0758 6448 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:12:48.0759 6448 agp440 - ok
17:12:48.0772 6448 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:12:48.0773 6448 ALG - ok
17:12:48.0781 6448 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:12:48.0781 6448 aliide - ok
17:12:48.0784 6448 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:12:48.0785 6448 amdide - ok
17:12:48.0794 6448 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:12:48.0796 6448 AmdK8 - ok
17:12:48.0804 6448 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:12:48.0805 6448 AmdPPM - ok
17:12:48.0834 6448 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:12:48.0836 6448 amdsata - ok
17:12:48.0848 6448 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:12:48.0850 6448 amdsbs - ok
17:12:48.0852 6448 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:12:48.0852 6448 amdxata - ok
17:12:48.0876 6448 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
17:12:48.0877 6448 androidusb - ok
17:12:48.0892 6448 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:12:48.0893 6448 AppID - ok
17:12:48.0900 6448 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:12:48.0900 6448 AppIDSvc - ok
17:12:48.0923 6448 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:12:48.0924 6448 Appinfo - ok
17:12:48.0938 6448 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:12:48.0939 6448 arc - ok
17:12:48.0957 6448 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:12:48.0958 6448 arcsas - ok
17:12:49.0002 6448 [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
17:12:49.0004 6448 asmthub3 - ok
17:12:49.0030 6448 [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
17:12:49.0034 6448 asmtxhci - ok
17:12:49.0050 6448 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:12:49.0051 6448 AsyncMac - ok
17:12:49.0058 6448 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:12:49.0058 6448 atapi - ok
17:12:49.0088 6448 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:12:49.0094 6448 AudioEndpointBuilder - ok
17:12:49.0100 6448 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:12:49.0103 6448 AudioSrv - ok
17:12:49.0231 6448 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:12:49.0299 6448 AVGIDSAgent - ok
17:12:49.0328 6448 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:12:49.0330 6448 AVGIDSDriver - ok
17:12:49.0338 6448 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
17:12:49.0339 6448 AVGIDSFilter - ok
17:12:49.0354 6448 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
17:12:49.0355 6448 AVGIDSHA - ok
17:12:49.0369 6448 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
17:12:49.0372 6448 Avgldx64 - ok
17:12:49.0389 6448 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
17:12:49.0390 6448 Avgmfx64 - ok
17:12:49.0419 6448 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
17:12:49.0419 6448 Avgrkx64 - ok
17:12:49.0428 6448 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
17:12:49.0431 6448 Avgtdia - ok
17:12:49.0449 6448 [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
17:12:49.0450 6448 avgtp - ok
17:12:49.0467 6448 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:12:49.0468 6448 avgwd - ok
17:12:49.0478 6448 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:12:49.0480 6448 AxInstSV - ok
17:12:49.0503 6448 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:12:49.0507 6448 b06bdrv - ok
17:12:49.0541 6448 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:12:49.0544 6448 b57nd60a - ok
17:12:49.0578 6448 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:12:49.0580 6448 BBSvc - ok
17:12:49.0597 6448 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:12:49.0598 6448 BDESVC - ok
17:12:49.0612 6448 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:12:49.0613 6448 Beep - ok
17:12:49.0639 6448 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:12:49.0645 6448 BFE - ok
17:12:49.0682 6448 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
17:12:49.0689 6448 BITS - ok
17:12:49.0692 6448 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:12:49.0693 6448 blbdrive - ok
17:12:49.0719 6448 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:12:49.0720 6448 bowser - ok
17:12:49.0736 6448 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:12:49.0737 6448 BrFiltLo - ok
17:12:49.0742 6448 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:12:49.0743 6448 BrFiltUp - ok
17:12:49.0752 6448 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:12:49.0753 6448 BridgeMP - ok
17:12:49.0768 6448 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
17:12:49.0770 6448 Browser - ok
17:12:49.0786 6448 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:12:49.0853 6448 Brserid - ok
17:12:49.0864 6448 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:12:49.0884 6448 BrSerWdm - ok
17:12:49.0942 6448 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:12:49.0995 6448 BrUsbMdm - ok
17:12:50.0033 6448 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:12:50.0034 6448 BrUsbSer - ok
17:12:50.0045 6448 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:12:50.0047 6448 BTHMODEM - ok
17:12:50.0051 6448 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:12:50.0052 6448 bthserv - ok
17:12:50.0063 6448 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:12:50.0064 6448 cdfs - ok
17:12:50.0075 6448 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:12:50.0077 6448 cdrom - ok
17:12:50.0097 6448 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:12:50.0098 6448 CertPropSvc - ok
17:12:50.0108 6448 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:12:50.0109 6448 circlass - ok
17:12:50.0125 6448 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:12:50.0128 6448 CLFS - ok
17:12:50.0192 6448 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:12:50.0193 6448 clr_optimization_v2.0.50727_32 - ok
17:12:50.0236 6448 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:12:50.0238 6448 clr_optimization_v2.0.50727_64 - ok
17:12:50.0307 6448 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:12:50.0308 6448 clr_optimization_v4.0.30319_32 - ok
17:12:50.0339 6448 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:12:50.0340 6448 clr_optimization_v4.0.30319_64 - ok
17:12:50.0347 6448 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:12:50.0348 6448 CmBatt - ok
17:12:50.0350 6448 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:12:50.0351 6448 cmdide - ok
17:12:50.0365 6448 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
17:12:50.0369 6448 CNG - ok
17:12:50.0377 6448 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:12:50.0378 6448 Compbatt - ok
17:12:50.0384 6448 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:12:50.0385 6448 CompositeBus - ok
17:12:50.0386 6448 COMSysApp - ok
17:12:50.0418 6448 [ 262969A3FAB32B9E17E63E2D17A57744 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
17:12:50.0419 6448 cpuz135 - ok
17:12:50.0424 6448 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:12:50.0425 6448 crcdisk - ok
17:12:50.0450 6448 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:12:50.0452 6448 CryptSvc - ok
17:12:50.0480 6448 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:12:50.0485 6448 DcomLaunch - ok
17:12:50.0494 6448 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:12:50.0497 6448 defragsvc - ok
17:12:50.0520 6448 [ 178A6E9A0DCE42959FC5AD129F60CBA9 ] dfmirage C:\Windows\system32\DRIVERS\dfmirage.sys
17:12:50.0521 6448 dfmirage - ok
17:12:50.0538 6448 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:12:50.0539 6448 DfsC - ok
17:12:50.0558 6448 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:12:50.0560 6448 dg_ssudbus - ok
17:12:50.0583 6448 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:12:50.0586 6448 Dhcp - ok
17:12:50.0614 6448 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:12:50.0615 6448 discache - ok
17:12:50.0626 6448 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:12:50.0627 6448 Disk - ok
17:12:50.0650 6448 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:12:50.0652 6448 Dnscache - ok
17:12:50.0678 6448 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:12:50.0680 6448 dot3svc - ok
17:12:50.0708 6448 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:12:50.0711 6448 DPS - ok
17:12:50.0739 6448 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:12:50.0740 6448 drmkaud - ok
17:12:50.0773 6448 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:12:50.0775 6448 dtsoftbus01 - ok
17:12:50.0810 6448 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:12:50.0818 6448 DXGKrnl - ok
17:12:50.0841 6448 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:12:50.0842 6448 EapHost - ok
17:12:50.0888 6448 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:12:50.0927 6448 ebdrv - ok
17:12:50.0953 6448 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
17:12:50.0954 6448 EFS - ok
17:12:51.0011 6448 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:12:51.0017 6448 ehRecvr - ok
17:12:51.0042 6448 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:12:51.0044 6448 ehSched - ok
17:12:51.0061 6448 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:12:51.0065 6448 elxstor - ok
17:12:51.0078 6448 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:12:51.0079 6448 ErrDev - ok
17:12:51.0099 6448 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:12:51.0102 6448 EventSystem - ok
17:12:51.0120 6448 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:12:51.0122 6448 exfat - ok
17:12:51.0134 6448 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:12:51.0137 6448 fastfat - ok
17:12:51.0164 6448 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:12:51.0170 6448 Fax - ok
17:12:51.0178 6448 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:12:51.0179 6448 fdc - ok
17:12:51.0189 6448 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:12:51.0190 6448 fdPHost - ok
17:12:51.0201 6448 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:12:51.0202 6448 FDResPub - ok
17:12:51.0207 6448 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:12:51.0208 6448 FileInfo - ok
17:12:51.0217 6448 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:12:51.0218 6448 Filetrace - ok
17:12:51.0227 6448 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:12:51.0229 6448 flpydisk - ok
17:12:51.0238 6448 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:12:51.0240 6448 FltMgr - ok
17:12:51.0261 6448 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
17:12:51.0270 6448 FontCache - ok
17:12:51.0309 6448 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:12:51.0310 6448 FontCache3.0.0.0 - ok
17:12:51.0329 6448 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:12:51.0330 6448 FsDepends - ok
17:12:51.0362 6448 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:12:51.0363 6448 fssfltr - ok
17:12:51.0370 6448 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:12:51.0370 6448 Fs_Rec - ok
17:12:51.0400 6448 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:12:51.0402 6448 fvevol - ok
17:12:51.0416 6448 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:12:51.0418 6448 gagp30kx - ok
17:12:51.0433 6448 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:12:51.0439 6448 gpsvc - ok
17:12:51.0444 6448 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:12:51.0445 6448 hcw85cir - ok
17:12:51.0474 6448 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:12:51.0477 6448 HdAudAddService - ok
17:12:51.0493 6448 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:12:51.0494 6448 HDAudBus - ok
17:12:51.0502 6448 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:12:51.0503 6448 HidBatt - ok
17:12:51.0512 6448 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:12:51.0514 6448 HidBth - ok
17:12:51.0527 6448 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:12:51.0528 6448 HidIr - ok
17:12:51.0533 6448 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:12:51.0535 6448 hidserv - ok
17:12:51.0560 6448 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:12:51.0561 6448 HidUsb - ok
17:12:51.0588 6448 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:12:51.0589 6448 hkmsvc - ok
17:12:51.0593 6448 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:12:51.0595 6448 HomeGroupListener - ok
17:12:51.0618 6448 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:12:51.0620 6448 HomeGroupProvider - ok
17:12:51.0626 6448 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:12:51.0627 6448 HpSAMD - ok
17:12:51.0650 6448 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:12:51.0656 6448 HTTP - ok
17:12:51.0665 6448 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:12:51.0666 6448 hwpolicy - ok
17:12:51.0699 6448 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:12:51.0700 6448 i8042prt - ok
17:12:51.0741 6448 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:12:51.0743 6448 Suspicious file (Forged): C:\Windows\system32\DRIVERS\iaStor.sys. Real md5: 26CF4275034214ECEDD8EC17B0A18A99, Fake md5: D08C2FDE804FE39B3842DB7E70DEBE3A
17:12:51.0744 6448 iaStor ( ForgedFile.Multi.Generic ) - warning
17:12:51.0744 6448 iaStor - detected ForgedFile.Multi.Generic (1)
17:12:51.0753 6448 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:12:51.0757 6448 iaStorV - ok
17:12:51.0787 6448 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:12:51.0793 6448 idsvc - ok
17:12:51.0806 6448 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:12:51.0808 6448 iirsp - ok
17:12:51.0832 6448 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:12:51.0839 6448 IKEEXT - ok
17:12:51.0908 6448 [ EB5FA493A4B6EA290200AE39EBA2FBC6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:12:51.0939 6448 IntcAzAudAddService - ok
17:12:51.0941 6448 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:12:51.0942 6448 intelide - ok
17:12:51.0955 6448 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:12:51.0956 6448 intelppm - ok
17:12:51.0968 6448 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:12:51.0970 6448 IPBusEnum - ok
17:12:51.0979 6448 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:12:51.0980 6448 IpFilterDriver - ok
17:12:51.0995 6448 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:12:51.0999 6448 iphlpsvc - ok
17:12:52.0006 6448 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:12:52.0007 6448 IPMIDRV - ok
17:12:52.0023 6448 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:12:52.0024 6448 IPNAT - ok
17:12:52.0026 6448 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:12:52.0027 6448 IRENUM - ok
17:12:52.0036 6448 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:12:52.0037 6448 isapnp - ok
17:12:52.0059 6448 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:12:52.0061 6448 iScsiPrt - ok
17:12:52.0071 6448 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:12:52.0072 6448 kbdclass - ok
17:12:52.0083 6448 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:12:52.0085 6448 kbdhid - ok
17:12:52.0094 6448 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
17:12:52.0095 6448 KeyIso - ok
17:12:52.0114 6448 KMService - ok
17:12:52.0123 6448 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:12:52.0124 6448 KSecDD - ok
17:12:52.0147 6448 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:12:52.0149 6448 KSecPkg - ok
17:12:52.0156 6448 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:12:52.0158 6448 ksthunk - ok
17:12:52.0182 6448 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:12:52.0185 6448 KtmRm - ok
17:12:52.0215 6448 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:12:52.0218 6448 LanmanServer - ok
17:12:52.0245 6448 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:12:52.0247 6448 LanmanWorkstation - ok
17:12:52.0268 6448 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:12:52.0269 6448 lltdio - ok
17:12:52.0279 6448 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:12:52.0282 6448 lltdsvc - ok
17:12:52.0290 6448 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:12:52.0291 6448 lmhosts - ok
17:12:52.0303 6448 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:12:52.0305 6448 LSI_FC - ok
17:12:52.0311 6448 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:12:52.0312 6448 LSI_SAS - ok
17:12:52.0325 6448 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:12:52.0326 6448 LSI_SAS2 - ok
17:12:52.0338 6448 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:12:52.0340 6448 LSI_SCSI - ok
17:12:52.0349 6448 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:12:52.0350 6448 luafv - ok
17:12:52.0367 6448 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
17:12:52.0368 6448 LVPr2M64 - ok
17:12:52.0379 6448 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
17:12:52.0380 6448 LVPr2Mon - ok
17:12:52.0421 6448 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
17:12:52.0422 6448 LVPrcS64 - ok
17:12:52.0446 6448 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:12:52.0448 6448 Mcx2Svc - ok
17:12:52.0459 6448 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:12:52.0460 6448 megasas - ok
17:12:52.0473 6448 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:12:52.0476 6448 MegaSR - ok
17:12:52.0502 6448 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:12:52.0504 6448 MEIx64 - ok
17:12:52.0543 6448 Microsoft SharePoint Workspace Audit Service - ok
17:12:52.0564 6448 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:12:52.0566 6448 MMCSS - ok
17:12:52.0573 6448 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:12:52.0574 6448 Modem - ok
17:12:52.0586 6448 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:12:52.0587 6448 monitor - ok
17:12:52.0591 6448 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:12:52.0592 6448 mouclass - ok
17:12:52.0597 6448 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:12:52.0598 6448 mouhid - ok
17:12:52.0608 6448 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:12:52.0609 6448 mountmgr - ok
17:12:52.0654 6448 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:12:52.0655 6448 MozillaMaintenance - ok
17:12:52.0682 6448 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:12:52.0683 6448 mpio - ok
17:12:52.0693 6448 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:12:52.0702 6448 mpsdrv - ok
17:12:52.0739 6448 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:12:52.0758 6448 MpsSvc - ok
17:12:52.0779 6448 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:12:52.0783 6448 MRxDAV - ok
17:12:52.0812 6448 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:12:52.0815 6448 mrxsmb - ok
17:12:52.0828 6448 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:12:52.0832 6448 mrxsmb10 - ok
17:12:52.0846 6448 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:12:52.0848 6448 mrxsmb20 - ok
17:12:52.0855 6448 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:12:52.0856 6448 msahci - ok
17:12:52.0865 6448 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:12:52.0867 6448 msdsm - ok
17:12:52.0889 6448 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:12:52.0891 6448 MSDTC - ok
17:12:52.0904 6448 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:12:52.0905 6448 Msfs - ok
17:12:52.0914 6448 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:12:52.0915 6448 mshidkmdf - ok
17:12:52.0927 6448 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:12:52.0927 6448 msisadrv - ok
17:12:52.0953 6448 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:12:52.0955 6448 MSiSCSI - ok
17:12:52.0957 6448 msiserver - ok
17:12:52.0976 6448 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:12:52.0977 6448 MSKSSRV - ok
17:12:52.0996 6448 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:12:52.0997 6448 MSPCLOCK - ok
17:12:53.0013 6448 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:12:53.0014 6448 MSPQM - ok
17:12:53.0028 6448 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:12:53.0031 6448 MsRPC - ok
17:12:53.0034 6448 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:12:53.0034 6448 mssmbios - ok
17:12:53.0044 6448 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:12:53.0045 6448 MSTEE - ok
17:12:53.0057 6448 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:12:53.0058 6448 MTConfig - ok
17:12:53.0065 6448 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:12:53.0066 6448 Mup - ok
17:12:53.0090 6448 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:12:53.0094 6448 napagent - ok
17:12:53.0105 6448 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:12:53.0108 6448 NativeWifiP - ok
17:12:53.0186 6448 [ 89844C3D3A7AAE8999E229C88E452633 ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
17:12:53.0192 6448 NBService - ok
17:12:53.0222 6448 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:12:53.0229 6448 NDIS - ok
17:12:53.0240 6448 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:12:53.0241 6448 NdisCap - ok
17:12:53.0260 6448 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:12:53.0261 6448 NdisTapi - ok
17:12:53.0282 6448 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:12:53.0283 6448 Ndisuio - ok
17:12:53.0295 6448 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:12:53.0297 6448 NdisWan - ok
17:12:53.0306 6448 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:12:53.0307 6448 NDProxy - ok
17:12:53.0314 6448 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:12:53.0315 6448 NetBIOS - ok
17:12:53.0319 6448 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:12:53.0321 6448 NetBT - ok
17:12:53.0323 6448 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
17:12:53.0324 6448 Netlogon - ok
17:12:53.0356 6448 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:12:53.0360 6448 Netman - ok
17:12:53.0373 6448 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:12:53.0377 6448 netprofm - ok
17:12:53.0403 6448 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:12:53.0404 6448 NetTcpPortSharing - ok
17:12:53.0412 6448 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:12:53.0413 6448 nfrd960 - ok
17:12:53.0422 6448 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:12:53.0425 6448 NlaSvc - ok
17:12:53.0502 6448 [ 433049770B810D7C83C5C94CDB3E09D2 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
17:12:53.0506 6448 NMIndexingService - ok
17:12:53.0510 6448 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:12:53.0511 6448 Npfs - ok
17:12:53.0531 6448 npggsvc - ok
17:12:53.0533 6448 NPPTNT2 - ok
17:12:53.0557 6448 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:12:53.0558 6448 nsi - ok
17:12:53.0568 6448 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:12:53.0569 6448 nsiproxy - ok
17:12:53.0611 6448 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:12:53.0623 6448 Ntfs - ok
17:12:53.0630 6448 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:12:53.0631 6448 Null - ok
17:12:53.0648 6448 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:12:53.0650 6448 NVHDA - ok
17:12:53.0827 6448 [ 0EB204639119370F5F8F2871FBF4E14B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:12:54.0005 6448 nvlddmkm - ok
17:12:54.0044 6448 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:12:54.0046 6448 nvraid - ok
17:12:54.0055 6448 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:12:54.0057 6448 nvstor - ok
17:12:54.0107 6448 [ 32FF8EE6DCEE5C0CB91FF892FB1CA364 ] NVSvc C:\Windows\system32\nvvsvc.exe
17:12:54.0114 6448 NVSvc - ok
17:12:54.0172 6448 [ BD012DC22C78BE1071BC21EB125D782F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:12:54.0201 6448 nvUpdatusService - ok
17:12:54.0222 6448 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:12:54.0224 6448 nv_agp - ok
17:12:54.0235 6448 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:12:54.0236 6448 ohci1394 - ok
17:12:54.0306 6448 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:12:54.0307 6448 ose - ok
17:12:54.0317 6448 Scan interrupted by user!
17:12:54.0317 6448 ================ Scan global ===============================
17:12:54.0317 6448 Scan interrupted by user!
17:12:54.0317 6448 ================ Scan MBR ==================================
17:12:54.0317 6448 Scan interrupted by user!
17:12:54.0317 6448 ================ Scan VBR ==================================
17:12:54.0317 6448 Scan interrupted by user!
17:12:54.0317 6448 ============================================================
17:12:54.0317 6448 Scan finished
17:12:54.0317 6448 ============================================================
17:12:54.0321 7940 Detected object count: 1
17:12:54.0321 7940 Actual detected object count: 1
17:13:01.0895 7940 iaStor ( ForgedFile.Multi.Generic ) - skipped by user
17:13:01.0895 7940 iaStor ( ForgedFile.Multi.Generic ) - User select action: Skip
17:13:13.0118 4832 ============================================================
17:13:13.0118 4832 Scan started
17:13:13.0118 4832 Mode: Manual;
17:13:13.0118 4832 ============================================================
17:13:14.0038 4832 ================ Scan system memory ========================
17:13:14.0038 4832 System memory - ok
17:13:14.0039 4832 ================ Scan services =============================
17:13:14.0155 4832 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:13:14.0157 4832 1394ohci - ok
17:13:14.0185 4832 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
17:13:14.0185 4832 acedrv11 - ok
17:13:14.0195 4832 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:13:14.0196 4832 ACPI - ok
17:13:14.0204 4832 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:13:14.0204 4832 AcpiPmi - ok
17:13:14.0290 4832 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:13:14.0291 4832 AdobeFlashPlayerUpdateSvc - ok
17:13:14.0304 4832 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:13:14.0306 4832 adp94xx - ok
17:13:14.0317 4832 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:13:14.0318 4832 adpahci - ok
17:13:14.0330 4832 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:13:14.0331 4832 adpu320 - ok
17:13:14.0351 4832 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:13:14.0352 4832 AeLookupSvc - ok
17:13:14.0379 4832 [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD C:\Windows\system32\drivers\afd.sys
17:13:14.0383 4832 AFD - ok
17:13:14.0391 4832 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:13:14.0392 4832 agp440 - ok
17:13:14.0405 4832 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:13:14.0407 4832 ALG - ok
17:13:14.0414 4832 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:13:14.0414 4832 aliide - ok
17:13:14.0417 4832 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:13:14.0418 4832 amdide - ok
17:13:14.0428 4832 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:13:14.0428 4832 AmdK8 - ok
17:13:14.0437 4832 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:13:14.0438 4832 AmdPPM - ok
17:13:14.0459 4832 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:13:14.0460 4832 amdsata - ok
17:13:14.0473 4832 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:13:14.0474 4832 amdsbs - ok
17:13:14.0487 4832 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:13:14.0487 4832 amdxata - ok
17:13:14.0510 4832 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
17:13:14.0510 4832 androidusb - ok
17:13:14.0517 4832 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:13:14.0518 4832 AppID - ok
17:13:14.0525 4832 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:13:14.0525 4832 AppIDSvc - ok
17:13:14.0548 4832 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:13:14.0548 4832 Appinfo - ok
17:13:14.0563 4832 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:13:14.0563 4832 arc - ok
17:13:14.0582 4832 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:13:14.0582 4832 arcsas - ok
17:13:14.0611 4832 [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
17:13:14.0611 4832 asmthub3 - ok
17:13:14.0639 4832 [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
17:13:14.0640 4832 asmtxhci - ok
17:13:14.0650 4832 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:13:14.0651 4832 AsyncMac - ok
17:13:14.0658 4832 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:13:14.0658 4832 atapi - ok
17:13:14.0671 4832 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:13:14.0673 4832 AudioEndpointBuilder - ok
17:13:14.0679 4832 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:13:14.0681 4832 AudioSrv - ok
17:13:14.0830 4832 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:13:14.0847 4832 AVGIDSAgent - ok
17:13:14.0870 4832 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:13:14.0871 4832 AVGIDSDriver - ok
17:13:14.0880 4832 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
17:13:14.0881 4832 AVGIDSFilter - ok
17:13:14.0896 4832 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
17:13:14.0896 4832 AVGIDSHA - ok
17:13:14.0911 4832 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
17:13:14.0912 4832 Avgldx64 - ok
17:13:14.0939 4832 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
17:13:14.0940 4832 Avgmfx64 - ok
17:13:14.0960 4832 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
17:13:14.0961 4832 Avgrkx64 - ok
17:13:14.0979 4832 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
17:13:14.0980 4832 Avgtdia - ok
17:13:14.0989 4832 [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
17:13:14.0990 4832 avgtp - ok
17:13:15.0010 4832 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:13:15.0012 4832 avgwd - ok
17:13:15.0021 4832 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:13:15.0022 4832 AxInstSV - ok
17:13:15.0055 4832 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:13:15.0058 4832 b06bdrv - ok
17:13:15.0076 4832 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:13:15.0078 4832 b57nd60a - ok
17:13:15.0113 4832 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:13:15.0114 4832 BBSvc - ok
17:13:15.0122 4832 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:13:15.0124 4832 BDESVC - ok
17:13:15.0137 4832 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:13:15.0138 4832 Beep - ok
17:13:15.0174 4832 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:13:15.0180 4832 BFE - ok
17:13:15.0225 4832 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
17:13:15.0233 4832 BITS - ok
17:13:15.0248 4832 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:13:15.0249 4832 blbdrive - ok
17:13:15.0277 4832 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:13:15.0278 4832 bowser - ok
17:13:15.0285 4832 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:13:15.0286 4832 BrFiltLo - ok
17:13:15.0291 4832 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:13:15.0292 4832 BrFiltUp - ok
17:13:15.0301 4832 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:13:15.0302 4832 BridgeMP - ok
17:13:15.0309 4832 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
17:13:15.0310 4832 Browser - ok
17:13:15.0327 4832 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:13:15.0328 4832 Brserid - ok
17:13:15.0338 4832 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:13:15.0339 4832 BrSerWdm - ok
17:13:15.0349 4832 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:13:15.0349 4832 BrUsbMdm - ok
17:13:15.0357 4832 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:13:15.0358 4832 BrUsbSer - ok
17:13:15.0369 4832 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:13:15.0370 4832 BTHMODEM - ok
17:13:15.0373 4832 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:13:15.0374 4832 bthserv - ok
17:13:15.0387 4832 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:13:15.0388 4832 cdfs - ok
17:13:15.0399 4832 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:13:15.0400 4832 cdrom - ok
17:13:15.0404 4832 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:13:15.0405 4832 CertPropSvc - ok
17:13:15.0415 4832 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:13:15.0416 4832 circlass - ok
17:13:15.0425 4832 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:13:15.0426 4832 CLFS - ok
17:13:15.0474 4832 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:13:15.0476 4832 clr_optimization_v2.0.50727_32 - ok
17:13:15.0518 4832 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:13:15.0520 4832 clr_optimization_v2.0.50727_64 - ok
17:13:15.0574 4832 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:13:15.0575 4832 clr_optimization_v4.0.30319_32 - ok
17:13:15.0605 4832 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:13:15.0607 4832 clr_optimization_v4.0.30319_64 - ok
17:13:15.0638 4832 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:13:15.0639 4832 CmBatt - ok
17:13:15.0666 4832 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:13:15.0666 4832 cmdide - ok
17:13:15.0710 4832 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
17:13:15.0714 4832 CNG - ok
17:13:15.0760 4832 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:13:15.0761 4832 Compbatt - ok
17:13:15.0789 4832 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:13:15.0790 4832 CompositeBus - ok
17:13:15.0794 4832 COMSysApp - ok
17:13:15.0806 4832 [ 262969A3FAB32B9E17E63E2D17A57744 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
17:13:15.0807 4832 cpuz135 - ok
17:13:15.0824 4832 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:13:15.0824 4832 crcdisk - ok
17:13:15.0850 4832 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:13:15.0852 4832 CryptSvc - ok
17:13:15.0873 4832 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:13:15.0878 4832 DcomLaunch - ok
17:13:15.0885 4832 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:13:15.0886 4832 defragsvc - ok
17:13:15.0894 4832 [ 178A6E9A0DCE42959FC5AD129F60CBA9 ] dfmirage C:\Windows\system32\DRIVERS\dfmirage.sys
17:13:15.0895 4832 dfmirage - ok
17:13:15.0912 4832 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:13:15.0913 4832 DfsC - ok
17:13:15.0933 4832 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:13:15.0933 4832 dg_ssudbus - ok
17:13:15.0957 4832 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:13:15.0959 4832 Dhcp - ok
17:13:15.0988 4832 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

psouk300 · Příspěvekod **psouk300** » 01 říj 2012 17:42

TDSSKiller 1. část
17:12:44.0620 5712 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:12:44.0824 5712 ============================================================
17:12:44.0824 5712 Current date / time: 2012/10/01 17:12:44.0824
17:12:44.0824 5712 SystemInfo:
17:12:44.0824 5712
17:12:44.0824 5712 OS Version: 6.1.7600 ServicePack: 0.0
17:12:44.0824 5712 Product type: Workstation
17:12:44.0824 5712 ComputerName: PŠOUK-PC
17:12:44.0824 5712 UserName: Pšouk
17:12:44.0824 5712 Windows directory: C:\Windows
17:12:44.0824 5712 System windows directory: C:\Windows
17:12:44.0824 5712 Running under WOW64
17:12:44.0824 5712 Processor architecture: Intel x64
17:12:44.0824 5712 Number of processors: 4
17:12:44.0824 5712 Page size: 0x1000
17:12:44.0824 5712 Boot type: Normal boot
17:12:44.0824 5712 ============================================================
17:12:45.0552 5712 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:12:45.0570 5712 ============================================================
17:12:45.0570 5712 \Device\Harddisk0\DR0:
17:12:45.0570 5712 MBR partitions:
17:12:45.0570 5712 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x27100000
17:12:45.0570 5712 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x27100800, BlocksNum 0x4D605000
17:12:45.0570 5712 ============================================================
17:12:45.0594 5712 C: <-> \Device\Harddisk0\DR0\Partition1
17:12:45.0632 5712 D: <-> \Device\Harddisk0\DR0\Partition2
17:12:45.0632 5712 ============================================================
17:12:45.0632 5712 Initialize success
17:12:45.0632 5712 ============================================================
17:12:47.0303 6448 ============================================================
17:12:47.0303 6448 Scan started
17:12:47.0303 6448 Mode: Manual;
17:12:47.0303 6448 ============================================================
17:12:48.0319 6448 ================ Scan system memory ========================
17:12:48.0319 6448 System memory - ok
17:12:48.0320 6448 ================ Scan services =============================
17:12:48.0429 6448 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:12:48.0431 6448 1394ohci - ok
17:12:48.0476 6448 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
17:12:48.0478 6448 acedrv11 - ok
17:12:48.0487 6448 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:12:48.0489 6448 ACPI - ok
17:12:48.0512 6448 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:12:48.0513 6448 AcpiPmi - ok
17:12:48.0623 6448 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:12:48.0625 6448 AdobeFlashPlayerUpdateSvc - ok
17:12:48.0637 6448 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:12:48.0641 6448 adp94xx - ok
17:12:48.0667 6448 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:12:48.0670 6448 adpahci - ok
17:12:48.0688 6448 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:12:48.0691 6448 adpu320 - ok
17:12:48.0709 6448 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:12:48.0710 6448 AeLookupSvc - ok
17:12:48.0745 6448 [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD C:\Windows\system32\drivers\afd.sys
17:12:48.0749 6448 AFD - ok
17:12:48.0758 6448 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:12:48.0759 6448 agp440 - ok
17:12:48.0772 6448 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:12:48.0773 6448 ALG - ok
17:12:48.0781 6448 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:12:48.0781 6448 aliide - ok
17:12:48.0784 6448 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:12:48.0785 6448 amdide - ok
17:12:48.0794 6448 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:12:48.0796 6448 AmdK8 - ok
17:12:48.0804 6448 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:12:48.0805 6448 AmdPPM - ok
17:12:48.0834 6448 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:12:48.0836 6448 amdsata - ok
17:12:48.0848 6448 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:12:48.0850 6448 amdsbs - ok
17:12:48.0852 6448 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:12:48.0852 6448 amdxata - ok
17:12:48.0876 6448 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
17:12:48.0877 6448 androidusb - ok
17:12:48.0892 6448 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:12:48.0893 6448 AppID - ok
17:12:48.0900 6448 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:12:48.0900 6448 AppIDSvc - ok
17:12:48.0923 6448 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:12:48.0924 6448 Appinfo - ok
17:12:48.0938 6448 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:12:48.0939 6448 arc - ok
17:12:48.0957 6448 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:12:48.0958 6448 arcsas - ok
17:12:49.0002 6448 [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
17:12:49.0004 6448 asmthub3 - ok
17:12:49.0030 6448 [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
17:12:49.0034 6448 asmtxhci - ok
17:12:49.0050 6448 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:12:49.0051 6448 AsyncMac - ok
17:12:49.0058 6448 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:12:49.0058 6448 atapi - ok
17:12:49.0088 6448 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:12:49.0094 6448 AudioEndpointBuilder - ok
17:12:49.0100 6448 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:12:49.0103 6448 AudioSrv - ok
17:12:49.0231 6448 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:12:49.0299 6448 AVGIDSAgent - ok
17:12:49.0328 6448 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:12:49.0330 6448 AVGIDSDriver - ok
17:12:49.0338 6448 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
17:12:49.0339 6448 AVGIDSFilter - ok
17:12:49.0354 6448 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
17:12:49.0355 6448 AVGIDSHA - ok
17:12:49.0369 6448 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
17:12:49.0372 6448 Avgldx64 - ok
17:12:49.0389 6448 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
17:12:49.0390 6448 Avgmfx64 - ok
17:12:49.0419 6448 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
17:12:49.0419 6448 Avgrkx64 - ok
17:12:49.0428 6448 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
17:12:49.0431 6448 Avgtdia - ok
17:12:49.0449 6448 [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
17:12:49.0450 6448 avgtp - ok
17:12:49.0467 6448 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:12:49.0468 6448 avgwd - ok
17:12:49.0478 6448 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:12:49.0480 6448 AxInstSV - ok
17:12:49.0503 6448 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:12:49.0507 6448 b06bdrv - ok
17:12:49.0541 6448 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:12:49.0544 6448 b57nd60a - ok
17:12:49.0578 6448 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:12:49.0580 6448 BBSvc - ok
17:12:49.0597 6448 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:12:49.0598 6448 BDESVC - ok
17:12:49.0612 6448 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:12:49.0613 6448 Beep - ok
17:12:49.0639 6448 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:12:49.0645 6448 BFE - ok
17:12:49.0682 6448 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
17:12:49.0689 6448 BITS - ok
17:12:49.0692 6448 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:12:49.0693 6448 blbdrive - ok
17:12:49.0719 6448 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:12:49.0720 6448 bowser - ok
17:12:49.0736 6448 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:12:49.0737 6448 BrFiltLo - ok
17:12:49.0742 6448 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:12:49.0743 6448 BrFiltUp - ok
17:12:49.0752 6448 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:12:49.0753 6448 BridgeMP - ok
17:12:49.0768 6448 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
17:12:49.0770 6448 Browser - ok
17:12:49.0786 6448 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:12:49.0853 6448 Brserid - ok
17:12:49.0864 6448 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:12:49.0884 6448 BrSerWdm - ok
17:12:49.0942 6448 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:12:49.0995 6448 BrUsbMdm - ok
17:12:50.0033 6448 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:12:50.0034 6448 BrUsbSer - ok
17:12:50.0045 6448 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:12:50.0047 6448 BTHMODEM - ok
17:12:50.0051 6448 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:12:50.0052 6448 bthserv - ok
17:12:50.0063 6448 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:12:50.0064 6448 cdfs - ok
17:12:50.0075 6448 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:12:50.0077 6448 cdrom - ok
17:12:50.0097 6448 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:12:50.0098 6448 CertPropSvc - ok
17:12:50.0108 6448 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:12:50.0109 6448 circlass - ok
17:12:50.0125 6448 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:12:50.0128 6448 CLFS - ok
17:12:50.0192 6448 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:12:50.0193 6448 clr_optimization_v2.0.50727_32 - ok
17:12:50.0236 6448 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:12:50.0238 6448 clr_optimization_v2.0.50727_64 - ok
17:12:50.0307 6448 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:12:50.0308 6448 clr_optimization_v4.0.30319_32 - ok
17:12:50.0339 6448 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:12:50.0340 6448 clr_optimization_v4.0.30319_64 - ok
17:12:50.0347 6448 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:12:50.0348 6448 CmBatt - ok
17:12:50.0350 6448 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:12:50.0351 6448 cmdide - ok
17:12:50.0365 6448 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
17:12:50.0369 6448 CNG - ok
17:12:50.0377 6448 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:12:50.0378 6448 Compbatt - ok
17:12:50.0384 6448 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:12:50.0385 6448 CompositeBus - ok
17:12:50.0386 6448 COMSysApp - ok
17:12:50.0418 6448 [ 262969A3FAB32B9E17E63E2D17A57744 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
17:12:50.0419 6448 cpuz135 - ok
17:12:50.0424 6448 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:12:50.0425 6448 crcdisk - ok
17:12:50.0450 6448 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:12:50.0452 6448 CryptSvc - ok
17:12:50.0480 6448 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:12:50.0485 6448 DcomLaunch - ok
17:12:50.0494 6448 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:12:50.0497 6448 defragsvc - ok
17:12:50.0520 6448 [ 178A6E9A0DCE42959FC5AD129F60CBA9 ] dfmirage C:\Windows\system32\DRIVERS\dfmirage.sys
17:12:50.0521 6448 dfmirage - ok
17:12:50.0538 6448 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:12:50.0539 6448 DfsC - ok
17:12:50.0558 6448 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:12:50.0560 6448 dg_ssudbus - ok
17:12:50.0583 6448 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:12:50.0586 6448 Dhcp - ok
17:12:50.0614 6448 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:12:50.0615 6448 discache - ok
17:12:50.0626 6448 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:12:50.0627 6448 Disk - ok
17:12:50.0650 6448 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:12:50.0652 6448 Dnscache - ok
17:12:50.0678 6448 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:12:50.0680 6448 dot3svc - ok
17:12:50.0708 6448 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:12:50.0711 6448 DPS - ok
17:12:50.0739 6448 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:12:50.0740 6448 drmkaud - ok
17:12:50.0773 6448 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:12:50.0775 6448 dtsoftbus01 - ok
17:12:50.0810 6448 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:12:50.0818 6448 DXGKrnl - ok
17:12:50.0841 6448 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:12:50.0842 6448 EapHost - ok
17:12:50.0888 6448 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:12:50.0927 6448 ebdrv - ok
17:12:50.0953 6448 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
17:12:50.0954 6448 EFS - ok
17:12:51.0011 6448 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:12:51.0017 6448 ehRecvr - ok
17:12:51.0042 6448 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:12:51.0044 6448 ehSched - ok
17:12:51.0061 6448 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:12:51.0065 6448 elxstor - ok
17:12:51.0078 6448 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:12:51.0079 6448 ErrDev - ok
17:12:51.0099 6448 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:12:51.0102 6448 EventSystem - ok
17:12:51.0120 6448 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:12:51.0122 6448 exfat - ok
17:12:51.0134 6448 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:12:51.0137 6448 fastfat - ok
17:12:51.0164 6448 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:12:51.0170 6448 Fax - ok
17:12:51.0178 6448 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:12:51.0179 6448 fdc - ok
17:12:51.0189 6448 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:12:51.0190 6448 fdPHost - ok
17:12:51.0201 6448 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:12:51.0202 6448 FDResPub - ok
17:12:51.0207 6448 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:12:51.0208 6448 FileInfo - ok
17:12:51.0217 6448 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:12:51.0218 6448 Filetrace - ok
17:12:51.0227 6448 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:12:51.0229 6448 flpydisk - ok
17:12:51.0238 6448 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:12:51.0240 6448 FltMgr - ok
17:12:51.0261 6448 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
17:12:51.0270 6448 FontCache - ok
17:12:51.0309 6448 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:12:51.0310 6448 FontCache3.0.0.0 - ok
17:12:51.0329 6448 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:12:51.0330 6448 FsDepends - ok
17:12:51.0362 6448 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:12:51.0363 6448 fssfltr - ok
17:12:51.0370 6448 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:12:51.0370 6448 Fs_Rec - ok
17:12:51.0400 6448 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:12:51.0402 6448 fvevol - ok
17:12:51.0416 6448 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:12:51.0418 6448 gagp30kx - ok
17:12:51.0433 6448 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:12:51.0439 6448 gpsvc - ok
17:12:51.0444 6448 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:12:51.0445 6448 hcw85cir - ok
17:12:51.0474 6448 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:12:51.0477 6448 HdAudAddService - ok
17:12:51.0493 6448 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:12:51.0494 6448 HDAudBus - ok
17:12:51.0502 6448 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:12:51.0503 6448 HidBatt - ok
17:12:51.0512 6448 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:12:51.0514 6448 HidBth - ok
17:12:51.0527 6448 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:12:51.0528 6448 HidIr - ok
17:12:51.0533 6448 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:12:51.0535 6448 hidserv - ok
17:12:51.0560 6448 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:12:51.0561 6448 HidUsb - ok
17:12:51.0588 6448 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:12:51.0589 6448 hkmsvc - ok
17:12:51.0593 6448 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:12:51.0595 6448 HomeGroupListener - ok
17:12:51.0618 6448 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:12:51.0620 6448 HomeGroupProvider - ok
17:12:51.0626 6448 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:12:51.0627 6448 HpSAMD - ok
17:12:51.0650 6448 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:12:51.0656 6448 HTTP - ok
17:12:51.0665 6448 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:12:51.0666 6448 hwpolicy - ok
17:12:51.0699 6448 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:12:51.0700 6448 i8042prt - ok
17:12:51.0741 6448 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:12:51.0743 6448 Suspicious file (Forged): C:\Windows\system32\DRIVERS\iaStor.sys. Real md5: 26CF4275034214ECEDD8EC17B0A18A99, Fake md5: D08C2FDE804FE39B3842DB7E70DEBE3A
17:12:51.0744 6448 iaStor ( ForgedFile.Multi.Generic ) - warning
17:12:51.0744 6448 iaStor - detected ForgedFile.Multi.Generic (1)
17:12:51.0753 6448 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:12:51.0757 6448 iaStorV - ok
17:12:51.0787 6448 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:12:51.0793 6448 idsvc - ok
17:12:51.0806 6448 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:12:51.0808 6448 iirsp - ok
17:12:51.0832 6448 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:12:51.0839 6448 IKEEXT - ok
17:12:51.0908 6448 [ EB5FA493A4B6EA290200AE39EBA2FBC6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:12:51.0939 6448 IntcAzAudAddService - ok
17:12:51.0941 6448 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:12:51.0942 6448 intelide - ok
17:12:51.0955 6448 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:12:51.0956 6448 intelppm - ok
17:12:51.0968 6448 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:12:51.0970 6448 IPBusEnum - ok
17:12:51.0979 6448 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:12:51.0980 6448 IpFilterDriver - ok
17:12:51.0995 6448 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:12:51.0999 6448 iphlpsvc - ok
17:12:52.0006 6448 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:12:52.0007 6448 IPMIDRV - ok
17:12:52.0023 6448 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:12:52.0024 6448 IPNAT - ok
17:12:52.0026 6448 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:12:52.0027 6448 IRENUM - ok
17:12:52.0036 6448 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:12:52.0037 6448 isapnp - ok
17:12:52.0059 6448 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:12:52.0061 6448 iScsiPrt - ok
17:12:52.0071 6448 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:12:52.0072 6448 kbdclass - ok
17:12:52.0083 6448 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:12:52.0085 6448 kbdhid - ok
17:12:52.0094 6448 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
17:12:52.0095 6448 KeyIso - ok
17:12:52.0114 6448 KMService - ok
17:12:52.0123 6448 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:12:52.0124 6448 KSecDD - ok
17:12:52.0147 6448 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:12:52.0149 6448 KSecPkg - ok
17:12:52.0156 6448 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:12:52.0158 6448 ksthunk - ok
17:12:52.0182 6448 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:12:52.0185 6448 KtmRm - ok
17:12:52.0215 6448 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:12:52.0218 6448 LanmanServer - ok
17:12:52.0245 6448 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:12:52.0247 6448 LanmanWorkstation - ok
17:12:52.0268 6448 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:12:52.0269 6448 lltdio - ok
17:12:52.0279 6448 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:12:52.0282 6448 lltdsvc - ok
17:12:52.0290 6448 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:12:52.0291 6448 lmhosts - ok
17:12:52.0303 6448 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:12:52.0305 6448 LSI_FC - ok
17:12:52.0311 6448 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:12:52.0312 6448 LSI_SAS - ok
17:12:52.0325 6448 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:12:52.0326 6448 LSI_SAS2 - ok
17:12:52.0338 6448 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:12:52.0340 6448 LSI_SCSI - ok
17:12:52.0349 6448 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:12:52.0350 6448 luafv - ok
17:12:52.0367 6448 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
17:12:52.0368 6448 LVPr2M64 - ok
17:12:52.0379 6448 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
17:12:52.0380 6448 LVPr2Mon - ok
17:12:52.0421 6448 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
17:12:52.0422 6448 LVPrcS64 - ok
17:12:52.0446 6448 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:12:52.0448 6448 Mcx2Svc - ok
17:12:52.0459 6448 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:12:52.0460 6448 megasas - ok
17:12:52.0473 6448 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:12:52.0476 6448 MegaSR - ok
17:12:52.0502 6448 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:12:52.0504 6448 MEIx64 - ok
17:12:52.0543 6448 Microsoft SharePoint Workspace Audit Service - ok
17:12:52.0564 6448 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:12:52.0566 6448 MMCSS - ok
17:12:52.0573 6448 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:12:52.0574 6448 Modem - ok
17:12:52.0586 6448 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:12:52.0587 6448 monitor - ok
17:12:52.0591 6448 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:12:52.0592 6448 mouclass - ok
17:12:52.0597 6448 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:12:52.0598 6448 mouhid - ok
17:12:52.0608 6448 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:12:52.0609 6448 mountmgr - ok
17:12:52.0654 6448 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:12:52.0655 6448 MozillaMaintenance - ok
17:12:52.0682 6448 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:12:52.0683 6448 mpio - ok
17:12:52.0693 6448 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:12:52.0702 6448 mpsdrv - ok
17:12:52.0739 6448 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:12:52.0758 6448 MpsSvc - ok
17:12:52.0779 6448 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:12:52.0783 6448 MRxDAV - ok
17:12:52.0812 6448 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:12:52.0815 6448 mrxsmb - ok
17:12:52.0828 6448 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:12:52.0832 6448 mrxsmb10 - ok
17:12:52.0846 6448 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:12:52.0848 6448 mrxsmb20 - ok
17:12:52.0855 6448 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:12:52.0856 6448 msahci - ok
17:12:52.0865 6448 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:12:52.0867 6448 msdsm - ok
17:12:52.0889 6448 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:12:52.0891 6448 MSDTC - ok
17:12:52.0904 6448 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:12:52.0905 6448 Msfs - ok
17:12:52.0914 6448 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:12:52.0915 6448 mshidkmdf - ok
17:12:52.0927 6448 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:12:52.0927 6448 msisadrv - ok
17:12:52.0953 6448 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:12:52.0955 6448 MSiSCSI - ok
17:12:52.0957 6448 msiserver - ok
17:12:52.0976 6448 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:12:52.0977 6448 MSKSSRV - ok
17:12:52.0996 6448 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:12:52.0997 6448 MSPCLOCK - ok
17:12:53.0013 6448 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:12:53.0014 6448 MSPQM - ok
17:12:53.0028 6448 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:12:53.0031 6448 MsRPC - ok
17:12:53.0034 6448 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:12:53.0034 6448 mssmbios - ok
17:12:53.0044 6448 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:12:53.0045 6448 MSTEE - ok
17:12:53.0057 6448 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:12:53.0058 6448 MTConfig - ok
17:12:53.0065 6448 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:12:53.0066 6448 Mup - ok
17:12:53.0090 6448 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:12:53.0094 6448 napagent - ok
17:12:53.0105 6448 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:12:53.0108 6448 NativeWifiP - ok
17:12:53.0186 6448 [ 89844C3D3A7AAE8999E229C88E452633 ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
17:12:53.0192 6448 NBService - ok
17:12:53.0222 6448 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:12:53.0229 6448 NDIS - ok
17:12:53.0240 6448 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:12:53.0241 6448 NdisCap - ok
17:12:53.0260 6448 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:12:53.0261 6448 NdisTapi - ok
17:12:53.0282 6448 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:12:53.0283 6448 Ndisuio - ok
17:12:53.0295 6448 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:12:53.0297 6448 NdisWan - ok
17:12:53.0306 6448 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:12:53.0307 6448 NDProxy - ok
17:12:53.0314 6448 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:12:53.0315 6448 NetBIOS - ok
17:12:53.0319 6448 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:12:53.0321 6448 NetBT - ok
17:12:53.0323 6448 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
17:12:53.0324 6448 Netlogon - ok
17:12:53.0356 6448 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:12:53.0360 6448 Netman - ok
17:12:53.0373 6448 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:12:53.0377 6448 netprofm - ok
17:12:53.0403 6448 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:12:53.0404 6448 NetTcpPortSharing - ok
17:12:53.0412 6448 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:12:53.0413 6448 nfrd960 - ok
17:12:53.0422 6448 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:12:53.0425 6448 NlaSvc - ok
17:12:53.0502 6448 [ 433049770B810D7C83C5C94CDB3E09D2 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
17:12:53.0506 6448 NMIndexingService - ok
17:12:53.0510 6448 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:12:53.0511 6448 Npfs - ok
17:12:53.0531 6448 npggsvc - ok
17:12:53.0533 6448 NPPTNT2 - ok
17:12:53.0557 6448 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:12:53.0558 6448 nsi - ok
17:12:53.0568 6448 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:12:53.0569 6448 nsiproxy - ok
17:12:53.0611 6448 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:12:53.0623 6448 Ntfs - ok
17:12:53.0630 6448 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:12:53.0631 6448 Null - ok
17:12:53.0648 6448 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:12:53.0650 6448 NVHDA - ok
17:12:53.0827 6448 [ 0EB204639119370F5F8F2871FBF4E14B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:12:54.0005 6448 nvlddmkm - ok
17:12:54.0044 6448 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:12:54.0046 6448 nvraid - ok
17:12:54.0055 6448 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:12:54.0057 6448 nvstor - ok
17:12:54.0107 6448 [ 32FF8EE6DCEE5C0CB91FF892FB1CA364 ] NVSvc C:\Windows\system32\nvvsvc.exe
17:12:54.0114 6448 NVSvc - ok
17:12:54.0172 6448 [ BD012DC22C78BE1071BC21EB125D782F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:12:54.0201 6448 nvUpdatusService - ok
17:12:54.0222 6448 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:12:54.0224 6448 nv_agp - ok
17:12:54.0235 6448 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:12:54.0236 6448 ohci1394 - ok
17:12:54.0306 6448 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:12:54.0307 6448 ose - ok
17:12:54.0317 6448 Scan interrupted by user!
17:12:54.0317 6448 ================ Scan global ===============================
17:12:54.0317 6448 Scan interrupted by user!
17:12:54.0317 6448 ================ Scan MBR ==================================
17:12:54.0317 6448 Scan interrupted by user!
17:12:54.0317 6448 ================ Scan VBR ==================================
17:12:54.0317 6448 Scan interrupted by user!
17:12:54.0317 6448 ============================================================
17:12:54.0317 6448 Scan finished
17:12:54.0317 6448 ============================================================
17:12:54.0321 7940 Detected object count: 1
17:12:54.0321 7940 Actual detected object count: 1
17:13:01.0895 7940 iaStor ( ForgedFile.Multi.Generic ) - skipped by user
17:13:01.0895 7940 iaStor ( ForgedFile.Multi.Generic ) - User select action: Skip
17:13:13.0118 4832 ============================================================
17:13:13.0118 4832 Scan started
17:13:13.0118 4832 Mode: Manual;
17:13:13.0118 4832 ============================================================
17:13:14.0038 4832 ================ Scan system memory ========================
17:13:14.0038 4832 System memory - ok
17:13:14.0039 4832 ================ Scan services =============================
17:13:14.0155 4832 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:13:14.0157 4832 1394ohci - ok
17:13:14.0185 4832 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
17:13:14.0185 4832 acedrv11 - ok
17:13:14.0195 4832 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:13:14.0196 4832 ACPI - ok
17:13:14.0204 4832 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:13:14.0204 4832 AcpiPmi - ok
17:13:14.0290 4832 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:13:14.0291 4832 AdobeFlashPlayerUpdateSvc - ok
17:13:14.0304 4832 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:13:14.0306 4832 adp94xx - ok
17:13:14.0317 4832 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:13:14.0318 4832 adpahci - ok
17:13:14.0330 4832 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:13:14.0331 4832 adpu320 - ok
17:13:14.0351 4832 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:13:14.0352 4832 AeLookupSvc - ok
17:13:14.0379 4832 [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD C:\Windows\system32\drivers\afd.sys
17:13:14.0383 4832 AFD - ok
17:13:14.0391 4832 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:13:14.0392 4832 agp440 - ok
17:13:14.0405 4832 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:13:14.0407 4832 ALG - ok
17:13:14.0414 4832 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:13:14.0414 4832 aliide - ok
17:13:14.0417 4832 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:13:14.0418 4832 amdide - ok
17:13:14.0428 4832 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:13:14.0428 4832 AmdK8 - ok
17:13:14.0437 4832 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:13:14.0438 4832 AmdPPM - ok
17:13:14.0459 4832 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:13:14.0460 4832 amdsata - ok
17:13:14.0473 4832 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:13:14.0474 4832 amdsbs - ok
17:13:14.0487 4832 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:13:14.0487 4832 amdxata - ok
17:13:14.0510 4832 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
17:13:14.0510 4832 androidusb - ok
17:13:14.0517 4832 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:13:14.0518 4832 AppID - ok
17:13:14.0525 4832 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:13:14.0525 4832 AppIDSvc - ok
17:13:14.0548 4832 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:13:14.0548 4832 Appinfo - ok
17:13:14.0563 4832 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:13:14.0563 4832 arc - ok
17:13:14.0582 4832 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:13:14.0582 4832 arcsas - ok
17:13:14.0611 4832 [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
17:13:14.0611 4832 asmthub3 - ok
17:13:14.0639 4832 [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
17:13:14.0640 4832 asmtxhci - ok
17:13:14.0650 4832 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:13:14.0651 4832 AsyncMac - ok
17:13:14.0658 4832 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:13:14.0658 4832 atapi - ok
17:13:14.0671 4832 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:13:14.0673 4832 AudioEndpointBuilder - ok
17:13:14.0679 4832 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:13:14.0681 4832 AudioSrv - ok
17:13:14.0830 4832 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:13:14.0847 4832 AVGIDSAgent - ok
17:13:14.0870 4832 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:13:14.0871 4832 AVGIDSDriver - ok
17:13:14.0880 4832 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
17:13:14.0881 4832 AVGIDSFilter - ok
17:13:14.0896 4832 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
17:13:14.0896 4832 AVGIDSHA - ok
17:13:14.0911 4832 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
17:13:14.0912 4832 Avgldx64 - ok
17:13:14.0939 4832 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
17:13:14.0940 4832 Avgmfx64 - ok
17:13:14.0960 4832 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
17:13:14.0961 4832 Avgrkx64 - ok
17:13:14.0979 4832 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
17:13:14.0980 4832 Avgtdia - ok
17:13:14.0989 4832 [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
17:13:14.0990 4832 avgtp - ok
17:13:15.0010 4832 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:13:15.0012 4832 avgwd - ok
17:13:15.0021 4832 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:13:15.0022 4832 AxInstSV - ok
17:13:15.0055 4832 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:13:15.0058 4832 b06bdrv - ok
17:13:15.0076 4832 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:13:15.0078 4832 b57nd60a - ok
17:13:15.0113 4832 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:13:15.0114 4832 BBSvc - ok
17:13:15.0122 4832 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:13:15.0124 4832 BDESVC - ok
17:13:15.0137 4832 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:13:15.0138 4832 Beep - ok
17:13:15.0174 4832 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:13:15.0180 4832 BFE - ok
17:13:15.0225 4832 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
17:13:15.0233 4832 BITS - ok
17:13:15.0248 4832 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:13:15.0249 4832 blbdrive - ok
17:13:15.0277 4832 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:13:15.0278 4832 bowser - ok
17:13:15.0285 4832 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:13:15.0286 4832 BrFiltLo - ok
17:13:15.0291 4832 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:13:15.0292 4832 BrFiltUp - ok
17:13:15.0301 4832 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:13:15.0302 4832 BridgeMP - ok
17:13:15.0309 4832 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
17:13:15.0310 4832 Browser - ok
17:13:15.0327 4832 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:13:15.0328 4832 Brserid - ok
17:13:15.0338 4832 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:13:15.0339 4832 BrSerWdm - ok
17:13:15.0349 4832 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:13:15.0349 4832 BrUsbMdm - ok
17:13:15.0357 4832 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:13:15.0358 4832 BrUsbSer - ok
17:13:15.0369 4832 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:13:15.0370 4832 BTHMODEM - ok
17:13:15.0373 4832 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:13:15.0374 4832 bthserv - ok
17:13:15.0387 4832 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:13:15.0388 4832 cdfs - ok
17:13:15.0399 4832 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:13:15.0400 4832 cdrom - ok
17:13:15.0404 4832 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:13:15.0405 4832 CertPropSvc - ok
17:13:15.0415 4832 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:13:15.0416 4832 circlass - ok
17:13:15.0425 4832 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:13:15.0426 4832 CLFS - ok
17:13:15.0474 4832 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:13:15.0476 4832 clr_optimization_v2.0.50727_32 - ok
17:13:15.0518 4832 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:13:15.0520 4832 clr_optimization_v2.0.50727_64 - ok
17:13:15.0574 4832 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:13:15.0575 4832 clr_optimization_v4.0.30319_32 - ok
17:13:15.0605 4832 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:13:15.0607 4832 clr_optimization_v4.0.30319_64 - ok
17:13:15.0638 4832 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:13:15.0639 4832 CmBatt - ok
17:13:15.0666 4832 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:13:15.0666 4832 cmdide - ok
17:13:15.0710 4832 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
17:13:15.0714 4832 CNG - ok
17:13:15.0760 4832 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:13:15.0761 4832 Compbatt - ok
17:13:15.0789 4832 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:13:15.0790 4832 CompositeBus - ok
17:13:15.0794 4832 COMSysApp - ok
17:13:15.0806 4832 [ 262969A3FAB32B9E17E63E2D17A57744 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
17:13:15.0807 4832 cpuz135 - ok
17:13:15.0824 4832 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:13:15.0824 4832 crcdisk - ok
17:13:15.0850 4832 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:13:15.0852 4832 CryptSvc - ok
17:13:15.0873 4832 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:13:15.0878 4832 DcomLaunch - ok
17:13:15.0885 4832 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:13:15.0886 4832 defragsvc - ok
17:13:15.0894 4832 [ 178A6E9A0DCE42959FC5AD129F60CBA9 ] dfmirage C:\Windows\system32\DRIVERS\dfmirage.sys
17:13:15.0895 4832 dfmirage - ok
17:13:15.0912 4832 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:13:15.0913 4832 DfsC - ok
17:13:15.0933 4832 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:13:15.0933 4832 dg_ssudbus - ok
17:13:15.0957 4832 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:13:15.0959 4832 Dhcp - ok
17:13:15.0988 4832 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

psouk300 · Příspěvekod **psouk300** » 01 říj 2012 17:42

TDSSkiller 2.čast
17:13:15.0989 4832 discache - ok
17:13:16.0000 4832 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:13:16.0001 4832 Disk - ok
17:13:16.0024 4832 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:13:16.0025 4832 Dnscache - ok
17:13:16.0035 4832 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:13:16.0037 4832 dot3svc - ok
17:13:16.0057 4832 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:13:16.0058 4832 DPS - ok
17:13:16.0080 4832 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:13:16.0081 4832 drmkaud - ok
17:13:16.0105 4832 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:13:16.0106 4832 dtsoftbus01 - ok
17:13:16.0146 4832 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:13:16.0151 4832 DXGKrnl - ok
17:13:16.0173 4832 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:13:16.0174 4832 EapHost - ok
17:13:16.0221 4832 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:13:16.0231 4832 ebdrv - ok
17:13:16.0252 4832 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
17:13:16.0253 4832 EFS - ok
17:13:16.0313 4832 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:13:16.0318 4832 ehRecvr - ok
17:13:16.0350 4832 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:13:16.0352 4832 ehSched - ok
17:13:16.0368 4832 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:13:16.0370 4832 elxstor - ok
17:13:16.0377 4832 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:13:16.0378 4832 ErrDev - ok
17:13:16.0398 4832 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:13:16.0400 4832 EventSystem - ok
17:13:16.0411 4832 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:13:16.0412 4832 exfat - ok
17:13:16.0425 4832 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:13:16.0426 4832 fastfat - ok
17:13:16.0455 4832 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:13:16.0458 4832 Fax - ok
17:13:16.0469 4832 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:13:16.0469 4832 fdc - ok
17:13:16.0480 4832 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:13:16.0480 4832 fdPHost - ok
17:13:16.0484 4832 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:13:16.0484 4832 FDResPub - ok
17:13:16.0490 4832 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:13:16.0490 4832 FileInfo - ok
17:13:16.0499 4832 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:13:16.0500 4832 Filetrace - ok
17:13:16.0510 4832 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:13:16.0510 4832 flpydisk - ok
17:13:16.0520 4832 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:13:16.0522 4832 FltMgr - ok
17:13:16.0544 4832 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
17:13:16.0548 4832 FontCache - ok
17:13:16.0592 4832 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:13:16.0592 4832 FontCache3.0.0.0 - ok
17:13:16.0611 4832 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:13:16.0612 4832 FsDepends - ok
17:13:16.0628 4832 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:13:16.0628 4832 fssfltr - ok
17:13:16.0636 4832 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:13:16.0636 4832 Fs_Rec - ok
17:13:16.0657 4832 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:13:16.0658 4832 fvevol - ok
17:13:16.0674 4832 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:13:16.0675 4832 gagp30kx - ok
17:13:16.0719 4832 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:13:16.0722 4832 gpsvc - ok
17:13:16.0735 4832 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:13:16.0735 4832 hcw85cir - ok
17:13:16.0764 4832 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:13:16.0766 4832 HdAudAddService - ok
17:13:16.0775 4832 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:13:16.0776 4832 HDAudBus - ok
17:13:16.0784 4832 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:13:16.0785 4832 HidBatt - ok
17:13:16.0795 4832 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:13:16.0795 4832 HidBth - ok
17:13:16.0810 4832 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:13:16.0810 4832 HidIr - ok
17:13:16.0816 4832 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:13:16.0817 4832 hidserv - ok
17:13:16.0843 4832 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:13:16.0843 4832 HidUsb - ok
17:13:16.0870 4832 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:13:16.0871 4832 hkmsvc - ok
17:13:16.0875 4832 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:13:16.0876 4832 HomeGroupListener - ok
17:13:16.0900 4832 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:13:16.0902 4832 HomeGroupProvider - ok
17:13:16.0909 4832 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:13:16.0909 4832 HpSAMD - ok
17:13:16.0924 4832 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:13:16.0927 4832 HTTP - ok
17:13:16.0939 4832 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:13:16.0940 4832 hwpolicy - ok
17:13:16.0948 4832 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:13:16.0949 4832 i8042prt - ok
17:13:16.0974 4832 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:13:16.0976 4832 Suspicious file (Forged): C:\Windows\system32\DRIVERS\iaStor.sys. Real md5: 26CF4275034214ECEDD8EC17B0A18A99, Fake md5: D08C2FDE804FE39B3842DB7E70DEBE3A
17:13:16.0976 4832 iaStor ( ForgedFile.Multi.Generic ) - warning
17:13:16.0976 4832 iaStor - detected ForgedFile.Multi.Generic (1)
17:13:16.0986 4832 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:13:16.0987 4832 iaStorV - ok
17:13:17.0019 4832 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:13:17.0022 4832 idsvc - ok
17:13:17.0031 4832 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:13:17.0031 4832 iirsp - ok
17:13:17.0056 4832 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:13:17.0059 4832 IKEEXT - ok
17:13:17.0126 4832 [ EB5FA493A4B6EA290200AE39EBA2FBC6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:13:17.0142 4832 IntcAzAudAddService - ok
17:13:17.0145 4832 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:13:17.0145 4832 intelide - ok
17:13:17.0154 4832 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:13:17.0155 4832 intelppm - ok
17:13:17.0159 4832 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:13:17.0160 4832 IPBusEnum - ok
17:13:17.0170 4832 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:13:17.0171 4832 IpFilterDriver - ok
17:13:17.0186 4832 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:13:17.0188 4832 iphlpsvc - ok
17:13:17.0197 4832 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:13:17.0197 4832 IPMIDRV - ok
17:13:17.0222 4832 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:13:17.0223 4832 IPNAT - ok
17:13:17.0225 4832 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:13:17.0225 4832 IRENUM - ok
17:13:17.0235 4832 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:13:17.0235 4832 isapnp - ok
17:13:17.0258 4832 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:13:17.0259 4832 iScsiPrt - ok
17:13:17.0270 4832 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:13:17.0271 4832 kbdclass - ok
17:13:17.0274 4832 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:13:17.0275 4832 kbdhid - ok
17:13:17.0285 4832 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
17:13:17.0286 4832 KeyIso - ok
17:13:17.0288 4832 KMService - ok
17:13:17.0298 4832 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:13:17.0298 4832 KSecDD - ok
17:13:17.0322 4832 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:13:17.0322 4832 KSecPkg - ok
17:13:17.0331 4832 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:13:17.0331 4832 ksthunk - ok
17:13:17.0356 4832 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:13:17.0358 4832 KtmRm - ok
17:13:17.0381 4832 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:13:17.0383 4832 LanmanServer - ok
17:13:17.0411 4832 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:13:17.0412 4832 LanmanWorkstation - ok
17:13:17.0425 4832 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:13:17.0426 4832 lltdio - ok
17:13:17.0436 4832 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:13:17.0438 4832 lltdsvc - ok
17:13:17.0447 4832 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:13:17.0448 4832 lmhosts - ok
17:13:17.0460 4832 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:13:17.0461 4832 LSI_FC - ok
17:13:17.0468 4832 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:13:17.0469 4832 LSI_SAS - ok
17:13:17.0474 4832 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:13:17.0474 4832 LSI_SAS2 - ok
17:13:17.0487 4832 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:13:17.0488 4832 LSI_SCSI - ok
17:13:17.0498 4832 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:13:17.0499 4832 luafv - ok
17:13:17.0516 4832 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
17:13:17.0517 4832 LVPr2M64 - ok
17:13:17.0518 4832 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
17:13:17.0518 4832 LVPr2Mon - ok
17:13:17.0554 4832 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
17:13:17.0555 4832 LVPrcS64 - ok
17:13:17.0579 4832 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:13:17.0580 4832 Mcx2Svc - ok
17:13:17.0592 4832 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:13:17.0592 4832 megasas - ok
17:13:17.0606 4832 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:13:17.0607 4832 MegaSR - ok
17:13:17.0627 4832 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:13:17.0627 4832 MEIx64 - ok
17:13:17.0668 4832 Microsoft SharePoint Workspace Audit Service - ok
17:13:17.0689 4832 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:13:17.0691 4832 MMCSS - ok
17:13:17.0706 4832 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:13:17.0707 4832 Modem - ok
17:13:17.0719 4832 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:13:17.0719 4832 monitor - ok
17:13:17.0724 4832 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:13:17.0724 4832 mouclass - ok
17:13:17.0730 4832 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:13:17.0730 4832 mouhid - ok
17:13:17.0741 4832 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:13:17.0741 4832 mountmgr - ok
17:13:17.0748 4832 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:13:17.0749 4832 MozillaMaintenance - ok
17:13:17.0772 4832 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:13:17.0773 4832 mpio - ok
17:13:17.0784 4832 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:13:17.0784 4832 mpsdrv - ok
17:13:17.0805 4832 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:13:17.0808 4832 MpsSvc - ok
17:13:17.0820 4832 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:13:17.0821 4832 MRxDAV - ok
17:13:17.0844 4832 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:13:17.0845 4832 mrxsmb - ok
17:13:17.0860 4832 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

psouk300 · Příspěvekod **psouk300** » 01 říj 2012 17:50

TDSSkiller 3.část
17:13:17.0863 4832 mrxsmb10 - ok
17:13:17.0868 4832 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:13:17.0870 4832 mrxsmb20 - ok
17:13:17.0880 4832 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:13:17.0881 4832 msahci - ok
17:13:17.0889 4832 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:13:17.0890 4832 msdsm - ok
17:13:17.0913 4832 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:13:17.0914 4832 MSDTC - ok
17:13:17.0929 4832 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:13:17.0929 4832 Msfs - ok
17:13:17.0939 4832 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:13:17.0939 4832 mshidkmdf - ok
17:13:17.0951 4832 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:13:17.0951 4832 msisadrv - ok
17:13:17.0961 4832 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:13:17.0962 4832 MSiSCSI - ok
17:13:17.0964 4832 msiserver - ok
17:13:17.0983 4832 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:13:17.0984 4832 MSKSSRV - ok
17:13:17.0995 4832 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:13:17.0996 4832 MSPCLOCK - ok
17:13:18.0012 4832 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:13:18.0013 4832 MSPQM - ok
17:13:18.0027 4832 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:13:18.0028 4832 MsRPC - ok
17:13:18.0034 4832 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:13:18.0035 4832 mssmbios - ok
17:13:18.0043 4832 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:13:18.0044 4832 MSTEE - ok
17:13:18.0056 4832 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:13:18.0057 4832 MTConfig - ok
17:13:18.0064 4832 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:13:18.0065 4832 Mup - ok
17:13:18.0089 4832 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:13:18.0091 4832 napagent - ok
17:13:18.0104 4832 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:13:18.0106 4832 NativeWifiP - ok
17:13:18.0188 4832 [ 89844C3D3A7AAE8999E229C88E452633 ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
17:13:18.0191 4832 NBService - ok
17:13:18.0213 4832 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:13:18.0216 4832 NDIS - ok
17:13:18.0230 4832 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:13:18.0231 4832 NdisCap - ok
17:13:18.0242 4832 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:13:18.0243 4832 NdisTapi - ok
17:13:18.0256 4832 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:13:18.0257 4832 Ndisuio - ok
17:13:18.0269 4832 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:13:18.0270 4832 NdisWan - ok
17:13:18.0280 4832 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:13:18.0281 4832 NDProxy - ok
17:13:18.0289 4832 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:13:18.0289 4832 NetBIOS - ok
17:13:18.0293 4832 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:13:18.0294 4832 NetBT - ok
17:13:18.0302 4832 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
17:13:18.0302 4832 Netlogon - ok
17:13:18.0322 4832 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:13:18.0324 4832 Netman - ok
17:13:18.0339 4832 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:13:18.0341 4832 netprofm - ok
17:13:18.0368 4832 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:13:18.0370 4832 NetTcpPortSharing - ok
17:13:18.0378 4832 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:13:18.0379 4832 nfrd960 - ok
17:13:18.0398 4832 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:13:18.0400 4832 NlaSvc - ok
17:13:18.0458 4832 [ 433049770B810D7C83C5C94CDB3E09D2 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
17:13:18.0461 4832 NMIndexingService - ok
17:13:18.0465 4832 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:13:18.0466 4832 Npfs - ok
17:13:18.0470 4832 npggsvc - ok
17:13:18.0475 4832 NPPTNT2 - ok
17:13:18.0514 4832 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:13:18.0515 4832 nsi - ok
17:13:18.0517 4832 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:13:18.0517 4832 nsiproxy - ok
17:13:18.0560 4832 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:13:18.0565 4832 Ntfs - ok
17:13:18.0568 4832 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:13:18.0568 4832 Null - ok
17:13:18.0581 4832 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:13:18.0581 4832 NVHDA - ok
17:13:18.0754 4832 [ 0EB204639119370F5F8F2871FBF4E14B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:13:18.0796 4832 nvlddmkm - ok
17:13:18.0843 4832 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:13:18.0844 4832 nvraid - ok
17:13:18.0854 4832 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:13:18.0855 4832 nvstor - ok
17:13:18.0884 4832 [ 32FF8EE6DCEE5C0CB91FF892FB1CA364 ] NVSvc C:\Windows\system32\nvvsvc.exe
17:13:18.0892 4832 NVSvc - ok
17:13:18.0954 4832 [ BD012DC22C78BE1071BC21EB125D782F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:13:18.0961 4832 nvUpdatusService - ok
17:13:18.0971 4832 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:13:18.0972 4832 nv_agp - ok
17:13:18.0984 4832 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:13:18.0985 4832 ohci1394 - ok
17:13:19.0038 4832 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:13:19.0039 4832 ose - ok
17:13:19.0126 4832 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:13:19.0186 4832 osppsvc - ok
17:13:19.0224 4832 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:13:19.0228 4832 p2pimsvc - ok
17:13:19.0253 4832 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:13:19.0258 4832 p2psvc - ok
17:13:19.0270 4832 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:13:19.0273 4832 Parport - ok
17:13:19.0285 4832 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:13:19.0287 4832 partmgr - ok
17:13:19.0301 4832 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:13:19.0303 4832 PcaSvc - ok
17:13:19.0314 4832 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
17:13:19.0315 4832 pci - ok
17:13:19.0317 4832 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:13:19.0318 4832 pciide - ok
17:13:19.0328 4832 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:13:19.0330 4832 pcmcia - ok
17:13:19.0332 4832 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:13:19.0333 4832 pcw - ok
17:13:19.0346 4832 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:13:19.0351 4832 PEAUTH - ok
17:13:19.0430 4832 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:13:19.0432 4832 PerfHost - ok
17:13:19.0473 4832 [ B47DEE29B5E6E1939567A926C7A3E6A4 ] PID_0928 C:\Windows\system32\DRIVERS\LV561V64.SYS
17:13:19.0487 4832 PID_0928 - ok
17:13:19.0509 4832 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
17:13:19.0520 4832 pla - ok
17:13:19.0544 4832 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:13:19.0548 4832 PlugPlay - ok
17:13:19.0562 4832 PnkBstrA - ok
17:13:19.0570 4832 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:13:19.0571 4832 PNRPAutoReg - ok
17:13:19.0575 4832 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:13:19.0577 4832 PNRPsvc - ok
17:13:19.0609 4832 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:13:19.0613 4832 PolicyAgent - ok
17:13:19.0641 4832 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:13:19.0643 4832 Power - ok
17:13:19.0667 4832 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:13:19.0670 4832 PptpMiniport - ok
17:13:19.0683 4832 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:13:19.0685 4832 Processor - ok
17:13:19.0701 4832 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
17:13:19.0706 4832 ProfSvc - ok
17:13:19.0718 4832 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
17:13:19.0719 4832 ProtectedStorage - ok
17:13:19.0723 4832 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:13:19.0724 4832 Psched - ok
17:13:19.0752 4832 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:13:19.0763 4832 ql2300 - ok
17:13:19.0785 4832 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:13:19.0787 4832 ql40xx - ok
17:13:19.0813 4832 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:13:19.0816 4832 QWAVE - ok
17:13:19.0828 4832 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:13:19.0829 4832 QWAVEdrv - ok
17:13:19.0835 4832 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:13:19.0836 4832 RasAcd - ok
17:13:19.0846 4832 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:13:19.0848 4832 RasAgileVpn - ok
17:13:19.0857 4832 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:13:19.0859 4832 RasAuto - ok
17:13:19.0862 4832 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:13:19.0863 4832 Rasl2tp - ok
17:13:19.0884 4832 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
17:13:19.0888 4832 RasMan - ok
17:13:19.0891 4832 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:13:19.0892 4832 RasPppoe - ok
17:13:19.0904 4832 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:13:19.0906 4832 RasSstp - ok
17:13:19.0919 4832 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:13:19.0922 4832 rdbss - ok
17:13:19.0934 4832 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:13:19.0935 4832 rdpbus - ok
17:13:19.0947 4832 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:13:19.0947 4832 RDPCDD - ok
17:13:19.0951 4832 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:13:19.0951 4832 RDPENCDD - ok
17:13:19.0962 4832 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:13:19.0963 4832 RDPREFMP - ok
17:13:19.0980 4832 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:13:19.0982 4832 RDPWD - ok
17:13:19.0999 4832 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:13:20.0001 4832 rdyboost - ok
17:13:20.0026 4832 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:13:20.0028 4832 RemoteAccess - ok
17:13:20.0041 4832 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:13:20.0043 4832 RemoteRegistry - ok
17:13:20.0065 4832 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:13:20.0067 4832 RpcEptMapper - ok
17:13:20.0088 4832 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:13:20.0090 4832 RpcLocator - ok
17:13:20.0105 4832 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
17:13:20.0110 4832 RpcSs - ok
17:13:20.0116 4832 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:13:20.0117 4832 rspndr - ok
17:13:20.0153 4832 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:13:20.0158 4832 RTL8167 - ok
17:13:20.0160 4832 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
17:13:20.0161 4832 SamSs - ok
17:13:20.0223 4832 [ 328100AF2EFD951EAB657384EC361B6F ] SamsungAllShareV2.0 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
17:13:20.0224 4832 SamsungAllShareV2.0 - ok
17:13:20.0238 4832 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:13:20.0240 4832 sbp2port - ok
17:13:20.0243 4832 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:13:20.0246 4832 SCardSvr - ok
17:13:20.0283 4832 [ 07237C66E05DA6778E9F3CB67FA00736 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
17:13:20.0285 4832 SCDEmu - ok
17:13:20.0297 4832 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:13:20.0298 4832 scfilter - ok
17:13:20.0332 4832 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
17:13:20.0341 4832 Schedule - ok
17:13:20.0362 4832 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:13:20.0363 4832 SCPolicySvc - ok
17:13:20.0385 4832 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:13:20.0387 4832 SDRSVC - ok
17:13:20.0425 4832 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:13:20.0428 4832 SeaPort - ok
17:13:20.0437 4832 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:13:20.0439 4832 secdrv - ok
17:13:20.0449 4832 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
17:13:20.0451 4832 seclogon - ok
17:13:20.0454 4832 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:13:20.0456 4832 SENS - ok
17:13:20.0460 4832 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:13:20.0461 4832 SensrSvc - ok
17:13:20.0477 4832 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:13:20.0478 4832 Serenum - ok
17:13:20.0487 4832 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:13:20.0488 4832 Serial - ok
17:13:20.0493 4832 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:13:20.0494 4832 sermouse - ok
17:13:20.0509 4832 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
17:13:20.0511 4832 SessionEnv - ok
17:13:20.0521 4832 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:13:20.0523 4832 sffdisk - ok
17:13:20.0533 4832 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:13:20.0534 4832 sffp_mmc - ok
17:13:20.0537 4832 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:13:20.0537 4832 sffp_sd - ok
17:13:20.0543 4832 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:13:20.0545 4832 sfloppy - ok
17:13:20.0570 4832 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:13:20.0573 4832 SharedAccess - ok
17:13:20.0597 4832 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:13:20.0601 4832 ShellHWDetection - ok
17:13:20.0606 4832 [ 1980FE1F5A32067DAD1D8776B63C2669 ] SimpleSlideShowServer C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
17:13:20.0607 4832 SimpleSlideShowServer - ok
17:13:20.0624 4832 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:13:20.0625 4832 SiSRaid2 - ok
17:13:20.0635 4832 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:13:20.0636 4832 SiSRaid4 - ok
17:13:20.0692 4832 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:13:20.0693 4832 SkypeUpdate - ok
17:13:20.0709 4832 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:13:20.0711 4832 Smb - ok
17:13:20.0721 4832 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:13:20.0722 4832 SNMPTRAP - ok
17:13:20.0732 4832 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:13:20.0732 4832 spldr - ok
17:13:20.0757 4832 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
17:13:20.0762 4832 Spooler - ok
17:13:20.0810 4832 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
17:13:20.0885 4832 sppsvc - ok
17:13:20.0915 4832 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:13:20.0924 4832 sppuinotify - ok
17:13:21.0004 4832 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:13:21.0026 4832 srv - ok
17:13:21.0053 4832 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:13:21.0057 4832 srv2 - ok
17:13:21.0081 4832 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:13:21.0083 4832 srvnet - ok
17:13:21.0123 4832 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
17:13:21.0125 4832 ssadbus - ok
17:13:21.0137 4832 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
17:13:21.0137 4832 ssadmdfl - ok
17:13:21.0152 4832 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
17:13:21.0154 4832 ssadmdm - ok
17:13:21.0168 4832 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
17:13:21.0169 4832 ssadserd - ok
17:13:21.0209 4832 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
17:13:21.0212 4832 sscdbus - ok
17:13:21.0226 4832 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
17:13:21.0228 4832 sscdmdfl - ok
17:13:21.0241 4832 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
17:13:21.0245 4832 sscdmdm - ok
17:13:21.0259 4832 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:13:21.0262 4832 SSDPSRV - ok
17:13:21.0283 4832 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:13:21.0285 4832 SstpSvc - ok
17:13:21.0306 4832 [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:13:21.0308 4832 ssudmdm - ok
17:13:21.0330 4832 [ EF806D212D34B0E173BAEB3564D53E37 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
17:13:21.0332 4832 ss_bbus - ok
17:13:21.0371 4832 [ 08B1B34ABEBEB6AC2DEA06900C56411E ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
17:13:21.0372 4832 ss_bmdfl - ok
17:13:21.0396 4832 [ 71A9DA6BEAA4CB54DFB827FB78600A5D ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
17:13:21.0398 4832 ss_bmdm - ok
17:13:21.0418 4832 [ 677CDC98F8363ACCAAE783FDE1599C2A ] ss_bserd C:\Windows\system32\DRIVERS\ss_bserd.sys
17:13:21.0419 4832 ss_bserd - ok
17:13:21.0452 4832 Steam Client Service - ok
17:13:21.0488 4832 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:13:21.0490 4832 Stereo Service - ok
17:13:21.0492 4832 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:13:21.0494 4832 stexstor - ok
17:13:21.0534 4832 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
17:13:21.0543 4832 stisvc - ok
17:13:21.0550 4832 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:13:21.0551 4832 swenum - ok
17:13:21.0571 4832 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:13:21.0578 4832 swprv - ok
17:13:21.0605 4832 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
17:13:21.0624 4832 SysMain - ok
17:13:21.0644 4832 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:13:21.0646 4832 TabletInputService - ok
17:13:21.0657 4832 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
17:13:21.0661 4832 TapiSrv - ok
17:13:21.0667 4832 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:13:21.0668 4832 TBS - ok
17:13:21.0726 4832 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:13:21.0745 4832 Tcpip - ok
17:13:21.0762 4832 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:13:21.0768 4832 TCPIP6 - ok
17:13:21.0792 4832 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:13:21.0793 4832 tcpipreg - ok
17:13:21.0804 4832 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:13:21.0805 4832 TDPIPE - ok
17:13:21.0821 4832 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:13:21.0822 4832 TDTCP - ok
17:13:21.0837 4832 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:13:21.0839 4832 tdx - ok
17:13:21.0901 4832 [ 9C1F776825207C203CB44CA3C63B5A6E ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
17:13:21.0930 4832 TeamViewer7 - ok
17:13:21.0951 4832 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:13:21.0952 4832 TermDD - ok
17:13:21.0969 4832 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
17:13:21.0975 4832 TermService - ok
17:13:21.0983 4832 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:13:21.0984 4832 Themes - ok
17:13:22.0057 4832 [ 094185B8A19BE479707AF61FF3FA31EE ] ThinVNCService C:\Program Files (x86)\ThinVNC\ThinVnc.exe
17:13:22.0120 4832 ThinVNCService - ok
17:13:22.0146 4832 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:13:22.0147 4832 THREADORDER - ok
17:13:22.0159 4832 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:13:22.0161 4832 TrkWks - ok
17:13:22.0207 4832 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:13:22.0209 4832 TrustedInstaller - ok
17:13:22.0218 4832 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:13:22.0219 4832 tssecsrv - ok
17:13:22.0243 4832 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:13:22.0244 4832 tunnel - ok
17:13:22.0258 4832 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:13:22.0259 4832 uagp35 - ok
17:13:22.0271 4832 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:13:22.0275 4832 udfs - ok
17:13:22.0298 4832 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:13:22.0299 4832 UI0Detect - ok
17:13:22.0317 4832 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:13:22.0318 4832 uliagpkx - ok
17:13:22.0324 4832 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:13:22.0325 4832 umbus - ok
17:13:22.0338 4832 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:13:22.0339 4832 UmPass - ok
17:13:22.0350 4832 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:13:22.0354 4832 upnphost - ok
17:13:22.0380 4832 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:13:22.0382 4832 usbccgp - ok
17:13:22.0398 4832 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:13:22.0399 4832 usbcir - ok
17:13:22.0409 4832 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:13:22.0410 4832 usbehci - ok
17:13:22.0424 4832 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:13:22.0427 4832 usbhub - ok
17:13:22.0449 4832 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:13:22.0450 4832 usbohci - ok
17:13:22.0467 4832 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:13:22.0468 4832 usbprint - ok
17:13:22.0492 4832 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:13:22.0493 4832 USBSTOR - ok
17:13:22.0506 4832 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:13:22.0507 4832 usbuhci - ok
17:13:22.0529 4832 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:13:22.0532 4832 UxSms - ok
17:13:22.0543 4832 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
17:13:22.0544 4832 VaultSvc - ok
17:13:22.0552 4832 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:13:22.0553 4832 vdrvroot - ok
17:13:22.0576 4832 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
17:13:22.0581 4832 vds - ok
17:13:22.0588 4832 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:13:22.0589 4832 vga - ok
17:13:22.0599 4832 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:13:22.0600 4832 VgaSave - ok
17:13:22.0610 4832 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:13:22.0612 4832 vhdmp - ok
17:13:22.0625 4832 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:13:22.0626 4832 viaide - ok
17:13:22.0633 4832 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:13:22.0634 4832 volmgr - ok
17:13:22.0664 4832 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:13:22.0669 4832 volmgrx - ok
17:13:22.0701 4832 [ C9D0EAF58D6BA71E128E715EA43AD87D ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
17:13:22.0710 4832 volsnap - ok
17:13:22.0731 4832 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:13:22.0742 4832 vsmraid - ok
17:13:22.0766 4832 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
17:13:22.0784 4832 VSS - ok
17:13:22.0842 4832 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
17:13:22.0850 4832 vToolbarUpdater12.2.6 - ok
17:13:22.0863 4832 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:13:22.0865 4832 vwifibus - ok
17:13:22.0881 4832 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:13:22.0885 4832 W32Time - ok
17:13:22.0898 4832 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:13:22.0899 4832 WacomPen - ok
17:13:22.0906 4832 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:13:22.0907 4832 WANARP - ok
17:13:22.0910 4832 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:13:22.0910 4832 Wanarpv6 - ok
17:13:22.0967 4832 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:13:22.0988 4832 WatAdminSvc - ok
17:13:23.0035 4832 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
17:13:23.0046 4832 wbengine - ok
17:13:23.0053 4832 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:13:23.0056 4832 WbioSrvc - ok
17:13:23.0096 4832 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:13:23.0099 4832 wcncsvc - ok
17:13:23.0107 4832 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:13:23.0109 4832 WcsPlugInService - ok
17:13:23.0121 4832 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:13:23.0122 4832 Wd - ok
17:13:23.0141 4832 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:13:23.0146 4832 Wdf01000 - ok
17:13:23.0153 4832 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:13:23.0154 4832 WdiServiceHost - ok
17:13:23.0156 4832 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:13:23.0157 4832 WdiSystemHost - ok
17:13:23.0178 4832 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
17:13:23.0181 4832 WebClient - ok
17:13:23.0192 4832 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:13:23.0195 4832 Wecsvc - ok
17:13:23.0205 4832 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:13:23.0207 4832 wercplsupport - ok
17:13:23.0218 4832 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:13:23.0220 4832 WerSvc - ok
17:13:23.0227 4832 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:13:23.0228 4832 WfpLwf - ok
17:13:23.0237 4832 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:13:23.0238 4832 WIMMount - ok
17:13:23.0257 4832 WinDefend - ok
17:13:23.0259 4832 WinHttpAutoProxySvc - ok
17:13:23.0313 4832 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:13:23.0317 4832 Winmgmt - ok
17:13:23.0372 4832 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
17:13:23.0406 4832 WinRM - ok
17:13:23.0445 4832 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:13:23.0446 4832 WinUsb - ok
17:13:23.0476 4832 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:13:23.0488 4832 Wlansvc - ok
17:13:23.0504 4832 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:13:23.0504 4832 WmiAcpi - ok
17:13:23.0525 4832 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:13:23.0527 4832 wmiApSrv - ok
17:13:23.0537 4832 WMPNetworkSvc - ok
17:13:23.0543 4832 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:13:23.0546 4832 WPCSvc - ok
17:13:23.0557 4832 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:13:23.0559 4832 WPDBusEnum - ok
17:13:23.0568 4832 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:13:23.0569 4832 ws2ifsl - ok
17:13:23.0585 4832 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
17:13:23.0587 4832 wscsvc - ok
17:13:23.0589 4832 WSearch - ok
17:13:23.0637 4832 [ 38340204A2D0228F1E87740FC5E554A7 ] wuauserv C:\Windows\system32\wuaueng.dll
17:13:23.0668 4832 wuauserv - ok
17:13:23.0679 4832 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:13:23.0680 4832 WudfPf - ok
17:13:23.0701 4832 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:13:23.0703 4832 WUDFRd - ok
17:13:23.0708 4832 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:13:23.0710 4832 wudfsvc - ok
17:13:23.0722 4832 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:13:23.0725 4832 WwanSvc - ok
17:13:23.0737 4832 ================ Scan global ===============================
17:13:23.0767 4832 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:13:23.0788 4832 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
17:13:23.0794 4832 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
17:13:23.0821 4832 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:13:23.0835 4832 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:13:23.0839 4832 [Global] - ok
17:13:23.0839 4832 ================ Scan MBR ==================================
17:13:23.0843 4832 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:13:23.0988 4832 \Device\Harddisk0\DR0 - ok
17:13:23.0989 4832 ================ Scan VBR ==================================
17:13:23.0992 4832 [ ECD9D6BC72E3F9126A50C511536359E8 ] \Device\Harddisk0\DR0\Partition1
17:13:23.0993 4832 \Device\Harddisk0\DR0\Partition1 - ok
17:13:24.0012 4832 [ 15882F5DE310DFA6E45640423B8F8FF2 ] \Device\Harddisk0\DR0\Partition2
17:13:24.0014 4832 \Device\Harddisk0\DR0\Partition2 - ok
17:13:24.0014 4832 ============================================================
17:13:24.0014 4832 Scan finished
17:13:24.0014 4832 ============================================================
17:13:24.0025 6068 Detected object count: 1
17:13:24.0025 6068 Actual detected object count: 1
17:13:28.0631 6068 iaStor ( ForgedFile.Multi.Generic ) - skipped by user
17:13:28.0631 6068 iaStor ( ForgedFile.Multi.Generic ) - User select action: Skip
17:13:32.0705 5332 Deinitialize success

Díky

Příspěvekod **Žbeky** » 01 říj 2012 19:01

Toto otestuj na Virustotal
C:\Windows\system32\DRIVERS\iaStor.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

psouk300 · Příspěvekod **psouk300** » 03 říj 2012 14:56

Soubor v PC nemám.

Příspěvekod **memphisto** » 03 říj 2012 17:21

Nech si zobrazit skryté soubory

psouk300 · Příspěvekod **psouk300** » 04 říj 2012 11:40

https://www.virustotal.com/file/761881d ... 349342442/ dík

Příspěvekod **Žbeky** » 04 říj 2012 19:18

Ty .htm a html koncovky máš přenastavené naschvál?

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\program files (x86)\SweetIM\Toolbars
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Microsoft\BingBar

File::
c:\windows\system32\GameMon.des
c:\windows\system32\srvany.exe

RegLock::
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ROC_roc_dec12"=-
"ROC_ROC_JULY_P1"=-
"SunJavaUpdateSched"=-
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

Driver::
SkypeUpdate
BBSvc
npggsvc
KMService

DDS::
uLocal Page = c:\windows\SYSTEM32\blank.htm
mStart Page = hxxp://home.sweetim.com/?st=1&crg=3.101 ... 005&barid={32086A84-000E-11E2-A7B6-F46D046607A3}

Firefox::
FF - ProfilePath - c:\users\Pšouk\AppData\Roaming\Mozilla\Firefox\Profiles\rr5qrj7z.default\
FF - prefs.js: browser.startup.homepage - hxxp://isearch.claro-search.com/?affID= ... 6d046607a3
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =616163&p=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.claro.id - 6cb379e0000000000000f46d046607a3
FF - user.js: extensions.claro.instlDay - 15574
FF - user.js: extensions.claro.vrsn - 1.6.4.1
FF - user.js: extensions.claro.vrsni - 1.6.4.1
FF - user.js: extensions.claro_i.vrsnTs - 1.6.4.122:23
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - iclaro
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

HJT kontrola - zpomalený PC

HJT kontrola - zpomalený PC

Re: HJT kontrola - zpomalený PC

Re: HJT kontrola - zpomalený PC

Re: HJT kontrola - zpomalený PC

Re: HJT kontrola - zpomalený PC

Re: HJT kontrola - zpomalený PC

Re: HJT kontrola - zpomalený PC

Re: HJT kontrola - zpomalený PC

Re: HJT kontrola - zpomalený PC

Re: HJT kontrola - zpomalený PC

Re: HJT kontrola - zpomalený PC

Re: HJT kontrola - zpomalený PC

Kdo je online