Máš pravdu , ve složce bootkit remover je soubor boot cleaner.exe.
Ten soubor musíš vyjmout ze složky a dát na plochu.
ještě:
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
prosim o kontrolu logu, pls .. dekuji + Vyřešeno
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu, pls .. dekuji
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosim o kontrolu logu, pls .. dekuji
ComboFix 13-02-26.01 - pokus 27.02.2013 10:13:20.6.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.666 [GMT 1:00]
Spuštěný z: c:\documents and settings\pokus\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-27 do 2013-02-27 )))))))))))))))))))))))))))))))
.
.
2013-02-22 10:12 . 2013-02-22 10:19 -------- d-----w- c:\program files\CrystalDiskInfo
2013-02-21 09:40 . 2013-02-21 09:40 -------- d-----w- c:\program files\Common Files\Skype
2013-02-18 13:09 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-02-17 00:47 . 2013-02-19 06:38 -------- d-----w- c:\program files\Railroad Tycoon 3 Demo
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\pokus\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-12 14:54 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-12 13:35 . 2013-02-12 13:35 50688 ----a-w- c:\program files\ATF-Cleaner.exe
2013-02-11 19:08 . 2013-02-11 19:08 388096 ----a-r- c:\documents and settings\pokus\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-11 19:08 . 2013-02-11 19:08 -------- d-----w- c:\program files\Trend Micro
2013-02-11 16:58 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-11 16:58 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-11 16:58 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-02-11 16:58 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-11 16:58 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-11 16:58 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2013-02-11 16:58 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2013-02-11 16:58 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2013-02-11 16:57 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-11 16:57 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\program files\AVAST Software
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2013-02-11 12:09 . 2001-10-25 14:00 138752 -c--a-w- c:\windows\system32\dllcache\sndvol32.exe
2013-02-11 12:09 . 2001-10-25 14:00 138752 ----a-w- c:\windows\system32\sndvol32.exe
2013-02-10 08:31 . 2008-02-18 16:14 106624 ----a-w- c:\windows\system32\drivers\Gt51Ip.sys
2013-02-10 08:31 . 2008-02-08 12:00 59648 ----a-w- c:\windows\system32\drivers\gt72ubus.sys
2013-02-10 08:31 . 2007-03-30 12:38 8064 ----a-w- c:\windows\system32\drivers\gtptser.sys
2013-02-10 08:31 . 2013-02-10 08:31 -------- d-----w- c:\program files\Option
2013-02-10 08:30 . 2013-02-10 08:30 -------- d-----w- c:\program files\Emotum
2013-02-09 17:10 . 2013-02-10 08:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Emotum
2013-01-31 09:42 . 2013-01-31 09:42 5999736 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-01-29 12:19 . 1997-05-29 15:31 314880 ----a-w- c:\windows\IsUn041d.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 21:24 . 2012-04-18 04:45 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-26 21:24 . 2012-02-07 09:41 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2011-11-20 16:54 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-11-29 17:37 . 2012-11-29 17:38 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-29 17:37 . 2008-11-18 15:07 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-29 17:37 . 2012-11-29 17:38 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-29 17:37 . 2012-11-29 17:38 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-09-12 . 427E6DED3A2369D3432A683EB489EE14 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\winlogon.exe
[7] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\winlogon.exe
.
[-] 2008-09-30 . 07DE423FB70EBAC5136677E3956FDBC3 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\sfcfiles.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\windows\OETRN.EXE" [2010-12-23 26624]
"Emotum Mobile Broadband"="c:\program files\Emotum\Mobile Broadband\Mobile.exe" [2009-05-14 348968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-30 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-30 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-30 138008]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-09-30 102400]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-07-04 475136]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^pokus^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\pokus\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2007-03-02 10:25 208896 -c--a-w- c:\program files\Acer\Empowering Technology\ePresentation\ePresentation.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 -c--a-w- c:\program files\Acer\Empowering Technology\ePower\Boot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11 3325952 -c--a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2007-07-04 10:44 475136 ----a-w- c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-10-17 09:59 858632 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04 2879488 -c--a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\BitLord_1.01.ex\\BitLord.exe"=
"c:\\Documents and Settings\\pokus\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11.2.2013 17:58 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.2.2013 17:58 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.2.2013 17:58 21256]
R2 GTDetectSc;GtDetectSc Service;c:\program files\Option\Option 225 Driver Installation\GtDetectSc.exe [18.12.2007 12:48 196704]
R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [10.2.2013 9:31 106624]
R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [10.2.2013 9:31 59648]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12.2.2013 15:54 682344]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [31.1.2013 10:38 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 12:55 161536]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [27.4.2011 10:03 16896]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12.2.2013 15:54 21104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.11.2008 5:48 717296]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 21:24]
.
2013-02-27 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-11 22:50]
.
2013-02-27 c:\windows\Tasks\User_Feed_Synchronization-{D7450B31-9858-428F-8599-39DDCA4984F1}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 195.54.122.221 195.54.122.211
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-WEBTRAN - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-27 10:18
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\avast! sandbox
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1008)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1064)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'explorer.exe'(1396)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
c:\windows\TrnOEH.dll
c:\program files\Acer\Empowering Technology\ePower\SysHook.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2013-02-27 10:21:40
ComboFix-quarantined-files.txt 2013-02-27 09:21
.
Před spuštěním: 9 391 296 512
Po spuštění: 9 408 237 568
.
- - End Of File - - 9B066FF7CB3AEF6AB3194C060C591BB4
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.666 [GMT 1:00]
Spuštěný z: c:\documents and settings\pokus\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-27 do 2013-02-27 )))))))))))))))))))))))))))))))
.
.
2013-02-22 10:12 . 2013-02-22 10:19 -------- d-----w- c:\program files\CrystalDiskInfo
2013-02-21 09:40 . 2013-02-21 09:40 -------- d-----w- c:\program files\Common Files\Skype
2013-02-18 13:09 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-02-17 00:47 . 2013-02-19 06:38 -------- d-----w- c:\program files\Railroad Tycoon 3 Demo
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\pokus\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-12 14:54 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-12 13:35 . 2013-02-12 13:35 50688 ----a-w- c:\program files\ATF-Cleaner.exe
2013-02-11 19:08 . 2013-02-11 19:08 388096 ----a-r- c:\documents and settings\pokus\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-11 19:08 . 2013-02-11 19:08 -------- d-----w- c:\program files\Trend Micro
2013-02-11 16:58 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-11 16:58 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-11 16:58 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-02-11 16:58 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-11 16:58 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-11 16:58 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2013-02-11 16:58 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2013-02-11 16:58 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2013-02-11 16:57 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-11 16:57 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\program files\AVAST Software
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2013-02-11 12:09 . 2001-10-25 14:00 138752 -c--a-w- c:\windows\system32\dllcache\sndvol32.exe
2013-02-11 12:09 . 2001-10-25 14:00 138752 ----a-w- c:\windows\system32\sndvol32.exe
2013-02-10 08:31 . 2008-02-18 16:14 106624 ----a-w- c:\windows\system32\drivers\Gt51Ip.sys
2013-02-10 08:31 . 2008-02-08 12:00 59648 ----a-w- c:\windows\system32\drivers\gt72ubus.sys
2013-02-10 08:31 . 2007-03-30 12:38 8064 ----a-w- c:\windows\system32\drivers\gtptser.sys
2013-02-10 08:31 . 2013-02-10 08:31 -------- d-----w- c:\program files\Option
2013-02-10 08:30 . 2013-02-10 08:30 -------- d-----w- c:\program files\Emotum
2013-02-09 17:10 . 2013-02-10 08:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Emotum
2013-01-31 09:42 . 2013-01-31 09:42 5999736 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-01-29 12:19 . 1997-05-29 15:31 314880 ----a-w- c:\windows\IsUn041d.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 21:24 . 2012-04-18 04:45 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-26 21:24 . 2012-02-07 09:41 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2011-11-20 16:54 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-11-29 17:37 . 2012-11-29 17:38 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-29 17:37 . 2008-11-18 15:07 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-29 17:37 . 2012-11-29 17:38 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-29 17:37 . 2012-11-29 17:38 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-09-12 . 427E6DED3A2369D3432A683EB489EE14 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\winlogon.exe
[7] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\winlogon.exe
.
[-] 2008-09-30 . 07DE423FB70EBAC5136677E3956FDBC3 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\sfcfiles.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\windows\OETRN.EXE" [2010-12-23 26624]
"Emotum Mobile Broadband"="c:\program files\Emotum\Mobile Broadband\Mobile.exe" [2009-05-14 348968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-30 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-30 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-30 138008]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-09-30 102400]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-07-04 475136]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^pokus^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\pokus\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2007-03-02 10:25 208896 -c--a-w- c:\program files\Acer\Empowering Technology\ePresentation\ePresentation.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 -c--a-w- c:\program files\Acer\Empowering Technology\ePower\Boot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11 3325952 -c--a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2007-07-04 10:44 475136 ----a-w- c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-10-17 09:59 858632 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04 2879488 -c--a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\BitLord_1.01.ex\\BitLord.exe"=
"c:\\Documents and Settings\\pokus\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11.2.2013 17:58 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.2.2013 17:58 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.2.2013 17:58 21256]
R2 GTDetectSc;GtDetectSc Service;c:\program files\Option\Option 225 Driver Installation\GtDetectSc.exe [18.12.2007 12:48 196704]
R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [10.2.2013 9:31 106624]
R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [10.2.2013 9:31 59648]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12.2.2013 15:54 682344]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [31.1.2013 10:38 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 12:55 161536]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [27.4.2011 10:03 16896]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12.2.2013 15:54 21104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.11.2008 5:48 717296]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 21:24]
.
2013-02-27 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-11 22:50]
.
2013-02-27 c:\windows\Tasks\User_Feed_Synchronization-{D7450B31-9858-428F-8599-39DDCA4984F1}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 195.54.122.221 195.54.122.211
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-WEBTRAN - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-27 10:18
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\avast! sandbox
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1008)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1064)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'explorer.exe'(1396)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
c:\windows\TrnOEH.dll
c:\program files\Acer\Empowering Technology\ePower\SysHook.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2013-02-27 10:21:40
ComboFix-quarantined-files.txt 2013-02-27 09:21
.
Před spuštěním: 9 391 296 512
Po spuštění: 9 408 237 568
.
- - End Of File - - 9B066FF7CB3AEF6AB3194C060C591BB4
Re: prosim o kontrolu logu, pls .. dekuji
tohle jsem fixla v HJT
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
mam si stahnout ten MBRCheck.exe:???
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
mam si stahnout ten MBRCheck.exe:???
- memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu, pls .. dekuji
Toto otestuj na Virustotal
c:\windows\IsUn041d.exe
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Ten vzdálený přístup tam máš schválně? pokud ne, tak přidej ještě do scriptu combofixu ještě
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"=-
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť?.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
c:\windows\IsUn041d.exe
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Ten vzdálený přístup tam máš schválně? pokud ne, tak přidej ještě do scriptu combofixu ještě
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"=-
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
Driver::
SkypeUpdate
Folder::
c:\program files\Skype\Updater
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť?.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: prosim o kontrolu logu, pls .. dekuji
https://www.virustotal.com/cs/file/be7c ... 361960961/
ComboFix 13-02-26.01 - pokus 27.02.2013 11:38:48.7.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.638 [GMT 1:00]
Spuštěný z: c:\documents and settings\pokus\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\pokus\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-27 do 2013-02-27 )))))))))))))))))))))))))))))))
.
.
2013-02-22 10:12 . 2013-02-22 10:19 -------- d-----w- c:\program files\CrystalDiskInfo
2013-02-21 09:40 . 2013-02-21 09:40 -------- d-----w- c:\program files\Common Files\Skype
2013-02-18 13:09 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-02-17 00:47 . 2013-02-19 06:38 -------- d-----w- c:\program files\Railroad Tycoon 3 Demo
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\pokus\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-12 14:54 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-12 13:35 . 2013-02-12 13:35 50688 ----a-w- c:\program files\ATF-Cleaner.exe
2013-02-11 19:08 . 2013-02-11 19:08 388096 ----a-r- c:\documents and settings\pokus\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-11 19:08 . 2013-02-11 19:08 -------- d-----w- c:\program files\Trend Micro
2013-02-11 16:58 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-11 16:58 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-11 16:58 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-02-11 16:58 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-11 16:58 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-11 16:58 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2013-02-11 16:58 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2013-02-11 16:58 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2013-02-11 16:57 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-11 16:57 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\program files\AVAST Software
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2013-02-11 12:09 . 2001-10-25 14:00 138752 -c--a-w- c:\windows\system32\dllcache\sndvol32.exe
2013-02-11 12:09 . 2001-10-25 14:00 138752 ----a-w- c:\windows\system32\sndvol32.exe
2013-02-10 08:31 . 2008-02-18 16:14 106624 ----a-w- c:\windows\system32\drivers\Gt51Ip.sys
2013-02-10 08:31 . 2008-02-08 12:00 59648 ----a-w- c:\windows\system32\drivers\gt72ubus.sys
2013-02-10 08:31 . 2007-03-30 12:38 8064 ----a-w- c:\windows\system32\drivers\gtptser.sys
2013-02-10 08:31 . 2013-02-10 08:31 -------- d-----w- c:\program files\Option
2013-02-10 08:30 . 2013-02-10 08:30 -------- d-----w- c:\program files\Emotum
2013-02-09 17:10 . 2013-02-10 08:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Emotum
2013-01-31 09:42 . 2013-01-31 09:42 5999736 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-01-29 12:19 . 1997-05-29 15:31 314880 ----a-w- c:\windows\IsUn041d.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 21:24 . 2012-04-18 04:45 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-26 21:24 . 2012-02-07 09:41 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2011-11-20 16:54 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-11-29 17:37 . 2012-11-29 17:38 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-29 17:37 . 2008-11-18 15:07 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-29 17:37 . 2012-11-29 17:38 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-29 17:37 . 2012-11-29 17:38 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-09-12 . 427E6DED3A2369D3432A683EB489EE14 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\winlogon.exe
[7] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\winlogon.exe
.
[-] 2008-09-30 . 07DE423FB70EBAC5136677E3956FDBC3 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\sfcfiles.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\windows\OETRN.EXE" [2010-12-23 26624]
"Emotum Mobile Broadband"="c:\program files\Emotum\Mobile Broadband\Mobile.exe" [2009-05-14 348968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-30 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-30 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-30 138008]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-09-30 102400]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-07-04 475136]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^pokus^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\pokus\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2007-03-02 10:25 208896 -c--a-w- c:\program files\Acer\Empowering Technology\ePresentation\ePresentation.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 -c--a-w- c:\program files\Acer\Empowering Technology\ePower\Boot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11 3325952 -c--a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2007-07-04 10:44 475136 ----a-w- c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-10-17 09:59 858632 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04 2879488 -c--a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\BitLord_1.01.ex\\BitLord.exe"=
"c:\\Documents and Settings\\pokus\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11.2.2013 17:58 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.2.2013 17:58 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.2.2013 17:58 21256]
R2 GTDetectSc;GtDetectSc Service;c:\program files\Option\Option 225 Driver Installation\GtDetectSc.exe [18.12.2007 12:48 196704]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12.2.2013 15:54 682344]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [31.1.2013 10:38 3289208]
R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [10.2.2013 9:31 106624]
R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [10.2.2013 9:31 59648]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12.2.2013 15:54 21104]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [27.4.2011 10:03 16896]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.11.2008 5:48 717296]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 21:24]
.
2013-02-27 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-11 22:50]
.
2013-02-27 c:\windows\Tasks\User_Feed_Synchronization-{D7450B31-9858-428F-8599-39DDCA4984F1}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 195.54.122.221 195.54.122.211
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-27 11:48
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1024)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1080)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'explorer.exe'(128)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
c:\windows\TrnOEH.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\wscntfy.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2013-02-27 11:52:08 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-27 10:52
ComboFix2.txt 2013-02-27 09:21
.
Před spuštěním: 9 421 615 104
Po spuštění: 9 326 718 976
.
- - End Of File - - 1866A91E67ECF38BE5979ABBEE7476F8
ComboFix 13-02-26.01 - pokus 27.02.2013 11:38:48.7.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.638 [GMT 1:00]
Spuštěný z: c:\documents and settings\pokus\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\pokus\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-27 do 2013-02-27 )))))))))))))))))))))))))))))))
.
.
2013-02-22 10:12 . 2013-02-22 10:19 -------- d-----w- c:\program files\CrystalDiskInfo
2013-02-21 09:40 . 2013-02-21 09:40 -------- d-----w- c:\program files\Common Files\Skype
2013-02-18 13:09 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-02-17 00:47 . 2013-02-19 06:38 -------- d-----w- c:\program files\Railroad Tycoon 3 Demo
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\pokus\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-12 14:54 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-12 13:35 . 2013-02-12 13:35 50688 ----a-w- c:\program files\ATF-Cleaner.exe
2013-02-11 19:08 . 2013-02-11 19:08 388096 ----a-r- c:\documents and settings\pokus\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-11 19:08 . 2013-02-11 19:08 -------- d-----w- c:\program files\Trend Micro
2013-02-11 16:58 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-11 16:58 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-11 16:58 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-02-11 16:58 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-11 16:58 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-11 16:58 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2013-02-11 16:58 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2013-02-11 16:58 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2013-02-11 16:57 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-11 16:57 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\program files\AVAST Software
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2013-02-11 12:09 . 2001-10-25 14:00 138752 -c--a-w- c:\windows\system32\dllcache\sndvol32.exe
2013-02-11 12:09 . 2001-10-25 14:00 138752 ----a-w- c:\windows\system32\sndvol32.exe
2013-02-10 08:31 . 2008-02-18 16:14 106624 ----a-w- c:\windows\system32\drivers\Gt51Ip.sys
2013-02-10 08:31 . 2008-02-08 12:00 59648 ----a-w- c:\windows\system32\drivers\gt72ubus.sys
2013-02-10 08:31 . 2007-03-30 12:38 8064 ----a-w- c:\windows\system32\drivers\gtptser.sys
2013-02-10 08:31 . 2013-02-10 08:31 -------- d-----w- c:\program files\Option
2013-02-10 08:30 . 2013-02-10 08:30 -------- d-----w- c:\program files\Emotum
2013-02-09 17:10 . 2013-02-10 08:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Emotum
2013-01-31 09:42 . 2013-01-31 09:42 5999736 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-01-29 12:19 . 1997-05-29 15:31 314880 ----a-w- c:\windows\IsUn041d.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 21:24 . 2012-04-18 04:45 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-26 21:24 . 2012-02-07 09:41 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2011-11-20 16:54 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-11-29 17:37 . 2012-11-29 17:38 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-29 17:37 . 2008-11-18 15:07 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-29 17:37 . 2012-11-29 17:38 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-29 17:37 . 2012-11-29 17:38 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-09-12 . 427E6DED3A2369D3432A683EB489EE14 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\winlogon.exe
[7] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\winlogon.exe
.
[-] 2008-09-30 . 07DE423FB70EBAC5136677E3956FDBC3 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\sfcfiles.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\windows\OETRN.EXE" [2010-12-23 26624]
"Emotum Mobile Broadband"="c:\program files\Emotum\Mobile Broadband\Mobile.exe" [2009-05-14 348968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-30 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-30 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-30 138008]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-09-30 102400]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-07-04 475136]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^pokus^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\pokus\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2007-03-02 10:25 208896 -c--a-w- c:\program files\Acer\Empowering Technology\ePresentation\ePresentation.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 -c--a-w- c:\program files\Acer\Empowering Technology\ePower\Boot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11 3325952 -c--a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2007-07-04 10:44 475136 ----a-w- c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-10-17 09:59 858632 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04 2879488 -c--a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\BitLord_1.01.ex\\BitLord.exe"=
"c:\\Documents and Settings\\pokus\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11.2.2013 17:58 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.2.2013 17:58 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.2.2013 17:58 21256]
R2 GTDetectSc;GtDetectSc Service;c:\program files\Option\Option 225 Driver Installation\GtDetectSc.exe [18.12.2007 12:48 196704]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12.2.2013 15:54 682344]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [31.1.2013 10:38 3289208]
R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [10.2.2013 9:31 106624]
R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [10.2.2013 9:31 59648]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12.2.2013 15:54 21104]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [27.4.2011 10:03 16896]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.11.2008 5:48 717296]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 21:24]
.
2013-02-27 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-11 22:50]
.
2013-02-27 c:\windows\Tasks\User_Feed_Synchronization-{D7450B31-9858-428F-8599-39DDCA4984F1}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 195.54.122.221 195.54.122.211
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-27 11:48
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1024)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1080)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'explorer.exe'(128)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
c:\windows\TrnOEH.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\wscntfy.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2013-02-27 11:52:08 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-27 10:52
ComboFix2.txt 2013-02-27 09:21
.
Před spuštěním: 9 421 615 104
Po spuštění: 9 326 718 976
.
- - End Of File - - 1866A91E67ECF38BE5979ABBEE7476F8
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu, pls .. dekuji
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Vlož nový log z HJT+ info o problémech.
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Vlož nový log z HJT+ info o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosim o kontrolu logu, pls .. dekuji
-Jeste pred chvili, se mi sekal prohlizec, nemohla jsem jej vubec nastartovat, vyskakovala mi varovna okna, ze nereaguje, jestli chci cekat, nebo to ukoncit, ale po techto poslednich dvou operacich se mi prohlizec zberchal,... tak to asi pomohlo..
uvidime
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-27 21:08:42
-----------------------------
21:08:42.546 OS Version: Windows 5.1.2600 Service Pack 2
21:08:42.546 Number of processors: 1 586 0x1601
21:08:42.546 ComputerName: APOLLO-NOTE UserName: pokus
21:08:50.343 Initialize success
21:08:52.765 AVAST engine defs: 13022700
21:09:09.890 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
21:09:09.890 Disk 0 Vendor: Hitachi_HTS541680J9SA00 SB2OC70P Size: 76319MB BusType: 3
21:09:09.921 Disk 0 MBR read successfully
21:09:09.921 Disk 0 MBR scan
21:09:09.921 Disk 0 Windows XP default MBR code
21:09:09.921 Disk 0 Partition 1 00 12 Compaq diag MSDOS5.0 10252 MB offset 63
21:09:09.984 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 37032 MB offset 20996955
21:09:10.015 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 29031 MB offset 96839820
21:09:10.031 Disk 0 scanning sectors +156296385
21:09:10.125 Disk 0 scanning C:\WINDOWS\system32\drivers
21:09:24.671 Service scanning
21:09:45.312 Modules scanning
21:10:00.468 Disk 0 trace - called modules:
21:10:00.984 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:10:00.984 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87374ab8]
21:10:00.984 3 CLASSPNP.SYS[f751e05b] -> nt!IofCallDriver -> \Device\00000091[0x873831a8]
21:10:01.000 5 ACPI.sys[f7394620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x87336d98]
21:10:01.203 AVAST engine scan C:\WINDOWS
21:10:09.875 AVAST engine scan C:\WINDOWS\system32
21:12:21.906 AVAST engine scan C:\WINDOWS\system32\drivers
21:12:34.234 AVAST engine scan C:\Documents and Settings\pokus
21:15:26.609 AVAST engine scan C:\Documents and Settings\All Users
21:15:27.968 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA **INFECTED** Win32:Sinowal-IK [Trj]
21:15:28.031 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 **INFECTED** Win32:Sinowal-IK [Trj]
21:16:13.015 Scan finished successfully
21:16:40.015 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pokus\Plocha\MBR.dat"
21:16:40.015 The log file has been saved successfully to "C:\Documents and Settings\pokus\Plocha\aswMBR.txt"
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:17:47, on 27.2.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\OETRN.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE
O4 - HKCU\..\Run: [Emotum Mobile Broadband] C:\Program Files\Emotum\Mobile Broadband\Mobile.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = pilsfree.czf
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = pilsfree.czf
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: eLock Service (eLockService) - - C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: GtDetectSc Service (GTDetectSc) - OptionNV - C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
--
End of file - 10313 bytes

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-27 21:08:42
-----------------------------
21:08:42.546 OS Version: Windows 5.1.2600 Service Pack 2
21:08:42.546 Number of processors: 1 586 0x1601
21:08:42.546 ComputerName: APOLLO-NOTE UserName: pokus
21:08:50.343 Initialize success
21:08:52.765 AVAST engine defs: 13022700
21:09:09.890 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
21:09:09.890 Disk 0 Vendor: Hitachi_HTS541680J9SA00 SB2OC70P Size: 76319MB BusType: 3
21:09:09.921 Disk 0 MBR read successfully
21:09:09.921 Disk 0 MBR scan
21:09:09.921 Disk 0 Windows XP default MBR code
21:09:09.921 Disk 0 Partition 1 00 12 Compaq diag MSDOS5.0 10252 MB offset 63
21:09:09.984 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 37032 MB offset 20996955
21:09:10.015 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 29031 MB offset 96839820
21:09:10.031 Disk 0 scanning sectors +156296385
21:09:10.125 Disk 0 scanning C:\WINDOWS\system32\drivers
21:09:24.671 Service scanning
21:09:45.312 Modules scanning
21:10:00.468 Disk 0 trace - called modules:
21:10:00.984 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:10:00.984 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87374ab8]
21:10:00.984 3 CLASSPNP.SYS[f751e05b] -> nt!IofCallDriver -> \Device\00000091[0x873831a8]
21:10:01.000 5 ACPI.sys[f7394620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x87336d98]
21:10:01.203 AVAST engine scan C:\WINDOWS
21:10:09.875 AVAST engine scan C:\WINDOWS\system32
21:12:21.906 AVAST engine scan C:\WINDOWS\system32\drivers
21:12:34.234 AVAST engine scan C:\Documents and Settings\pokus
21:15:26.609 AVAST engine scan C:\Documents and Settings\All Users
21:15:27.968 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA **INFECTED** Win32:Sinowal-IK [Trj]
21:15:28.031 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 **INFECTED** Win32:Sinowal-IK [Trj]
21:16:13.015 Scan finished successfully
21:16:40.015 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pokus\Plocha\MBR.dat"
21:16:40.015 The log file has been saved successfully to "C:\Documents and Settings\pokus\Plocha\aswMBR.txt"
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:17:47, on 27.2.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\OETRN.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE
O4 - HKCU\..\Run: [Emotum Mobile Broadband] C:\Program Files\Emotum\Mobile Broadband\Mobile.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = pilsfree.czf
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = pilsfree.czf
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: eLock Service (eLockService) - - C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: GtDetectSc Service (GTDetectSc) - OptionNV - C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
--
End of file - 10313 bytes
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu, pls .. dekuji
Moc ne..
21:15:27.968 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA **INFECTED** Win32:Sinowal-IK [Trj]
21:15:28.031 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 **INFECTED** Win32:Sinowal-IK [Trj]
Udělej znovu TDSSKller a po něm znovu stáhni Combofix a udělej sken..
21:15:27.968 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA **INFECTED** Win32:Sinowal-IK [Trj]
21:15:28.031 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 **INFECTED** Win32:Sinowal-IK [Trj]
Udělej znovu TDSSKller a po něm znovu stáhni Combofix a udělej sken..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosim o kontrolu logu, pls .. dekuji
stahla jsem si TDSSKller, neodhalil mi tyhle dve, ale nasel mi nejakych 5 dalsich, co udajne nejsou tak skodlive,
-jen dotaz, vim ze to neni k tematu, ale mohl bys vedet, mam cameru creative VF0470 live camera notebook, (takhle vypada http://www.swsd.sk/creative-webcam-live ... 34302.html) ale chybi mi instalacni cd, ten program jsem asi smazla, da se nekde stahnout? hledala jsem na netu, vetsinou na anglicky psanych strankach je nekolik stejnych dotazu, ale pres ty se dostanu vzdy jen k programu, kery vyhleda aktualizace pro cely system a tesne pred instalizaci pozadovaneho produktu na me vybafne okno o zpoplatneni
, potrebuji jen dat do chodu tu kameru. dekuji(jsi z CB?)
ComboFix 13-02-26.01 - pokus 28.02.2013 13:37:12.8.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.694 [GMT 1:00]
Spuštěný z: c:\documents and settings\pokus\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\pokus\LOCALS~1\Temp\is1590112554\uninstaller.exe
c:\documents and settings\pokus\Local Settings\temp\is1590112554\uninstaller.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-28 do 2013-02-28 )))))))))))))))))))))))))))))))
.
.
2013-02-28 10:37 . 2013-02-28 10:37 -------- d-----w- c:\documents and settings\pokus\Data aplikací\DSite
2013-02-28 10:37 . 2013-02-28 10:37 -------- d-----w- c:\documents and settings\pokus\Data aplikací\Babylon
2013-02-28 10:37 . 2013-02-28 10:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Babylon
2013-02-28 10:37 . 2013-02-28 10:37 -------- d-----w- c:\program files\VideoConverter
2013-02-22 10:12 . 2013-02-22 10:19 -------- d-----w- c:\program files\CrystalDiskInfo
2013-02-21 09:40 . 2013-02-21 09:40 -------- d-----w- c:\program files\Common Files\Skype
2013-02-18 13:09 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-02-17 00:47 . 2013-02-19 06:38 -------- d-----w- c:\program files\Railroad Tycoon 3 Demo
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\pokus\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-12 14:54 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-12 13:35 . 2013-02-12 13:35 50688 ----a-w- c:\program files\ATF-Cleaner.exe
2013-02-11 19:08 . 2013-02-11 19:08 388096 ----a-r- c:\documents and settings\pokus\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-11 19:08 . 2013-02-11 19:08 -------- d-----w- c:\program files\Trend Micro
2013-02-11 16:58 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-11 16:58 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-11 16:58 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-02-11 16:58 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-11 16:58 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-11 16:58 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2013-02-11 16:58 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2013-02-11 16:58 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2013-02-11 16:57 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-11 16:57 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\program files\AVAST Software
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2013-02-11 12:09 . 2001-10-25 14:00 138752 -c--a-w- c:\windows\system32\dllcache\sndvol32.exe
2013-02-11 12:09 . 2001-10-25 14:00 138752 ----a-w- c:\windows\system32\sndvol32.exe
2013-02-10 08:31 . 2008-02-18 16:14 106624 ----a-w- c:\windows\system32\drivers\Gt51Ip.sys
2013-02-10 08:31 . 2008-02-08 12:00 59648 ----a-w- c:\windows\system32\drivers\gt72ubus.sys
2013-02-10 08:31 . 2007-03-30 12:38 8064 ----a-w- c:\windows\system32\drivers\gtptser.sys
2013-02-10 08:31 . 2013-02-10 08:31 -------- d-----w- c:\program files\Option
2013-02-10 08:30 . 2013-02-10 08:30 -------- d-----w- c:\program files\Emotum
2013-02-09 17:10 . 2013-02-10 08:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Emotum
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 21:24 . 2012-04-18 04:45 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-26 21:24 . 2012-02-07 09:41 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2011-11-20 16:54 232336 ------w- c:\windows\system32\MpSigStub.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-09-12 . 427E6DED3A2369D3432A683EB489EE14 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\winlogon.exe
[7] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\winlogon.exe
.
[-] 2008-09-30 . 07DE423FB70EBAC5136677E3956FDBC3 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\sfcfiles.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\windows\OETRN.EXE" [2010-12-23 26624]
"Emotum Mobile Broadband"="c:\program files\Emotum\Mobile Broadband\Mobile.exe" [2009-05-14 348968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-30 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-30 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-30 138008]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-09-30 102400]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-07-04 475136]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^pokus^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\pokus\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2007-03-02 10:25 208896 -c--a-w- c:\program files\Acer\Empowering Technology\ePresentation\ePresentation.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 -c--a-w- c:\program files\Acer\Empowering Technology\ePower\Boot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11 3325952 -c--a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2007-07-04 10:44 475136 ----a-w- c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-10-17 09:59 858632 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04 2879488 -c--a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\BitLord_1.01.ex\\BitLord.exe"=
"c:\\Documents and Settings\\pokus\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11.2.2013 17:58 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.2.2013 17:58 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.2.2013 17:58 21256]
R2 GTDetectSc;GtDetectSc Service;c:\program files\Option\Option 225 Driver Installation\GtDetectSc.exe [18.12.2007 12:48 196704]
R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [10.2.2013 9:31 106624]
R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [10.2.2013 9:31 59648]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12.2.2013 15:54 682344]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [27.4.2011 10:03 16896]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12.2.2013 15:54 21104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.11.2008 5:48 717296]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 80781510
*Deregistered* - 80781510
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 21:24]
.
2013-02-28 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-11 22:50]
.
2013-02-28 c:\windows\Tasks\User_Feed_Synchronization-{D7450B31-9858-428F-8599-39DDCA4984F1}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 195.54.122.221 195.54.122.211
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-28 13:42
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\avast! sandbox
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1008)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1064)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
Celkový čas: 2013-02-28 13:45:18
ComboFix-quarantined-files.txt 2013-02-28 12:45
.
Před spuštěním: Volných bajtů: 12 156 346 368
Po spuštění: Volných bajtů: 12 160 483 328
.
- - End Of File - - DCED546719DBAD99D370CC7B01FCF729
-jen dotaz, vim ze to neni k tematu, ale mohl bys vedet, mam cameru creative VF0470 live camera notebook, (takhle vypada http://www.swsd.sk/creative-webcam-live ... 34302.html) ale chybi mi instalacni cd, ten program jsem asi smazla, da se nekde stahnout? hledala jsem na netu, vetsinou na anglicky psanych strankach je nekolik stejnych dotazu, ale pres ty se dostanu vzdy jen k programu, kery vyhleda aktualizace pro cely system a tesne pred instalizaci pozadovaneho produktu na me vybafne okno o zpoplatneni

ComboFix 13-02-26.01 - pokus 28.02.2013 13:37:12.8.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.694 [GMT 1:00]
Spuštěný z: c:\documents and settings\pokus\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\pokus\LOCALS~1\Temp\is1590112554\uninstaller.exe
c:\documents and settings\pokus\Local Settings\temp\is1590112554\uninstaller.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-28 do 2013-02-28 )))))))))))))))))))))))))))))))
.
.
2013-02-28 10:37 . 2013-02-28 10:37 -------- d-----w- c:\documents and settings\pokus\Data aplikací\DSite
2013-02-28 10:37 . 2013-02-28 10:37 -------- d-----w- c:\documents and settings\pokus\Data aplikací\Babylon
2013-02-28 10:37 . 2013-02-28 10:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Babylon
2013-02-28 10:37 . 2013-02-28 10:37 -------- d-----w- c:\program files\VideoConverter
2013-02-22 10:12 . 2013-02-22 10:19 -------- d-----w- c:\program files\CrystalDiskInfo
2013-02-21 09:40 . 2013-02-21 09:40 -------- d-----w- c:\program files\Common Files\Skype
2013-02-18 13:09 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-02-17 00:47 . 2013-02-19 06:38 -------- d-----w- c:\program files\Railroad Tycoon 3 Demo
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\pokus\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-12 14:54 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-12 13:35 . 2013-02-12 13:35 50688 ----a-w- c:\program files\ATF-Cleaner.exe
2013-02-11 19:08 . 2013-02-11 19:08 388096 ----a-r- c:\documents and settings\pokus\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-11 19:08 . 2013-02-11 19:08 -------- d-----w- c:\program files\Trend Micro
2013-02-11 16:58 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-11 16:58 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-11 16:58 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-02-11 16:58 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-11 16:58 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-11 16:58 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2013-02-11 16:58 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2013-02-11 16:58 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2013-02-11 16:57 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-11 16:57 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\program files\AVAST Software
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2013-02-11 12:09 . 2001-10-25 14:00 138752 -c--a-w- c:\windows\system32\dllcache\sndvol32.exe
2013-02-11 12:09 . 2001-10-25 14:00 138752 ----a-w- c:\windows\system32\sndvol32.exe
2013-02-10 08:31 . 2008-02-18 16:14 106624 ----a-w- c:\windows\system32\drivers\Gt51Ip.sys
2013-02-10 08:31 . 2008-02-08 12:00 59648 ----a-w- c:\windows\system32\drivers\gt72ubus.sys
2013-02-10 08:31 . 2007-03-30 12:38 8064 ----a-w- c:\windows\system32\drivers\gtptser.sys
2013-02-10 08:31 . 2013-02-10 08:31 -------- d-----w- c:\program files\Option
2013-02-10 08:30 . 2013-02-10 08:30 -------- d-----w- c:\program files\Emotum
2013-02-09 17:10 . 2013-02-10 08:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Emotum
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 21:24 . 2012-04-18 04:45 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-26 21:24 . 2012-02-07 09:41 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2011-11-20 16:54 232336 ------w- c:\windows\system32\MpSigStub.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-09-12 . 427E6DED3A2369D3432A683EB489EE14 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\winlogon.exe
[7] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\winlogon.exe
.
[-] 2008-09-30 . 07DE423FB70EBAC5136677E3956FDBC3 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\sfcfiles.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\windows\OETRN.EXE" [2010-12-23 26624]
"Emotum Mobile Broadband"="c:\program files\Emotum\Mobile Broadband\Mobile.exe" [2009-05-14 348968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-30 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-30 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-30 138008]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-09-30 102400]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-07-04 475136]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^pokus^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\pokus\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2007-03-02 10:25 208896 -c--a-w- c:\program files\Acer\Empowering Technology\ePresentation\ePresentation.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 -c--a-w- c:\program files\Acer\Empowering Technology\ePower\Boot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11 3325952 -c--a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2007-07-04 10:44 475136 ----a-w- c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-10-17 09:59 858632 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04 2879488 -c--a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\BitLord_1.01.ex\\BitLord.exe"=
"c:\\Documents and Settings\\pokus\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11.2.2013 17:58 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.2.2013 17:58 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.2.2013 17:58 21256]
R2 GTDetectSc;GtDetectSc Service;c:\program files\Option\Option 225 Driver Installation\GtDetectSc.exe [18.12.2007 12:48 196704]
R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [10.2.2013 9:31 106624]
R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [10.2.2013 9:31 59648]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12.2.2013 15:54 682344]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [27.4.2011 10:03 16896]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12.2.2013 15:54 21104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.11.2008 5:48 717296]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 80781510
*Deregistered* - 80781510
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 21:24]
.
2013-02-28 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-11 22:50]
.
2013-02-28 c:\windows\Tasks\User_Feed_Synchronization-{D7450B31-9858-428F-8599-39DDCA4984F1}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 195.54.122.221 195.54.122.211
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-28 13:42
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\avast! sandbox
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1008)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1064)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
Celkový čas: 2013-02-28 13:45:18
ComboFix-quarantined-files.txt 2013-02-28 12:45
.
Před spuštěním: Volných bajtů: 12 156 346 368
Po spuštění: Volných bajtů: 12 160 483 328
.
- - End Of File - - DCED546719DBAD99D370CC7B01FCF729
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu, pls .. dekuji
A kde je log z toho TDSSKilleru?
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Start—spustit a napiš:
Pak restartuj PC.
Po restartu vypni obnovení systému na všech discích.
http://support.microsoft.com/kb/310405/cs
Podívej se sem:
C:\System Volume Information\Microsoft--- pokud tam je tato složka (Microsoft) , tak jí smaž.
Spusť Bootkit Remover .
- pak klikni do černého okna a zkopíruj sem výsledek, případně dej screen
Nakonec si znovu zapni obnovu systému.
Pošli žádost na toho managera:
Produkt manager: Andrej Miklík
http://www.swsd.sk/creative-webcam-live ... 4302.html#
Nebo dej nové téma do jiné sekce (SW).
Ne, z TA.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
KillAll::
File::
C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA
C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802
Folder::
c:\documents and settings\pokus\Data aplikací\Babylon
c:\documents and settings\All Users\Data aplikací\Babylon
C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA
C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Start—spustit a napiš:
Kód: Vybrat vše
"%userprofile%\Desktop\boot cleaner.exe" fix \\.\PhysicalDrive0
Pak restartuj PC.
Po restartu vypni obnovení systému na všech discích.
http://support.microsoft.com/kb/310405/cs
Podívej se sem:
C:\System Volume Information\Microsoft--- pokud tam je tato složka (Microsoft) , tak jí smaž.
Spusť Bootkit Remover .
- pak klikni do černého okna a zkopíruj sem výsledek, případně dej screen
Nakonec si znovu zapni obnovu systému.
-jen dotaz, vim ze to neni k tematu, ale mohl bys vedet, mam cameru creative VF0470 live camera notebook, (takhle vypada http://www.swsd.sk/creative-webcam-live ... 34302.html) ale chybi mi instalacni cd, ten program jsem asi smazla, da se nekde stahnout? hledala jsem na netu, vetsinou na anglicky psanych strankach je nekolik stejnych dotazu, ale pres ty se dostanu vzdy jen k programu, kery vyhleda aktualizace pro cely system a tesne pred instalizaci pozadovaneho produktu na me vybafne okno o zpoplatneni , potrebuji jen dat do chodu tu kameru. dekuji(jsi z CB?)
Pošli žádost na toho managera:
Produkt manager: Andrej Miklík
http://www.swsd.sk/creative-webcam-live ... 4302.html#
Nebo dej nové téma do jiné sekce (SW).
Ne, z TA.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosim o kontrolu logu, pls .. dekuji
13:18:09.0859 3448 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:18:11.0781 3448 ============================================================
13:18:11.0781 3448 Current date / time: 2013/02/28 13:18:11.0781
13:18:11.0781 3448 SystemInfo:
13:18:11.0781 3448
13:18:11.0781 3448 OS Version: 5.1.2600 ServicePack: 2.0
13:18:11.0781 3448 Product type: Workstation
13:18:11.0781 3448 ComputerName: APOLLO-NOTE
13:18:11.0781 3448 UserName: pokus
13:18:11.0781 3448 Windows directory: C:\WINDOWS
13:18:11.0781 3448 System windows directory: C:\WINDOWS
13:18:11.0781 3448 Processor architecture: Intel x86
13:18:11.0781 3448 Number of processors: 1
13:18:11.0781 3448 Page size: 0x1000
13:18:11.0781 3448 Boot type: Normal boot
13:18:11.0781 3448 ============================================================
13:18:14.0234 3448 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:18:14.0343 3448 ============================================================
13:18:14.0343 3448 \Device\Harddisk0\DR0:
13:18:14.0343 3448 MBR partitions:
13:18:14.0343 3448 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x140635B, BlocksNum 0x4854531
13:18:14.0343 3448 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x5C5A88C, BlocksNum 0x38B3C35
13:18:14.0343 3448 ============================================================
13:18:14.0390 3448 C: <-> \Device\Harddisk0\DR0\Partition1
13:18:14.0421 3448 D: <-> \Device\Harddisk0\DR0\Partition2
13:18:14.0593 3448 ============================================================
13:18:14.0593 3448 Initialize success
13:18:14.0593 3448 ============================================================
13:18:17.0500 3292 ============================================================
13:18:17.0500 3292 Scan started
13:18:17.0500 3292 Mode: Manual;
13:18:17.0500 3292 ============================================================
13:18:20.0531 3292 ================ Scan system memory ========================
13:18:20.0531 3292 System memory - ok
13:18:20.0531 3292 ================ Scan services =============================
13:18:20.0656 3292 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
13:18:20.0671 3292 Aavmker4 - ok
13:18:20.0671 3292 Abiosdsk - ok
13:18:20.0687 3292 abp480n5 - ok
13:18:20.0734 3292 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:18:20.0734 3292 ACPI - ok
13:18:20.0750 3292 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
13:18:20.0750 3292 ACPIEC - ok
13:18:20.0828 3292 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:18:20.0859 3292 AdobeFlashPlayerUpdateSvc - ok
13:18:20.0875 3292 adpu160m - ok
13:18:20.0906 3292 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
13:18:20.0906 3292 aec - ok
13:18:20.0921 3292 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:18:20.0921 3292 AFD - ok
13:18:20.0937 3292 Aha154x - ok
13:18:20.0937 3292 aic78u2 - ok
13:18:20.0953 3292 aic78xx - ok
13:18:20.0984 3292 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:18:21.0000 3292 Alerter - ok
13:18:21.0031 3292 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
13:18:21.0031 3292 ALG - ok
13:18:21.0031 3292 AliIde - ok
13:18:21.0046 3292 amsint - ok
13:18:21.0078 3292 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:18:21.0078 3292 AppMgmt - ok
13:18:21.0109 3292 [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:18:21.0109 3292 Arp1394 - ok
13:18:21.0125 3292 asc - ok
13:18:21.0125 3292 asc3350p - ok
13:18:21.0140 3292 asc3550 - ok
13:18:21.0234 3292 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:18:21.0250 3292 aspnet_state - ok
13:18:21.0296 3292 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
13:18:21.0296 3292 aswFsBlk - ok
13:18:21.0312 3292 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
13:18:21.0312 3292 aswMon2 - ok
13:18:21.0343 3292 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
13:18:21.0343 3292 AswRdr - ok
13:18:21.0390 3292 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
13:18:21.0390 3292 aswSnx - ok
13:18:21.0437 3292 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
13:18:21.0437 3292 aswSP - ok
13:18:21.0484 3292 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
13:18:21.0484 3292 aswTdi - ok
13:18:21.0531 3292 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:18:21.0531 3292 AsyncMac - ok
13:18:21.0593 3292 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:18:21.0593 3292 atapi - ok
13:18:21.0656 3292 Atdisk - ok
13:18:21.0703 3292 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:18:21.0734 3292 Atmarpc - ok
13:18:21.0781 3292 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:18:21.0781 3292 AudioSrv - ok
13:18:21.0828 3292 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:18:21.0828 3292 audstub - ok
13:18:21.0937 3292 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:18:21.0937 3292 avast! Antivirus - ok
13:18:22.0000 3292 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
13:18:22.0000 3292 b57w2k - ok
13:18:22.0078 3292 [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
13:18:22.0140 3292 BCM43XX - ok
13:18:22.0187 3292 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:18:22.0187 3292 Beep - ok
13:18:22.0234 3292 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
13:18:22.0265 3292 BITS - ok
13:18:22.0328 3292 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
13:18:22.0328 3292 Browser - ok
13:18:22.0390 3292 [ ECDC40CC54603C711E1A7A1C9255184A ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
13:18:22.0406 3292 btaudio - ok
13:18:22.0437 3292 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
13:18:22.0437 3292 BTDriver - ok
13:18:22.0500 3292 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
13:18:22.0531 3292 BTKRNL - ok
13:18:22.0593 3292 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
13:18:22.0609 3292 btwdins - ok
13:18:22.0625 3292 BTWDNDIS - ok
13:18:22.0640 3292 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
13:18:22.0640 3292 btwhid - ok
13:18:22.0656 3292 btwmodem - ok
13:18:22.0671 3292 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
13:18:22.0687 3292 BTWUSB - ok
13:18:22.0718 3292 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:18:22.0718 3292 cbidf2k - ok
13:18:22.0781 3292 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:18:22.0781 3292 CCDECODE - ok
13:18:22.0781 3292 cd20xrnt - ok
13:18:22.0812 3292 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:18:22.0812 3292 Cdaudio - ok
13:18:22.0875 3292 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:18:22.0875 3292 Cdfs - ok
13:18:22.0890 3292 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:18:22.0890 3292 Cdrom - ok
13:18:22.0937 3292 [ DAF1A8193B6CAF0FB858CADCC5C4AF4A ] Changer C:\WINDOWS\system32\drivers\Changer.sys
13:18:22.0953 3292 Changer - ok
13:18:22.0984 3292 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:18:22.0984 3292 CiSvc - ok
13:18:23.0015 3292 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:18:23.0015 3292 ClipSrv - ok
13:18:23.0046 3292 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:18:23.0093 3292 clr_optimization_v2.0.50727_32 - ok
13:18:23.0140 3292 [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
13:18:23.0140 3292 CmBatt - ok
13:18:23.0156 3292 CmdIde - ok
13:18:23.0203 3292 [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
13:18:23.0203 3292 Compbatt - ok
13:18:23.0218 3292 COMSysApp - ok
13:18:23.0234 3292 Cpqarray - ok
13:18:23.0296 3292 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:18:23.0296 3292 CryptSvc - ok
13:18:23.0312 3292 dac2w2k - ok
13:18:23.0312 3292 dac960nt - ok
13:18:23.0375 3292 [ 2B269C916766BDB43404F043B763427D ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:18:23.0390 3292 DcomLaunch - ok
13:18:23.0453 3292 [ 06A30F453CA4CB1431037E4813F697CB ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:18:23.0453 3292 Dhcp - ok
13:18:23.0468 3292 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:18:23.0484 3292 Disk - ok
13:18:23.0546 3292 [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
13:18:23.0546 3292 DKbFltr - ok
13:18:23.0562 3292 dmadmin - ok
13:18:23.0609 3292 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:18:23.0625 3292 dmboot - ok
13:18:23.0625 3292 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:18:23.0640 3292 dmio - ok
13:18:23.0656 3292 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:18:23.0656 3292 dmload - ok
13:18:23.0687 3292 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:18:23.0687 3292 dmserver - ok
13:18:23.0734 3292 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:18:23.0734 3292 DMusic - ok
13:18:23.0781 3292 [ 0EEF8922D46D4846B472B1F6FD0541BC ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:18:23.0781 3292 Dnscache - ok
13:18:23.0781 3292 dpti2o - ok
13:18:23.0828 3292 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:18:23.0828 3292 drmkaud - ok
13:18:23.0906 3292 [ D33EC04D1F0B5F388DE86CCC3333A59F ] eLockService C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
13:18:23.0906 3292 eLockService - ok
13:18:23.0968 3292 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:18:23.0968 3292 ERSvc - ok
13:18:24.0015 3292 [ 4F9F7B567970B524F31D9970A23F7C24 ] Eventlog C:\WINDOWS\system32\services.exe
13:18:24.0031 3292 Eventlog - ok
13:18:24.0078 3292 [ 398314DF0B21338C4996B469101750D1 ] EventSystem C:\WINDOWS\system32\es.dll
13:18:24.0093 3292 EventSystem - ok
13:18:24.0109 3292 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:18:24.0140 3292 Fastfat - ok
13:18:24.0187 3292 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:18:24.0187 3292 FastUserSwitchingCompatibility - ok
13:18:24.0250 3292 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
13:18:24.0250 3292 Fdc - ok
13:18:24.0296 3292 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:18:24.0296 3292 Fips - ok
13:18:24.0343 3292 [ 5575EE5823DE1558F8486EB4E33FFA99 ] FlashUSB C:\WINDOWS\system32\DRIVERS\FlashUSB.sys
13:18:24.0343 3292 FlashUSB - ok
13:18:24.0390 3292 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
13:18:24.0390 3292 Flpydisk - ok
13:18:24.0421 3292 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:18:24.0421 3292 FltMgr - ok
13:18:24.0484 3292 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:18:24.0500 3292 FontCache3.0.0.0 - ok
13:18:24.0546 3292 [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
13:18:24.0546 3292 fssfltr - ok
13:18:24.0656 3292 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:18:24.0687 3292 fsssvc - ok
13:18:24.0734 3292 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:18:24.0750 3292 Fs_Rec - ok
13:18:24.0781 3292 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:18:24.0781 3292 Ftdisk - ok
13:18:24.0828 3292 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:18:24.0843 3292 Gpc - ok
13:18:24.0890 3292 [ 20A940D96E69BE65F9B6E4695BAAC6DC ] GT72NDISIPXP C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys
13:18:24.0890 3292 GT72NDISIPXP - ok
13:18:24.0937 3292 [ 1678D49EA3E76CCABDE89D7B26D5061C ] GT72UBUS C:\WINDOWS\system32\DRIVERS\gt72ubus.sys
13:18:24.0937 3292 GT72UBUS - ok
13:18:25.0015 3292 [ 4A58B52E866BC50F81F63FE181384982 ] GTDetectSc C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
13:18:25.0015 3292 GTDetectSc - ok
13:18:25.0046 3292 [ 346DDAEFA04E49AD804EE12D4BAA0ED3 ] GTPTSER C:\WINDOWS\system32\DRIVERS\gtptser.sys
13:18:25.0046 3292 GTPTSER - ok
13:18:25.0109 3292 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:18:25.0109 3292 HDAudBus - ok
13:18:25.0187 3292 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:18:25.0187 3292 helpsvc - ok
13:18:25.0203 3292 HidServ - ok
13:18:25.0250 3292 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:18:25.0250 3292 HidUsb - ok
13:18:25.0265 3292 hpn - ok
13:18:25.0328 3292 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
13:18:25.0328 3292 HSFHWAZL - ok
13:18:25.0359 3292 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
13:18:25.0375 3292 HSF_DPV - ok
13:18:25.0421 3292 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:18:25.0437 3292 HTTP - ok
13:18:25.0468 3292 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:18:25.0484 3292 HTTPFilter - ok
13:18:25.0546 3292 [ 2310CA92D37D97C9231ADF1796B47B9D ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
13:18:25.0546 3292 hwdatacard - ok
13:18:25.0609 3292 [ 8F09F91B5C91363B77BCD15599570F2C ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
13:18:25.0609 3292 i2omgmt - ok
13:18:25.0625 3292 i2omp - ok
13:18:25.0671 3292 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:18:25.0687 3292 i8042prt - ok
13:18:25.0937 3292 [ 28423512370705AEDA6A652FEDB25468 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
13:18:26.0156 3292 ialm - ok
13:18:26.0218 3292 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:18:26.0250 3292 idsvc - ok
13:18:26.0250 3292 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:18:26.0250 3292 Imapi - ok
13:18:26.0296 3292 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:18:26.0296 3292 ImapiService - ok
13:18:26.0312 3292 ini910u - ok
13:18:26.0375 3292 [ F8F75594C17FE7BCE1B4045BB7199868 ] int15 C:\WINDOWS\system32\drivers\int15.sys
13:18:26.0390 3292 int15 - ok
13:18:26.0562 3292 [ 12F4D2AA29745DC2A403FF42E75CF7FA ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:18:26.0750 3292 IntcAzAudAddService - ok
13:18:26.0750 3292 IntelIde - ok
13:18:26.0796 3292 [ 10A3AC0F0DF720AD3C3FD13861D50EB9 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:18:26.0796 3292 intelppm - ok
13:18:26.0843 3292 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:18:26.0843 3292 Ip6Fw - ok
13:18:26.0890 3292 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:18:26.0890 3292 IpFilterDriver - ok
13:18:26.0921 3292 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:18:26.0921 3292 IpInIp - ok
13:18:26.0968 3292 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:18:26.0968 3292 IpNat - ok
13:18:27.0015 3292 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:18:27.0015 3292 IPSec - ok
13:18:27.0078 3292 [ 86C204836FEEC22510D434982D4221B8 ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
13:18:27.0093 3292 irda - ok
13:18:27.0125 3292 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:18:27.0140 3292 IRENUM - ok
13:18:27.0156 3292 [ E16AC23F81CFE1223AB470F9982DE89D ] Irmon C:\WINDOWS\System32\irmon.dll
13:18:27.0156 3292 Irmon - ok
13:18:27.0218 3292 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:18:27.0218 3292 isapnp - ok
13:18:27.0312 3292 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
13:18:27.0328 3292 JavaQuickStarterService - ok
13:18:27.0328 3292 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:18:27.0343 3292 Kbdclass - ok
13:18:27.0390 3292 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:18:27.0406 3292 kmixer - ok
13:18:27.0421 3292 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:18:27.0421 3292 KSecDD - ok
13:18:27.0484 3292 [ 9757F6E16FD1EAB54D6EB9D5EB3CBCB5 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:18:27.0500 3292 lanmanserver - ok
13:18:27.0546 3292 [ 6BF7BAF420DD4422D2C35DFB3E51A29C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:18:27.0562 3292 lanmanworkstation - ok
13:18:27.0625 3292 [ CC50A66548C2F285BC8A7B0B8AA578E3 ] lbrtfdc C:\WINDOWS\system32\drivers\lbrtfdc.sys
13:18:27.0625 3292 lbrtfdc - ok
13:18:27.0687 3292 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:18:27.0687 3292 LmHosts - ok
13:18:27.0718 3292 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:18:27.0734 3292 MBAMProtector - ok
13:18:27.0781 3292 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:18:27.0781 3292 MBAMScheduler - ok
13:18:27.0828 3292 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:18:27.0859 3292 MBAMService - ok
13:18:27.0953 3292 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
13:18:27.0953 3292 MDM - ok
13:18:28.0015 3292 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:18:28.0015 3292 mdmxsdk - ok
13:18:28.0046 3292 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:18:28.0046 3292 Messenger - ok
13:18:28.0125 3292 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:18:28.0125 3292 Microsoft Office Groove Audit Service - ok
13:18:28.0187 3292 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:18:28.0187 3292 mnmdd - ok
13:18:28.0218 3292 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:18:28.0234 3292 mnmsrvc - ok
13:18:28.0281 3292 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:18:28.0281 3292 Modem - ok
13:18:28.0296 3292 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:18:28.0296 3292 Mouclass - ok
13:18:28.0359 3292 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:18:28.0359 3292 mouhid - ok
13:18:28.0375 3292 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:18:28.0375 3292 MountMgr - ok
13:18:28.0390 3292 mraid35x - ok
13:18:28.0421 3292 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:18:28.0421 3292 MRxDAV - ok
13:18:28.0484 3292 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:18:28.0500 3292 MRxSmb - ok
13:18:28.0531 3292 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:18:28.0593 3292 MSDTC - ok
13:18:28.0625 3292 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:18:28.0625 3292 Msfs - ok
13:18:28.0625 3292 MSIServer - ok
13:18:28.0656 3292 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:18:28.0656 3292 MSKSSRV - ok
13:18:28.0671 3292 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:18:28.0671 3292 MSPCLOCK - ok
13:18:28.0687 3292 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:18:28.0687 3292 MSPQM - ok
13:18:28.0718 3292 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:18:28.0718 3292 mssmbios - ok
13:18:28.0750 3292 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:18:28.0750 3292 MSTEE - ok
13:18:28.0781 3292 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:18:28.0781 3292 Mup - ok
13:18:28.0812 3292 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:18:28.0812 3292 NABTSFEC - ok
13:18:28.0953 3292 [ 87A00FAEDD703D8D2BDCB29CE5EEEA6B ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
13:18:28.0968 3292 NBService - ok
13:18:29.0031 3292 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:18:29.0031 3292 NDIS - ok
13:18:29.0078 3292 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:18:29.0093 3292 NdisIP - ok
13:18:29.0125 3292 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:18:29.0125 3292 NdisTapi - ok
13:18:29.0187 3292 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:18:29.0203 3292 Ndisuio - ok
13:18:29.0203 3292 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:18:29.0203 3292 NdisWan - ok
13:18:29.0234 3292 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:18:29.0250 3292 NDProxy - ok
13:18:29.0265 3292 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:18:29.0281 3292 NetBIOS - ok
13:18:29.0296 3292 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:18:29.0312 3292 NetBT - ok
13:18:29.0343 3292 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
13:18:29.0343 3292 NetDDE - ok
13:18:29.0359 3292 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:18:29.0359 3292 NetDDEdsdm - ok
13:18:29.0406 3292 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:18:29.0406 3292 Netlogon - ok
13:18:29.0468 3292 [ 86AD5B0E02F2C968FBB096AB4C555C9C ] Netman C:\WINDOWS\System32\netman.dll
13:18:29.0468 3292 Netman - ok
13:18:29.0515 3292 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:18:29.0515 3292 NetTcpPortSharing - ok
13:18:29.0546 3292 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:18:29.0546 3292 NIC1394 - ok
13:18:29.0593 3292 [ A6E79B60AC73241E5721AB6A573D2B24 ] Nla C:\WINDOWS\System32\mswsock.dll
13:18:29.0609 3292 Nla - ok
13:18:29.0625 3292 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:18:29.0625 3292 Npfs - ok
13:18:29.0671 3292 [ 6216798D29C3BA9D0D6F40BBBAB694A5 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys
13:18:29.0671 3292 NSCIRDA - ok
13:18:29.0718 3292 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:18:29.0718 3292 Ntfs - ok
13:18:29.0750 3292 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:18:29.0750 3292 NtLmSsp - ok
13:18:29.0796 3292 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:18:29.0859 3292 NtmsSvc - ok
13:18:29.0921 3292 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:18:29.0921 3292 Null - ok
13:18:29.0984 3292 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:18:29.0984 3292 NwlnkFlt - ok
13:18:30.0046 3292 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:18:30.0046 3292 NwlnkFwd - ok
13:18:30.0218 3292 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:18:30.0265 3292 odserv - ok
13:18:30.0296 3292 [ 0951DB8E5823EA366B0E408D71E1BA2A ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:18:30.0296 3292 ohci1394 - ok
13:18:30.0343 3292 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:18:30.0343 3292 ose - ok
13:18:30.0406 3292 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\drivers\Parport.sys
13:18:30.0406 3292 Parport - ok
13:18:30.0421 3292 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:18:30.0421 3292 PartMgr - ok
13:18:30.0500 3292 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:18:30.0500 3292 ParVdm - ok
13:18:30.0531 3292 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:18:30.0531 3292 PCI - ok
13:18:30.0546 3292 PCIDump - ok
13:18:30.0562 3292 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:18:30.0562 3292 PCIIde - ok
13:18:30.0562 3292 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
13:18:30.0562 3292 Pcmcia - ok
13:18:30.0578 3292 PDCOMP - ok
13:18:30.0578 3292 PDFRAME - ok
13:18:30.0593 3292 PDRELI - ok
13:18:30.0609 3292 PDRFRAME - ok
13:18:30.0609 3292 perc2 - ok
13:18:30.0625 3292 perc2hib - ok
13:18:30.0671 3292 [ 4F9F7B567970B524F31D9970A23F7C24 ] PlugPlay C:\WINDOWS\system32\services.exe
13:18:30.0687 3292 PlugPlay - ok
13:18:30.0687 3292 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:18:30.0703 3292 PolicyAgent - ok
13:18:30.0734 3292 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:18:30.0750 3292 PptpMiniport - ok
13:18:30.0750 3292 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:18:30.0750 3292 ProtectedStorage - ok
13:18:30.0765 3292 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:18:30.0765 3292 PSched - ok
13:18:30.0796 3292 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:18:30.0796 3292 Ptilink - ok
13:18:30.0828 3292 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:18:30.0843 3292 PxHelp20 - ok
13:18:30.0859 3292 ql1080 - ok
13:18:30.0875 3292 Ql10wnt - ok
13:18:30.0875 3292 ql12160 - ok
13:18:30.0890 3292 ql1240 - ok
13:18:30.0890 3292 ql1280 - ok
13:18:30.0921 3292 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:18:30.0921 3292 RasAcd - ok
13:18:30.0953 3292 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:18:30.0953 3292 RasAuto - ok
13:18:31.0000 3292 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
13:18:31.0000 3292 Rasirda - ok
13:18:31.0015 3292 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:18:31.0015 3292 Rasl2tp - ok
13:18:31.0062 3292 [ 43A5C7969718EE00940A6D096960DBC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:18:31.0078 3292 RasMan - ok
13:18:31.0093 3292 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:18:31.0109 3292 RasPppoe - ok
13:18:31.0140 3292 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:18:31.0140 3292 Raspti - ok
13:18:31.0171 3292 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:18:31.0171 3292 Rdbss - ok
13:18:31.0203 3292 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:18:31.0203 3292 RDPCDD - ok
13:18:31.0281 3292 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:18:31.0281 3292 rdpdr - ok
13:18:31.0343 3292 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:18:31.0343 3292 RDPWD - ok
13:18:31.0390 3292 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:18:31.0406 3292 RDSessMgr - ok
13:18:31.0437 3292 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:18:31.0437 3292 redbook - ok
13:18:31.0500 3292 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:18:31.0500 3292 RemoteAccess - ok
13:18:31.0531 3292 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:18:31.0546 3292 RemoteRegistry - ok
13:18:31.0593 3292 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:18:31.0593 3292 RpcLocator - ok
13:18:31.0640 3292 [ 2B269C916766BDB43404F043B763427D ] RpcSs C:\WINDOWS\System32\rpcss.dll
13:18:31.0640 3292 RpcSs - ok
13:18:31.0671 3292 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:18:31.0687 3292 RSVP - ok
13:18:31.0718 3292 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
13:18:31.0718 3292 SamSs - ok
13:18:31.0750 3292 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:18:31.0765 3292 SCardSvr - ok
13:18:31.0796 3292 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:18:31.0796 3292 Schedule - ok
13:18:31.0828 3292 [ 02FC71B020EC8700EE8A46C58BC6F276 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
13:18:31.0828 3292 sdbus - ok
13:18:31.0921 3292 [ 271077B91D7AD1B616F8AFDFE8E3F981 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:18:31.0921 3292 SeaPort - ok
13:18:31.0937 3292 Secdrv - ok
13:18:31.0984 3292 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:18:31.0984 3292 seclogon - ok
13:18:32.0031 3292 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
13:18:32.0046 3292 SENS - ok
13:18:32.0109 3292 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
13:18:32.0109 3292 Serial - ok
13:18:32.0187 3292 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:18:32.0203 3292 ServiceLayer - ok
13:18:32.0250 3292 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:18:32.0265 3292 Sfloppy - ok
13:18:32.0312 3292 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:18:32.0328 3292 SharedAccess - ok
13:18:32.0343 3292 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:18:32.0343 3292 ShellHWDetection - ok
13:18:32.0359 3292 Simbad - ok
13:18:32.0390 3292 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:18:32.0390 3292 SLIP - ok
13:18:32.0406 3292 Sparrow - ok
13:18:32.0468 3292 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:18:32.0484 3292 splitter - ok
13:18:32.0531 3292 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:18:32.0531 3292 Spooler - ok
13:18:32.0640 3292 [ 71E276F6D189413266EA22171806597B ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
13:18:32.0671 3292 sptd - ok
13:18:32.0718 3292 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:18:32.0718 3292 sr - ok
13:18:32.0765 3292 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
13:18:32.0765 3292 srservice - ok
13:18:32.0875 3292 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:18:32.0875 3292 Srv - ok
13:18:32.0921 3292 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:18:32.0921 3292 SSDPSRV - ok
13:18:32.0968 3292 [ B824215A934A24928CDDD1EF7E113035 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:18:32.0984 3292 stisvc - ok
13:18:33.0031 3292 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:18:33.0031 3292 streamip - ok
13:18:33.0062 3292 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:18:33.0062 3292 swenum - ok
13:18:33.0093 3292 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:18:33.0109 3292 swmidi - ok
13:18:33.0109 3292 SwPrv - ok
13:18:33.0125 3292 symc810 - ok
13:18:33.0125 3292 symc8xx - ok
13:18:33.0140 3292 sym_hi - ok
13:18:33.0156 3292 sym_u3 - ok
13:18:33.0203 3292 [ CC5DA243CFDAC58FC0408F7CE24084C5 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
13:18:33.0203 3292 SynTP - ok
13:18:33.0250 3292 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:18:33.0250 3292 sysaudio - ok
13:18:33.0296 3292 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:18:33.0296 3292 SysmonLog - ok
13:18:33.0343 3292 [ 250241D65CCF692AEACC318A266413C2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:18:33.0359 3292 TapiSrv - ok
13:18:33.0390 3292 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:18:33.0390 3292 Tcpip - ok
13:18:33.0437 3292 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:18:33.0437 3292 TDPIPE - ok
13:18:33.0484 3292 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:18:33.0484 3292 TDTCP - ok
13:18:33.0531 3292 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:18:33.0531 3292 TermDD - ok
13:18:33.0546 3292 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
13:18:33.0562 3292 TermService - ok
13:18:33.0562 3292 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:18:33.0578 3292 Themes - ok
13:18:33.0625 3292 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
13:18:33.0640 3292 tifm21 - ok
13:18:33.0671 3292 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:18:33.0687 3292 TlntSvr - ok
13:18:33.0687 3292 TosIde - ok
13:18:33.0718 3292 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:18:33.0734 3292 TrkWks - ok
13:18:33.0781 3292 [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] tvicport C:\WINDOWS\system32\drivers\tvicport.sys
13:18:33.0796 3292 tvicport - ok
13:18:33.0812 3292 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:18:33.0812 3292 Udfs - ok
13:18:33.0828 3292 UIUSys - ok
13:18:33.0828 3292 ultra - ok
13:18:33.0906 3292 [ CED744117E91BDC0BEB810F7D8608183 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:18:33.0921 3292 Update - ok
13:18:33.0953 3292 [ 0C0C2C77C6B52181369594F2AA36AF40 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:18:33.0968 3292 upnphost - ok
13:18:34.0015 3292 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
13:18:34.0015 3292 UPS - ok
13:18:34.0062 3292 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
13:18:34.0062 3292 usbaudio - ok
13:18:34.0062 3292 usbbus - ok
13:18:34.0125 3292 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:18:34.0125 3292 usbccgp - ok
13:18:34.0125 3292 UsbDiag - ok
13:18:34.0171 3292 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:18:34.0171 3292 usbehci - ok
13:18:34.0203 3292 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:18:34.0218 3292 usbhub - ok
13:18:34.0218 3292 USBModem - ok
13:18:34.0265 3292 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:18:34.0281 3292 usbscan - ok
13:18:34.0312 3292 [ 49106EE29074E6A3D3AC9E24C6D791D8 ] usbser C:\WINDOWS\system32\drivers\usbser.sys
13:18:34.0312 3292 usbser - ok
13:18:34.0328 3292 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:18:34.0328 3292 USBSTOR - ok
13:18:34.0359 3292 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:18:34.0359 3292 usbuhci - ok
13:18:34.0359 3292 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:18:34.0375 3292 VgaSave - ok
13:18:34.0375 3292 ViaIde - ok
13:18:34.0421 3292 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:18:34.0421 3292 VolSnap - ok
13:18:34.0453 3292 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
13:18:34.0468 3292 VSS - ok
13:18:34.0500 3292 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
13:18:34.0515 3292 W32Time - ok
13:18:34.0531 3292 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:18:34.0531 3292 Wanarp - ok
13:18:36.0328 3292 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
13:18:36.0671 3292 Wdf01000 - ok
13:18:36.0687 3292 WDICA - ok
13:18:36.0750 3292 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:18:36.0781 3292 wdmaud - ok
13:18:36.0859 3292 [ 4BD50644CF52F00091F894AB7541E538 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:18:36.0984 3292 WebClient - ok
13:18:37.0156 3292 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:18:37.0203 3292 winachsf - ok
13:18:37.0296 3292 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:18:37.0296 3292 winmgmt - ok
13:18:37.0359 3292 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:18:37.0359 3292 WmdmPmSN - ok
13:18:37.0437 3292 [ E428EED87E8055FB995CF0E4D1532D4C ] Wmi C:\WINDOWS\System32\advapi32.dll
13:18:37.0453 3292 Wmi - ok
13:18:37.0484 3292 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:18:37.0484 3292 WmiAcpi - ok
13:18:37.0546 3292 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:18:37.0562 3292 WmiApSrv - ok
13:18:37.0656 3292 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:18:37.0671 3292 WMPNetworkSvc - ok
13:18:37.0703 3292 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
13:18:37.0734 3292 WpdUsb - ok
13:18:37.0750 3292 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:18:37.0750 3292 WS2IFSL - ok
13:18:37.0812 3292 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:18:37.0812 3292 wscsvc - ok
13:18:37.0859 3292 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:18:37.0859 3292 WSTCODEC - ok
13:18:37.0890 3292 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:18:37.0906 3292 wuauserv - ok
13:18:37.0953 3292 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:18:37.0953 3292 WudfPf - ok
13:18:38.0000 3292 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:18:38.0015 3292 WudfRd - ok
13:18:38.0062 3292 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:18:38.0062 3292 WudfSvc - ok
13:18:38.0125 3292 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:18:38.0140 3292 WZCSVC - ok
13:18:38.0187 3292 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:18:38.0187 3292 xmlprov - ok
13:18:38.0234 3292 [ 40AC8590CC9006DBB99FFCB37879D4C6 ] zntport C:\WINDOWS\system32\drivers\zntport.sys
13:18:38.0234 3292 zntport - ok
13:18:38.0265 3292 ================ Scan global ===============================
13:18:38.0328 3292 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
13:18:38.0359 3292 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
13:18:38.0390 3292 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
13:18:38.0406 3292 [ 4F9F7B567970B524F31D9970A23F7C24 ] C:\WINDOWS\system32\services.exe
13:18:38.0421 3292 [Global] - ok
13:18:38.0421 3292 ================ Scan MBR ==================================
13:18:38.0437 3292 [ 3B00EB857BBA060EBA3B17F7019E492F ] \Device\Harddisk0\DR0
13:18:38.0656 3292 \Device\Harddisk0\DR0 - ok
13:18:38.0656 3292 ================ Scan VBR ==================================
13:18:38.0656 3292 [ 547DBCB024D36DE448AAAA6124F86884 ] \Device\Harddisk0\DR0\Partition1
13:18:38.0671 3292 \Device\Harddisk0\DR0\Partition1 - ok
13:18:38.0687 3292 [ 4BB30DA74C6C98EB818B7C9E216C119C ] \Device\Harddisk0\DR0\Partition2
13:18:38.0687 3292 \Device\Harddisk0\DR0\Partition2 - ok
13:18:38.0703 3292 ============================================================
13:18:38.0703 3292 Scan finished
13:18:38.0703 3292 ============================================================
13:18:38.0718 3844 Detected object count: 0
13:18:38.0718 3844 Actual detected object count: 0
13:19:07.0296 3952 ============================================================
13:19:07.0296 3952 Scan started
13:19:07.0296 3952 Mode: Manual; SigCheck; TDLFS;
13:19:07.0296 3952 ============================================================
13:19:07.0562 3952 ================ Scan system memory ========================
13:19:07.0562 3952 System memory - ok
13:19:07.0562 3952 ================ Scan services =============================
13:19:07.0671 3952 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
13:19:08.0703 3952 Aavmker4 - ok
13:19:08.0718 3952 Abiosdsk - ok
13:19:08.0718 3952 abp480n5 - ok
13:19:08.0765 3952 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:19:12.0671 3952 ACPI - ok
13:19:12.0718 3952 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
13:19:13.0390 3952 ACPIEC - ok
13:19:13.0531 3952 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:19:13.0546 3952 AdobeFlashPlayerUpdateSvc - ok
13:19:13.0562 3952 adpu160m - ok
13:19:13.0593 3952 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
13:19:14.0218 3952 aec - ok
13:19:14.0265 3952 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:19:14.0312 3952 AFD - ok
13:19:14.0328 3952 Aha154x - ok
13:19:14.0328 3952 aic78u2 - ok
13:19:14.0343 3952 aic78xx - ok
13:19:14.0375 3952 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:19:14.0671 3952 Alerter - ok
13:19:14.0734 3952 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
13:19:14.0968 3952 ALG - ok
13:19:14.0984 3952 AliIde - ok
13:19:14.0984 3952 amsint - ok
13:19:15.0015 3952 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:19:15.0281 3952 AppMgmt - ok
13:19:15.0296 3952 [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:19:15.0468 3952 Arp1394 - ok
13:19:15.0484 3952 asc - ok
13:19:15.0500 3952 asc3350p - ok
13:19:15.0500 3952 asc3550 - ok
13:18:11.0781 3448 ============================================================
13:18:11.0781 3448 Current date / time: 2013/02/28 13:18:11.0781
13:18:11.0781 3448 SystemInfo:
13:18:11.0781 3448
13:18:11.0781 3448 OS Version: 5.1.2600 ServicePack: 2.0
13:18:11.0781 3448 Product type: Workstation
13:18:11.0781 3448 ComputerName: APOLLO-NOTE
13:18:11.0781 3448 UserName: pokus
13:18:11.0781 3448 Windows directory: C:\WINDOWS
13:18:11.0781 3448 System windows directory: C:\WINDOWS
13:18:11.0781 3448 Processor architecture: Intel x86
13:18:11.0781 3448 Number of processors: 1
13:18:11.0781 3448 Page size: 0x1000
13:18:11.0781 3448 Boot type: Normal boot
13:18:11.0781 3448 ============================================================
13:18:14.0234 3448 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:18:14.0343 3448 ============================================================
13:18:14.0343 3448 \Device\Harddisk0\DR0:
13:18:14.0343 3448 MBR partitions:
13:18:14.0343 3448 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x140635B, BlocksNum 0x4854531
13:18:14.0343 3448 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x5C5A88C, BlocksNum 0x38B3C35
13:18:14.0343 3448 ============================================================
13:18:14.0390 3448 C: <-> \Device\Harddisk0\DR0\Partition1
13:18:14.0421 3448 D: <-> \Device\Harddisk0\DR0\Partition2
13:18:14.0593 3448 ============================================================
13:18:14.0593 3448 Initialize success
13:18:14.0593 3448 ============================================================
13:18:17.0500 3292 ============================================================
13:18:17.0500 3292 Scan started
13:18:17.0500 3292 Mode: Manual;
13:18:17.0500 3292 ============================================================
13:18:20.0531 3292 ================ Scan system memory ========================
13:18:20.0531 3292 System memory - ok
13:18:20.0531 3292 ================ Scan services =============================
13:18:20.0656 3292 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
13:18:20.0671 3292 Aavmker4 - ok
13:18:20.0671 3292 Abiosdsk - ok
13:18:20.0687 3292 abp480n5 - ok
13:18:20.0734 3292 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:18:20.0734 3292 ACPI - ok
13:18:20.0750 3292 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
13:18:20.0750 3292 ACPIEC - ok
13:18:20.0828 3292 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:18:20.0859 3292 AdobeFlashPlayerUpdateSvc - ok
13:18:20.0875 3292 adpu160m - ok
13:18:20.0906 3292 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
13:18:20.0906 3292 aec - ok
13:18:20.0921 3292 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:18:20.0921 3292 AFD - ok
13:18:20.0937 3292 Aha154x - ok
13:18:20.0937 3292 aic78u2 - ok
13:18:20.0953 3292 aic78xx - ok
13:18:20.0984 3292 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:18:21.0000 3292 Alerter - ok
13:18:21.0031 3292 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
13:18:21.0031 3292 ALG - ok
13:18:21.0031 3292 AliIde - ok
13:18:21.0046 3292 amsint - ok
13:18:21.0078 3292 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:18:21.0078 3292 AppMgmt - ok
13:18:21.0109 3292 [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:18:21.0109 3292 Arp1394 - ok
13:18:21.0125 3292 asc - ok
13:18:21.0125 3292 asc3350p - ok
13:18:21.0140 3292 asc3550 - ok
13:18:21.0234 3292 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:18:21.0250 3292 aspnet_state - ok
13:18:21.0296 3292 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
13:18:21.0296 3292 aswFsBlk - ok
13:18:21.0312 3292 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
13:18:21.0312 3292 aswMon2 - ok
13:18:21.0343 3292 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
13:18:21.0343 3292 AswRdr - ok
13:18:21.0390 3292 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
13:18:21.0390 3292 aswSnx - ok
13:18:21.0437 3292 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
13:18:21.0437 3292 aswSP - ok
13:18:21.0484 3292 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
13:18:21.0484 3292 aswTdi - ok
13:18:21.0531 3292 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:18:21.0531 3292 AsyncMac - ok
13:18:21.0593 3292 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:18:21.0593 3292 atapi - ok
13:18:21.0656 3292 Atdisk - ok
13:18:21.0703 3292 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:18:21.0734 3292 Atmarpc - ok
13:18:21.0781 3292 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:18:21.0781 3292 AudioSrv - ok
13:18:21.0828 3292 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:18:21.0828 3292 audstub - ok
13:18:21.0937 3292 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:18:21.0937 3292 avast! Antivirus - ok
13:18:22.0000 3292 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
13:18:22.0000 3292 b57w2k - ok
13:18:22.0078 3292 [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
13:18:22.0140 3292 BCM43XX - ok
13:18:22.0187 3292 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:18:22.0187 3292 Beep - ok
13:18:22.0234 3292 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
13:18:22.0265 3292 BITS - ok
13:18:22.0328 3292 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
13:18:22.0328 3292 Browser - ok
13:18:22.0390 3292 [ ECDC40CC54603C711E1A7A1C9255184A ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
13:18:22.0406 3292 btaudio - ok
13:18:22.0437 3292 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
13:18:22.0437 3292 BTDriver - ok
13:18:22.0500 3292 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
13:18:22.0531 3292 BTKRNL - ok
13:18:22.0593 3292 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
13:18:22.0609 3292 btwdins - ok
13:18:22.0625 3292 BTWDNDIS - ok
13:18:22.0640 3292 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
13:18:22.0640 3292 btwhid - ok
13:18:22.0656 3292 btwmodem - ok
13:18:22.0671 3292 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
13:18:22.0687 3292 BTWUSB - ok
13:18:22.0718 3292 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:18:22.0718 3292 cbidf2k - ok
13:18:22.0781 3292 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:18:22.0781 3292 CCDECODE - ok
13:18:22.0781 3292 cd20xrnt - ok
13:18:22.0812 3292 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:18:22.0812 3292 Cdaudio - ok
13:18:22.0875 3292 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:18:22.0875 3292 Cdfs - ok
13:18:22.0890 3292 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:18:22.0890 3292 Cdrom - ok
13:18:22.0937 3292 [ DAF1A8193B6CAF0FB858CADCC5C4AF4A ] Changer C:\WINDOWS\system32\drivers\Changer.sys
13:18:22.0953 3292 Changer - ok
13:18:22.0984 3292 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:18:22.0984 3292 CiSvc - ok
13:18:23.0015 3292 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:18:23.0015 3292 ClipSrv - ok
13:18:23.0046 3292 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:18:23.0093 3292 clr_optimization_v2.0.50727_32 - ok
13:18:23.0140 3292 [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
13:18:23.0140 3292 CmBatt - ok
13:18:23.0156 3292 CmdIde - ok
13:18:23.0203 3292 [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
13:18:23.0203 3292 Compbatt - ok
13:18:23.0218 3292 COMSysApp - ok
13:18:23.0234 3292 Cpqarray - ok
13:18:23.0296 3292 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:18:23.0296 3292 CryptSvc - ok
13:18:23.0312 3292 dac2w2k - ok
13:18:23.0312 3292 dac960nt - ok
13:18:23.0375 3292 [ 2B269C916766BDB43404F043B763427D ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:18:23.0390 3292 DcomLaunch - ok
13:18:23.0453 3292 [ 06A30F453CA4CB1431037E4813F697CB ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:18:23.0453 3292 Dhcp - ok
13:18:23.0468 3292 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:18:23.0484 3292 Disk - ok
13:18:23.0546 3292 [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
13:18:23.0546 3292 DKbFltr - ok
13:18:23.0562 3292 dmadmin - ok
13:18:23.0609 3292 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:18:23.0625 3292 dmboot - ok
13:18:23.0625 3292 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:18:23.0640 3292 dmio - ok
13:18:23.0656 3292 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:18:23.0656 3292 dmload - ok
13:18:23.0687 3292 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:18:23.0687 3292 dmserver - ok
13:18:23.0734 3292 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:18:23.0734 3292 DMusic - ok
13:18:23.0781 3292 [ 0EEF8922D46D4846B472B1F6FD0541BC ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:18:23.0781 3292 Dnscache - ok
13:18:23.0781 3292 dpti2o - ok
13:18:23.0828 3292 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:18:23.0828 3292 drmkaud - ok
13:18:23.0906 3292 [ D33EC04D1F0B5F388DE86CCC3333A59F ] eLockService C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
13:18:23.0906 3292 eLockService - ok
13:18:23.0968 3292 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:18:23.0968 3292 ERSvc - ok
13:18:24.0015 3292 [ 4F9F7B567970B524F31D9970A23F7C24 ] Eventlog C:\WINDOWS\system32\services.exe
13:18:24.0031 3292 Eventlog - ok
13:18:24.0078 3292 [ 398314DF0B21338C4996B469101750D1 ] EventSystem C:\WINDOWS\system32\es.dll
13:18:24.0093 3292 EventSystem - ok
13:18:24.0109 3292 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:18:24.0140 3292 Fastfat - ok
13:18:24.0187 3292 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:18:24.0187 3292 FastUserSwitchingCompatibility - ok
13:18:24.0250 3292 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
13:18:24.0250 3292 Fdc - ok
13:18:24.0296 3292 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:18:24.0296 3292 Fips - ok
13:18:24.0343 3292 [ 5575EE5823DE1558F8486EB4E33FFA99 ] FlashUSB C:\WINDOWS\system32\DRIVERS\FlashUSB.sys
13:18:24.0343 3292 FlashUSB - ok
13:18:24.0390 3292 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
13:18:24.0390 3292 Flpydisk - ok
13:18:24.0421 3292 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:18:24.0421 3292 FltMgr - ok
13:18:24.0484 3292 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:18:24.0500 3292 FontCache3.0.0.0 - ok
13:18:24.0546 3292 [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
13:18:24.0546 3292 fssfltr - ok
13:18:24.0656 3292 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:18:24.0687 3292 fsssvc - ok
13:18:24.0734 3292 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:18:24.0750 3292 Fs_Rec - ok
13:18:24.0781 3292 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:18:24.0781 3292 Ftdisk - ok
13:18:24.0828 3292 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:18:24.0843 3292 Gpc - ok
13:18:24.0890 3292 [ 20A940D96E69BE65F9B6E4695BAAC6DC ] GT72NDISIPXP C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys
13:18:24.0890 3292 GT72NDISIPXP - ok
13:18:24.0937 3292 [ 1678D49EA3E76CCABDE89D7B26D5061C ] GT72UBUS C:\WINDOWS\system32\DRIVERS\gt72ubus.sys
13:18:24.0937 3292 GT72UBUS - ok
13:18:25.0015 3292 [ 4A58B52E866BC50F81F63FE181384982 ] GTDetectSc C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
13:18:25.0015 3292 GTDetectSc - ok
13:18:25.0046 3292 [ 346DDAEFA04E49AD804EE12D4BAA0ED3 ] GTPTSER C:\WINDOWS\system32\DRIVERS\gtptser.sys
13:18:25.0046 3292 GTPTSER - ok
13:18:25.0109 3292 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:18:25.0109 3292 HDAudBus - ok
13:18:25.0187 3292 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:18:25.0187 3292 helpsvc - ok
13:18:25.0203 3292 HidServ - ok
13:18:25.0250 3292 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:18:25.0250 3292 HidUsb - ok
13:18:25.0265 3292 hpn - ok
13:18:25.0328 3292 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
13:18:25.0328 3292 HSFHWAZL - ok
13:18:25.0359 3292 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
13:18:25.0375 3292 HSF_DPV - ok
13:18:25.0421 3292 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:18:25.0437 3292 HTTP - ok
13:18:25.0468 3292 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:18:25.0484 3292 HTTPFilter - ok
13:18:25.0546 3292 [ 2310CA92D37D97C9231ADF1796B47B9D ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
13:18:25.0546 3292 hwdatacard - ok
13:18:25.0609 3292 [ 8F09F91B5C91363B77BCD15599570F2C ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
13:18:25.0609 3292 i2omgmt - ok
13:18:25.0625 3292 i2omp - ok
13:18:25.0671 3292 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:18:25.0687 3292 i8042prt - ok
13:18:25.0937 3292 [ 28423512370705AEDA6A652FEDB25468 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
13:18:26.0156 3292 ialm - ok
13:18:26.0218 3292 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:18:26.0250 3292 idsvc - ok
13:18:26.0250 3292 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:18:26.0250 3292 Imapi - ok
13:18:26.0296 3292 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:18:26.0296 3292 ImapiService - ok
13:18:26.0312 3292 ini910u - ok
13:18:26.0375 3292 [ F8F75594C17FE7BCE1B4045BB7199868 ] int15 C:\WINDOWS\system32\drivers\int15.sys
13:18:26.0390 3292 int15 - ok
13:18:26.0562 3292 [ 12F4D2AA29745DC2A403FF42E75CF7FA ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:18:26.0750 3292 IntcAzAudAddService - ok
13:18:26.0750 3292 IntelIde - ok
13:18:26.0796 3292 [ 10A3AC0F0DF720AD3C3FD13861D50EB9 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:18:26.0796 3292 intelppm - ok
13:18:26.0843 3292 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:18:26.0843 3292 Ip6Fw - ok
13:18:26.0890 3292 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:18:26.0890 3292 IpFilterDriver - ok
13:18:26.0921 3292 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:18:26.0921 3292 IpInIp - ok
13:18:26.0968 3292 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:18:26.0968 3292 IpNat - ok
13:18:27.0015 3292 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:18:27.0015 3292 IPSec - ok
13:18:27.0078 3292 [ 86C204836FEEC22510D434982D4221B8 ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
13:18:27.0093 3292 irda - ok
13:18:27.0125 3292 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:18:27.0140 3292 IRENUM - ok
13:18:27.0156 3292 [ E16AC23F81CFE1223AB470F9982DE89D ] Irmon C:\WINDOWS\System32\irmon.dll
13:18:27.0156 3292 Irmon - ok
13:18:27.0218 3292 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:18:27.0218 3292 isapnp - ok
13:18:27.0312 3292 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
13:18:27.0328 3292 JavaQuickStarterService - ok
13:18:27.0328 3292 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:18:27.0343 3292 Kbdclass - ok
13:18:27.0390 3292 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:18:27.0406 3292 kmixer - ok
13:18:27.0421 3292 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:18:27.0421 3292 KSecDD - ok
13:18:27.0484 3292 [ 9757F6E16FD1EAB54D6EB9D5EB3CBCB5 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:18:27.0500 3292 lanmanserver - ok
13:18:27.0546 3292 [ 6BF7BAF420DD4422D2C35DFB3E51A29C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:18:27.0562 3292 lanmanworkstation - ok
13:18:27.0625 3292 [ CC50A66548C2F285BC8A7B0B8AA578E3 ] lbrtfdc C:\WINDOWS\system32\drivers\lbrtfdc.sys
13:18:27.0625 3292 lbrtfdc - ok
13:18:27.0687 3292 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:18:27.0687 3292 LmHosts - ok
13:18:27.0718 3292 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:18:27.0734 3292 MBAMProtector - ok
13:18:27.0781 3292 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:18:27.0781 3292 MBAMScheduler - ok
13:18:27.0828 3292 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:18:27.0859 3292 MBAMService - ok
13:18:27.0953 3292 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
13:18:27.0953 3292 MDM - ok
13:18:28.0015 3292 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:18:28.0015 3292 mdmxsdk - ok
13:18:28.0046 3292 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:18:28.0046 3292 Messenger - ok
13:18:28.0125 3292 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:18:28.0125 3292 Microsoft Office Groove Audit Service - ok
13:18:28.0187 3292 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:18:28.0187 3292 mnmdd - ok
13:18:28.0218 3292 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:18:28.0234 3292 mnmsrvc - ok
13:18:28.0281 3292 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:18:28.0281 3292 Modem - ok
13:18:28.0296 3292 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:18:28.0296 3292 Mouclass - ok
13:18:28.0359 3292 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:18:28.0359 3292 mouhid - ok
13:18:28.0375 3292 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:18:28.0375 3292 MountMgr - ok
13:18:28.0390 3292 mraid35x - ok
13:18:28.0421 3292 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:18:28.0421 3292 MRxDAV - ok
13:18:28.0484 3292 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:18:28.0500 3292 MRxSmb - ok
13:18:28.0531 3292 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:18:28.0593 3292 MSDTC - ok
13:18:28.0625 3292 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:18:28.0625 3292 Msfs - ok
13:18:28.0625 3292 MSIServer - ok
13:18:28.0656 3292 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:18:28.0656 3292 MSKSSRV - ok
13:18:28.0671 3292 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:18:28.0671 3292 MSPCLOCK - ok
13:18:28.0687 3292 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:18:28.0687 3292 MSPQM - ok
13:18:28.0718 3292 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:18:28.0718 3292 mssmbios - ok
13:18:28.0750 3292 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:18:28.0750 3292 MSTEE - ok
13:18:28.0781 3292 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:18:28.0781 3292 Mup - ok
13:18:28.0812 3292 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:18:28.0812 3292 NABTSFEC - ok
13:18:28.0953 3292 [ 87A00FAEDD703D8D2BDCB29CE5EEEA6B ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
13:18:28.0968 3292 NBService - ok
13:18:29.0031 3292 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:18:29.0031 3292 NDIS - ok
13:18:29.0078 3292 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:18:29.0093 3292 NdisIP - ok
13:18:29.0125 3292 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:18:29.0125 3292 NdisTapi - ok
13:18:29.0187 3292 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:18:29.0203 3292 Ndisuio - ok
13:18:29.0203 3292 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:18:29.0203 3292 NdisWan - ok
13:18:29.0234 3292 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:18:29.0250 3292 NDProxy - ok
13:18:29.0265 3292 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:18:29.0281 3292 NetBIOS - ok
13:18:29.0296 3292 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:18:29.0312 3292 NetBT - ok
13:18:29.0343 3292 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
13:18:29.0343 3292 NetDDE - ok
13:18:29.0359 3292 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:18:29.0359 3292 NetDDEdsdm - ok
13:18:29.0406 3292 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:18:29.0406 3292 Netlogon - ok
13:18:29.0468 3292 [ 86AD5B0E02F2C968FBB096AB4C555C9C ] Netman C:\WINDOWS\System32\netman.dll
13:18:29.0468 3292 Netman - ok
13:18:29.0515 3292 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:18:29.0515 3292 NetTcpPortSharing - ok
13:18:29.0546 3292 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:18:29.0546 3292 NIC1394 - ok
13:18:29.0593 3292 [ A6E79B60AC73241E5721AB6A573D2B24 ] Nla C:\WINDOWS\System32\mswsock.dll
13:18:29.0609 3292 Nla - ok
13:18:29.0625 3292 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:18:29.0625 3292 Npfs - ok
13:18:29.0671 3292 [ 6216798D29C3BA9D0D6F40BBBAB694A5 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys
13:18:29.0671 3292 NSCIRDA - ok
13:18:29.0718 3292 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:18:29.0718 3292 Ntfs - ok
13:18:29.0750 3292 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:18:29.0750 3292 NtLmSsp - ok
13:18:29.0796 3292 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:18:29.0859 3292 NtmsSvc - ok
13:18:29.0921 3292 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:18:29.0921 3292 Null - ok
13:18:29.0984 3292 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:18:29.0984 3292 NwlnkFlt - ok
13:18:30.0046 3292 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:18:30.0046 3292 NwlnkFwd - ok
13:18:30.0218 3292 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:18:30.0265 3292 odserv - ok
13:18:30.0296 3292 [ 0951DB8E5823EA366B0E408D71E1BA2A ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:18:30.0296 3292 ohci1394 - ok
13:18:30.0343 3292 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:18:30.0343 3292 ose - ok
13:18:30.0406 3292 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\drivers\Parport.sys
13:18:30.0406 3292 Parport - ok
13:18:30.0421 3292 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:18:30.0421 3292 PartMgr - ok
13:18:30.0500 3292 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:18:30.0500 3292 ParVdm - ok
13:18:30.0531 3292 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:18:30.0531 3292 PCI - ok
13:18:30.0546 3292 PCIDump - ok
13:18:30.0562 3292 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:18:30.0562 3292 PCIIde - ok
13:18:30.0562 3292 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
13:18:30.0562 3292 Pcmcia - ok
13:18:30.0578 3292 PDCOMP - ok
13:18:30.0578 3292 PDFRAME - ok
13:18:30.0593 3292 PDRELI - ok
13:18:30.0609 3292 PDRFRAME - ok
13:18:30.0609 3292 perc2 - ok
13:18:30.0625 3292 perc2hib - ok
13:18:30.0671 3292 [ 4F9F7B567970B524F31D9970A23F7C24 ] PlugPlay C:\WINDOWS\system32\services.exe
13:18:30.0687 3292 PlugPlay - ok
13:18:30.0687 3292 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:18:30.0703 3292 PolicyAgent - ok
13:18:30.0734 3292 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:18:30.0750 3292 PptpMiniport - ok
13:18:30.0750 3292 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:18:30.0750 3292 ProtectedStorage - ok
13:18:30.0765 3292 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:18:30.0765 3292 PSched - ok
13:18:30.0796 3292 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:18:30.0796 3292 Ptilink - ok
13:18:30.0828 3292 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:18:30.0843 3292 PxHelp20 - ok
13:18:30.0859 3292 ql1080 - ok
13:18:30.0875 3292 Ql10wnt - ok
13:18:30.0875 3292 ql12160 - ok
13:18:30.0890 3292 ql1240 - ok
13:18:30.0890 3292 ql1280 - ok
13:18:30.0921 3292 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:18:30.0921 3292 RasAcd - ok
13:18:30.0953 3292 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:18:30.0953 3292 RasAuto - ok
13:18:31.0000 3292 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
13:18:31.0000 3292 Rasirda - ok
13:18:31.0015 3292 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:18:31.0015 3292 Rasl2tp - ok
13:18:31.0062 3292 [ 43A5C7969718EE00940A6D096960DBC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:18:31.0078 3292 RasMan - ok
13:18:31.0093 3292 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:18:31.0109 3292 RasPppoe - ok
13:18:31.0140 3292 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:18:31.0140 3292 Raspti - ok
13:18:31.0171 3292 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:18:31.0171 3292 Rdbss - ok
13:18:31.0203 3292 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:18:31.0203 3292 RDPCDD - ok
13:18:31.0281 3292 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:18:31.0281 3292 rdpdr - ok
13:18:31.0343 3292 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:18:31.0343 3292 RDPWD - ok
13:18:31.0390 3292 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:18:31.0406 3292 RDSessMgr - ok
13:18:31.0437 3292 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:18:31.0437 3292 redbook - ok
13:18:31.0500 3292 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:18:31.0500 3292 RemoteAccess - ok
13:18:31.0531 3292 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:18:31.0546 3292 RemoteRegistry - ok
13:18:31.0593 3292 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:18:31.0593 3292 RpcLocator - ok
13:18:31.0640 3292 [ 2B269C916766BDB43404F043B763427D ] RpcSs C:\WINDOWS\System32\rpcss.dll
13:18:31.0640 3292 RpcSs - ok
13:18:31.0671 3292 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:18:31.0687 3292 RSVP - ok
13:18:31.0718 3292 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
13:18:31.0718 3292 SamSs - ok
13:18:31.0750 3292 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:18:31.0765 3292 SCardSvr - ok
13:18:31.0796 3292 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:18:31.0796 3292 Schedule - ok
13:18:31.0828 3292 [ 02FC71B020EC8700EE8A46C58BC6F276 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
13:18:31.0828 3292 sdbus - ok
13:18:31.0921 3292 [ 271077B91D7AD1B616F8AFDFE8E3F981 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:18:31.0921 3292 SeaPort - ok
13:18:31.0937 3292 Secdrv - ok
13:18:31.0984 3292 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:18:31.0984 3292 seclogon - ok
13:18:32.0031 3292 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
13:18:32.0046 3292 SENS - ok
13:18:32.0109 3292 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
13:18:32.0109 3292 Serial - ok
13:18:32.0187 3292 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:18:32.0203 3292 ServiceLayer - ok
13:18:32.0250 3292 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:18:32.0265 3292 Sfloppy - ok
13:18:32.0312 3292 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:18:32.0328 3292 SharedAccess - ok
13:18:32.0343 3292 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:18:32.0343 3292 ShellHWDetection - ok
13:18:32.0359 3292 Simbad - ok
13:18:32.0390 3292 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:18:32.0390 3292 SLIP - ok
13:18:32.0406 3292 Sparrow - ok
13:18:32.0468 3292 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:18:32.0484 3292 splitter - ok
13:18:32.0531 3292 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:18:32.0531 3292 Spooler - ok
13:18:32.0640 3292 [ 71E276F6D189413266EA22171806597B ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
13:18:32.0671 3292 sptd - ok
13:18:32.0718 3292 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:18:32.0718 3292 sr - ok
13:18:32.0765 3292 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
13:18:32.0765 3292 srservice - ok
13:18:32.0875 3292 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:18:32.0875 3292 Srv - ok
13:18:32.0921 3292 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:18:32.0921 3292 SSDPSRV - ok
13:18:32.0968 3292 [ B824215A934A24928CDDD1EF7E113035 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:18:32.0984 3292 stisvc - ok
13:18:33.0031 3292 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:18:33.0031 3292 streamip - ok
13:18:33.0062 3292 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:18:33.0062 3292 swenum - ok
13:18:33.0093 3292 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:18:33.0109 3292 swmidi - ok
13:18:33.0109 3292 SwPrv - ok
13:18:33.0125 3292 symc810 - ok
13:18:33.0125 3292 symc8xx - ok
13:18:33.0140 3292 sym_hi - ok
13:18:33.0156 3292 sym_u3 - ok
13:18:33.0203 3292 [ CC5DA243CFDAC58FC0408F7CE24084C5 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
13:18:33.0203 3292 SynTP - ok
13:18:33.0250 3292 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:18:33.0250 3292 sysaudio - ok
13:18:33.0296 3292 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:18:33.0296 3292 SysmonLog - ok
13:18:33.0343 3292 [ 250241D65CCF692AEACC318A266413C2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:18:33.0359 3292 TapiSrv - ok
13:18:33.0390 3292 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:18:33.0390 3292 Tcpip - ok
13:18:33.0437 3292 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:18:33.0437 3292 TDPIPE - ok
13:18:33.0484 3292 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:18:33.0484 3292 TDTCP - ok
13:18:33.0531 3292 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:18:33.0531 3292 TermDD - ok
13:18:33.0546 3292 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
13:18:33.0562 3292 TermService - ok
13:18:33.0562 3292 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:18:33.0578 3292 Themes - ok
13:18:33.0625 3292 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
13:18:33.0640 3292 tifm21 - ok
13:18:33.0671 3292 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:18:33.0687 3292 TlntSvr - ok
13:18:33.0687 3292 TosIde - ok
13:18:33.0718 3292 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:18:33.0734 3292 TrkWks - ok
13:18:33.0781 3292 [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] tvicport C:\WINDOWS\system32\drivers\tvicport.sys
13:18:33.0796 3292 tvicport - ok
13:18:33.0812 3292 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:18:33.0812 3292 Udfs - ok
13:18:33.0828 3292 UIUSys - ok
13:18:33.0828 3292 ultra - ok
13:18:33.0906 3292 [ CED744117E91BDC0BEB810F7D8608183 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:18:33.0921 3292 Update - ok
13:18:33.0953 3292 [ 0C0C2C77C6B52181369594F2AA36AF40 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:18:33.0968 3292 upnphost - ok
13:18:34.0015 3292 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
13:18:34.0015 3292 UPS - ok
13:18:34.0062 3292 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
13:18:34.0062 3292 usbaudio - ok
13:18:34.0062 3292 usbbus - ok
13:18:34.0125 3292 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:18:34.0125 3292 usbccgp - ok
13:18:34.0125 3292 UsbDiag - ok
13:18:34.0171 3292 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:18:34.0171 3292 usbehci - ok
13:18:34.0203 3292 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:18:34.0218 3292 usbhub - ok
13:18:34.0218 3292 USBModem - ok
13:18:34.0265 3292 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:18:34.0281 3292 usbscan - ok
13:18:34.0312 3292 [ 49106EE29074E6A3D3AC9E24C6D791D8 ] usbser C:\WINDOWS\system32\drivers\usbser.sys
13:18:34.0312 3292 usbser - ok
13:18:34.0328 3292 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:18:34.0328 3292 USBSTOR - ok
13:18:34.0359 3292 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:18:34.0359 3292 usbuhci - ok
13:18:34.0359 3292 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:18:34.0375 3292 VgaSave - ok
13:18:34.0375 3292 ViaIde - ok
13:18:34.0421 3292 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:18:34.0421 3292 VolSnap - ok
13:18:34.0453 3292 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
13:18:34.0468 3292 VSS - ok
13:18:34.0500 3292 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
13:18:34.0515 3292 W32Time - ok
13:18:34.0531 3292 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:18:34.0531 3292 Wanarp - ok
13:18:36.0328 3292 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
13:18:36.0671 3292 Wdf01000 - ok
13:18:36.0687 3292 WDICA - ok
13:18:36.0750 3292 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:18:36.0781 3292 wdmaud - ok
13:18:36.0859 3292 [ 4BD50644CF52F00091F894AB7541E538 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:18:36.0984 3292 WebClient - ok
13:18:37.0156 3292 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:18:37.0203 3292 winachsf - ok
13:18:37.0296 3292 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:18:37.0296 3292 winmgmt - ok
13:18:37.0359 3292 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:18:37.0359 3292 WmdmPmSN - ok
13:18:37.0437 3292 [ E428EED87E8055FB995CF0E4D1532D4C ] Wmi C:\WINDOWS\System32\advapi32.dll
13:18:37.0453 3292 Wmi - ok
13:18:37.0484 3292 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:18:37.0484 3292 WmiAcpi - ok
13:18:37.0546 3292 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:18:37.0562 3292 WmiApSrv - ok
13:18:37.0656 3292 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:18:37.0671 3292 WMPNetworkSvc - ok
13:18:37.0703 3292 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
13:18:37.0734 3292 WpdUsb - ok
13:18:37.0750 3292 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:18:37.0750 3292 WS2IFSL - ok
13:18:37.0812 3292 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:18:37.0812 3292 wscsvc - ok
13:18:37.0859 3292 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:18:37.0859 3292 WSTCODEC - ok
13:18:37.0890 3292 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:18:37.0906 3292 wuauserv - ok
13:18:37.0953 3292 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:18:37.0953 3292 WudfPf - ok
13:18:38.0000 3292 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:18:38.0015 3292 WudfRd - ok
13:18:38.0062 3292 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:18:38.0062 3292 WudfSvc - ok
13:18:38.0125 3292 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:18:38.0140 3292 WZCSVC - ok
13:18:38.0187 3292 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:18:38.0187 3292 xmlprov - ok
13:18:38.0234 3292 [ 40AC8590CC9006DBB99FFCB37879D4C6 ] zntport C:\WINDOWS\system32\drivers\zntport.sys
13:18:38.0234 3292 zntport - ok
13:18:38.0265 3292 ================ Scan global ===============================
13:18:38.0328 3292 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
13:18:38.0359 3292 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
13:18:38.0390 3292 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
13:18:38.0406 3292 [ 4F9F7B567970B524F31D9970A23F7C24 ] C:\WINDOWS\system32\services.exe
13:18:38.0421 3292 [Global] - ok
13:18:38.0421 3292 ================ Scan MBR ==================================
13:18:38.0437 3292 [ 3B00EB857BBA060EBA3B17F7019E492F ] \Device\Harddisk0\DR0
13:18:38.0656 3292 \Device\Harddisk0\DR0 - ok
13:18:38.0656 3292 ================ Scan VBR ==================================
13:18:38.0656 3292 [ 547DBCB024D36DE448AAAA6124F86884 ] \Device\Harddisk0\DR0\Partition1
13:18:38.0671 3292 \Device\Harddisk0\DR0\Partition1 - ok
13:18:38.0687 3292 [ 4BB30DA74C6C98EB818B7C9E216C119C ] \Device\Harddisk0\DR0\Partition2
13:18:38.0687 3292 \Device\Harddisk0\DR0\Partition2 - ok
13:18:38.0703 3292 ============================================================
13:18:38.0703 3292 Scan finished
13:18:38.0703 3292 ============================================================
13:18:38.0718 3844 Detected object count: 0
13:18:38.0718 3844 Actual detected object count: 0
13:19:07.0296 3952 ============================================================
13:19:07.0296 3952 Scan started
13:19:07.0296 3952 Mode: Manual; SigCheck; TDLFS;
13:19:07.0296 3952 ============================================================
13:19:07.0562 3952 ================ Scan system memory ========================
13:19:07.0562 3952 System memory - ok
13:19:07.0562 3952 ================ Scan services =============================
13:19:07.0671 3952 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
13:19:08.0703 3952 Aavmker4 - ok
13:19:08.0718 3952 Abiosdsk - ok
13:19:08.0718 3952 abp480n5 - ok
13:19:08.0765 3952 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:19:12.0671 3952 ACPI - ok
13:19:12.0718 3952 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
13:19:13.0390 3952 ACPIEC - ok
13:19:13.0531 3952 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:19:13.0546 3952 AdobeFlashPlayerUpdateSvc - ok
13:19:13.0562 3952 adpu160m - ok
13:19:13.0593 3952 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
13:19:14.0218 3952 aec - ok
13:19:14.0265 3952 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:19:14.0312 3952 AFD - ok
13:19:14.0328 3952 Aha154x - ok
13:19:14.0328 3952 aic78u2 - ok
13:19:14.0343 3952 aic78xx - ok
13:19:14.0375 3952 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:19:14.0671 3952 Alerter - ok
13:19:14.0734 3952 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
13:19:14.0968 3952 ALG - ok
13:19:14.0984 3952 AliIde - ok
13:19:14.0984 3952 amsint - ok
13:19:15.0015 3952 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:19:15.0281 3952 AppMgmt - ok
13:19:15.0296 3952 [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:19:15.0468 3952 Arp1394 - ok
13:19:15.0484 3952 asc - ok
13:19:15.0500 3952 asc3350p - ok
13:19:15.0500 3952 asc3550 - ok
Re: prosim o kontrolu logu, pls .. dekuji
13:19:15.0609 3952 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:19:15.0625 3952 aspnet_state - ok
13:19:15.0656 3952 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
13:19:15.0671 3952 aswFsBlk - ok
13:19:15.0671 3952 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
13:19:15.0687 3952 aswMon2 - ok
13:19:15.0718 3952 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
13:19:15.0734 3952 AswRdr - ok
13:19:15.0750 3952 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
13:19:15.0781 3952 aswSnx - ok
13:19:15.0812 3952 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
13:19:15.0843 3952 aswSP - ok
13:19:15.0890 3952 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
13:19:15.0890 3952 aswTdi - ok
13:19:15.0953 3952 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:19:16.0343 3952 AsyncMac - ok
13:19:16.0375 3952 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:19:16.0546 3952 atapi - ok
13:19:16.0562 3952 Atdisk - ok
13:19:16.0671 3952 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:19:16.0859 3952 Atmarpc - ok
13:19:16.0890 3952 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:19:17.0093 3952 AudioSrv - ok
13:19:17.0171 3952 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:19:17.0343 3952 audstub - ok
13:19:17.0453 3952 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:19:17.0468 3952 avast! Antivirus - ok
13:19:17.0515 3952 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
13:19:17.0578 3952 b57w2k - ok
13:19:17.0656 3952 [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
13:19:17.0734 3952 BCM43XX - ok
13:19:17.0781 3952 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:19:18.0015 3952 Beep - ok
13:19:18.0062 3952 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
13:19:18.0328 3952 BITS - ok
13:19:18.0359 3952 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
13:19:18.0546 3952 Browser - ok
13:19:18.0609 3952 [ ECDC40CC54603C711E1A7A1C9255184A ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
13:19:18.0671 3952 btaudio - ok
13:19:18.0687 3952 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
13:19:18.0703 3952 BTDriver - ok
13:19:18.0828 3952 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
13:19:18.0875 3952 BTKRNL - ok
13:19:18.0921 3952 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
13:19:18.0937 3952 btwdins - ok
13:19:18.0937 3952 BTWDNDIS - ok
13:19:19.0000 3952 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
13:19:19.0000 3952 btwhid - ok
13:19:19.0000 3952 btwmodem - ok
13:19:19.0031 3952 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
13:19:19.0078 3952 BTWUSB - ok
13:19:19.0125 3952 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:19:19.0312 3952 cbidf2k - ok
13:19:19.0359 3952 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:19:19.0515 3952 CCDECODE - ok
13:19:19.0531 3952 cd20xrnt - ok
13:19:19.0562 3952 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:19:19.0734 3952 Cdaudio - ok
13:19:19.0781 3952 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:19:19.0937 3952 Cdfs - ok
13:19:19.0984 3952 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:19:20.0156 3952 Cdrom - ok
13:19:20.0265 3952 [ DAF1A8193B6CAF0FB858CADCC5C4AF4A ] Changer C:\WINDOWS\system32\drivers\Changer.sys
13:19:20.0437 3952 Changer - ok
13:19:20.0468 3952 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:19:20.0640 3952 CiSvc - ok
13:19:20.0656 3952 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:19:20.0812 3952 ClipSrv - ok
13:19:20.0859 3952 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:19:20.0875 3952 clr_optimization_v2.0.50727_32 - ok
13:19:20.0906 3952 [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
13:19:21.0078 3952 CmBatt - ok
13:19:21.0078 3952 CmdIde - ok
13:19:21.0156 3952 [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
13:19:21.0328 3952 Compbatt - ok
13:19:21.0343 3952 COMSysApp - ok
13:19:21.0359 3952 Cpqarray - ok
13:19:21.0453 3952 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:19:21.0625 3952 CryptSvc - ok
13:19:21.0625 3952 dac2w2k - ok
13:19:21.0640 3952 dac960nt - ok
13:19:21.0687 3952 [ 2B269C916766BDB43404F043B763427D ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:19:21.0906 3952 DcomLaunch - ok
13:19:21.0953 3952 [ 06A30F453CA4CB1431037E4813F697CB ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:19:22.0437 3952 Dhcp - ok
13:19:22.0453 3952 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:19:22.0687 3952 Disk - ok
13:19:22.0750 3952 [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
13:19:22.0812 3952 DKbFltr - ok
13:19:22.0812 3952 dmadmin - ok
13:19:22.0875 3952 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:19:23.0046 3952 dmboot - ok
13:19:23.0140 3952 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:19:23.0296 3952 dmio - ok
13:19:23.0343 3952 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:19:23.0515 3952 dmload - ok
13:19:23.0546 3952 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:19:23.0703 3952 dmserver - ok
13:19:23.0750 3952 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:19:23.0921 3952 DMusic - ok
13:19:23.0953 3952 [ 0EEF8922D46D4846B472B1F6FD0541BC ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:19:24.0453 3952 Dnscache - ok
13:19:24.0453 3952 dpti2o - ok
13:19:24.0500 3952 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:19:24.0671 3952 drmkaud - ok
13:19:24.0781 3952 [ D33EC04D1F0B5F388DE86CCC3333A59F ] eLockService C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
13:19:24.0812 3952 eLockService ( UnsignedFile.Multi.Generic ) - warning
13:19:24.0812 3952 eLockService - detected UnsignedFile.Multi.Generic (1)
13:19:24.0859 3952 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:19:25.0031 3952 ERSvc - ok
13:19:25.0078 3952 [ 4F9F7B567970B524F31D9970A23F7C24 ] Eventlog C:\WINDOWS\system32\services.exe
13:19:25.0203 3952 Eventlog - ok
13:19:25.0250 3952 [ 398314DF0B21338C4996B469101750D1 ] EventSystem C:\WINDOWS\system32\es.dll
13:19:25.0281 3952 EventSystem - ok
13:19:25.0312 3952 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:19:25.0484 3952 Fastfat - ok
13:19:25.0562 3952 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:19:26.0156 3952 FastUserSwitchingCompatibility - ok
13:19:26.0203 3952 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
13:19:26.0593 3952 Fdc - ok
13:19:26.0640 3952 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:19:26.0812 3952 Fips - ok
13:19:26.0843 3952 [ 5575EE5823DE1558F8486EB4E33FFA99 ] FlashUSB C:\WINDOWS\system32\DRIVERS\FlashUSB.sys
13:19:26.0921 3952 FlashUSB - ok
13:19:26.0968 3952 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
13:19:27.0140 3952 Flpydisk - ok
13:19:27.0171 3952 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:19:27.0687 3952 FltMgr - ok
13:19:27.0734 3952 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:19:27.0750 3952 FontCache3.0.0.0 - ok
13:19:27.0796 3952 [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
13:19:27.0796 3952 fssfltr - ok
13:19:27.0953 3952 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:19:27.0984 3952 fsssvc - ok
13:19:28.0031 3952 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:19:28.0171 3952 Fs_Rec - ok
13:19:28.0218 3952 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:19:28.0359 3952 Ftdisk - ok
13:19:28.0437 3952 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:19:28.0593 3952 Gpc - ok
13:19:28.0656 3952 [ 20A940D96E69BE65F9B6E4695BAAC6DC ] GT72NDISIPXP C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys
13:19:28.0703 3952 GT72NDISIPXP - ok
13:19:28.0750 3952 [ 1678D49EA3E76CCABDE89D7B26D5061C ] GT72UBUS C:\WINDOWS\system32\DRIVERS\gt72ubus.sys
13:19:28.0812 3952 GT72UBUS - ok
13:19:28.0890 3952 [ 4A58B52E866BC50F81F63FE181384982 ] GTDetectSc C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
13:19:28.0906 3952 GTDetectSc ( UnsignedFile.Multi.Generic ) - warning
13:19:28.0906 3952 GTDetectSc - detected UnsignedFile.Multi.Generic (1)
13:19:28.0968 3952 [ 346DDAEFA04E49AD804EE12D4BAA0ED3 ] GTPTSER C:\WINDOWS\system32\DRIVERS\gtptser.sys
13:19:29.0015 3952 GTPTSER - ok
13:19:29.0078 3952 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:19:29.0125 3952 HDAudBus - ok
13:19:29.0203 3952 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:19:29.0359 3952 helpsvc - ok
13:19:29.0359 3952 HidServ - ok
13:19:29.0437 3952 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:19:29.0609 3952 HidUsb - ok
13:19:29.0609 3952 hpn - ok
13:19:29.0671 3952 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
13:19:29.0718 3952 HSFHWAZL - ok
13:19:29.0781 3952 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
13:19:29.0828 3952 HSF_DPV - ok
13:19:29.0890 3952 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:19:29.0937 3952 HTTP - ok
13:19:29.0984 3952 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:19:30.0156 3952 HTTPFilter - ok
13:19:30.0250 3952 [ 2310CA92D37D97C9231ADF1796B47B9D ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
13:19:30.0328 3952 hwdatacard - ok
13:19:30.0375 3952 [ 8F09F91B5C91363B77BCD15599570F2C ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
13:19:30.0531 3952 i2omgmt - ok
13:19:30.0546 3952 i2omp - ok
13:19:30.0640 3952 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:19:30.0812 3952 i8042prt - ok
13:19:31.0062 3952 [ 28423512370705AEDA6A652FEDB25468 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
13:19:31.0312 3952 ialm - ok
13:19:31.0390 3952 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:19:31.0437 3952 idsvc - ok
13:19:31.0468 3952 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:19:31.0625 3952 Imapi - ok
13:19:31.0671 3952 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:19:31.0843 3952 ImapiService - ok
13:19:31.0859 3952 ini910u - ok
13:19:31.0937 3952 [ F8F75594C17FE7BCE1B4045BB7199868 ] int15 C:\WINDOWS\system32\drivers\int15.sys
13:19:31.0953 3952 int15 - ok
13:19:32.0140 3952 [ 12F4D2AA29745DC2A403FF42E75CF7FA ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:19:32.0359 3952 IntcAzAudAddService - ok
13:19:32.0375 3952 IntelIde - ok
13:19:32.0421 3952 [ 10A3AC0F0DF720AD3C3FD13861D50EB9 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:19:32.0578 3952 intelppm - ok
13:19:32.0625 3952 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:19:32.0921 3952 Ip6Fw - ok
13:19:32.0937 3952 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:19:33.0140 3952 IpFilterDriver - ok
13:19:33.0218 3952 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:19:33.0375 3952 IpInIp - ok
13:19:33.0437 3952 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:19:33.0937 3952 IpNat - ok
13:19:33.0968 3952 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:19:34.0125 3952 IPSec - ok
13:19:34.0140 3952 [ 86C204836FEEC22510D434982D4221B8 ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
13:19:34.0265 3952 irda - ok
13:19:34.0296 3952 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:19:34.0406 3952 IRENUM - ok
13:19:34.0421 3952 [ E16AC23F81CFE1223AB470F9982DE89D ] Irmon C:\WINDOWS\System32\irmon.dll
13:19:34.0531 3952 Irmon - ok
13:19:34.0640 3952 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:19:34.0796 3952 isapnp - ok
13:19:34.0890 3952 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
13:19:34.0890 3952 JavaQuickStarterService - ok
13:19:34.0906 3952 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:19:35.0062 3952 Kbdclass - ok
13:19:35.0140 3952 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:19:35.0656 3952 kmixer - ok
13:19:35.0703 3952 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:19:35.0796 3952 KSecDD - ok
13:19:35.0843 3952 [ 9757F6E16FD1EAB54D6EB9D5EB3CBCB5 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:19:36.0359 3952 lanmanserver - ok
13:19:36.0421 3952 [ 6BF7BAF420DD4422D2C35DFB3E51A29C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:19:36.0453 3952 lanmanworkstation - ok
13:19:36.0500 3952 [ CC50A66548C2F285BC8A7B0B8AA578E3 ] lbrtfdc C:\WINDOWS\system32\drivers\lbrtfdc.sys
13:19:36.0656 3952 lbrtfdc - ok
13:19:36.0734 3952 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:19:36.0890 3952 LmHosts - ok
13:19:36.0921 3952 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:19:36.0937 3952 MBAMProtector - ok
13:19:36.0984 3952 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:19:37.0000 3952 MBAMScheduler - ok
13:19:37.0046 3952 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:19:37.0078 3952 MBAMService - ok
13:19:37.0140 3952 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
13:19:37.0187 3952 MDM ( UnsignedFile.Multi.Generic ) - warning
13:19:37.0187 3952 MDM - detected UnsignedFile.Multi.Generic (1)
13:19:37.0234 3952 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:19:37.0265 3952 mdmxsdk - ok
13:19:37.0296 3952 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:19:37.0468 3952 Messenger - ok
13:19:37.0515 3952 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:19:37.0531 3952 Microsoft Office Groove Audit Service - ok
13:19:37.0562 3952 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:19:37.0796 3952 mnmdd - ok
13:19:37.0828 3952 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:19:38.0000 3952 mnmsrvc - ok
13:19:38.0046 3952 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:19:38.0187 3952 Modem - ok
13:19:38.0203 3952 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:19:38.0406 3952 Mouclass - ok
13:19:38.0453 3952 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:19:38.0609 3952 mouhid - ok
13:19:38.0625 3952 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:19:38.0781 3952 MountMgr - ok
13:19:38.0781 3952 mraid35x - ok
13:19:38.0812 3952 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:19:39.0359 3952 MRxDAV - ok
13:19:39.0406 3952 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:19:39.0484 3952 MRxSmb - ok
13:19:39.0531 3952 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:19:39.0796 3952 MSDTC - ok
13:19:39.0812 3952 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:19:40.0015 3952 Msfs - ok
13:19:40.0015 3952 MSIServer - ok
13:19:40.0109 3952 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:19:40.0281 3952 MSKSSRV - ok
13:19:40.0312 3952 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:19:40.0484 3952 MSPCLOCK - ok
13:19:40.0531 3952 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:19:40.0671 3952 MSPQM - ok
13:19:40.0703 3952 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:19:40.0859 3952 mssmbios - ok
13:19:40.0921 3952 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:19:41.0078 3952 MSTEE - ok
13:19:41.0140 3952 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:19:41.0281 3952 Mup - ok
13:19:41.0312 3952 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:19:41.0468 3952 NABTSFEC - ok
13:19:41.0609 3952 [ 87A00FAEDD703D8D2BDCB29CE5EEEA6B ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
13:19:41.0656 3952 NBService ( UnsignedFile.Multi.Generic ) - warning
13:19:41.0656 3952 NBService - detected UnsignedFile.Multi.Generic (1)
13:19:41.0703 3952 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:19:41.0890 3952 NDIS - ok
13:19:41.0921 3952 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:19:42.0093 3952 NdisIP - ok
13:19:42.0140 3952 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:19:42.0359 3952 NdisTapi - ok
13:19:42.0421 3952 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:19:42.0578 3952 Ndisuio - ok
13:19:42.0593 3952 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:19:42.0812 3952 NdisWan - ok
13:19:42.0828 3952 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:19:43.0000 3952 NDProxy - ok
13:19:43.0015 3952 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:19:43.0187 3952 NetBIOS - ok
13:19:43.0203 3952 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:19:43.0375 3952 NetBT - ok
13:19:43.0406 3952 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
13:19:43.0562 3952 NetDDE - ok
13:19:43.0578 3952 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:19:43.0718 3952 NetDDEdsdm - ok
13:19:43.0781 3952 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:19:43.0937 3952 Netlogon - ok
13:19:44.0015 3952 [ 86AD5B0E02F2C968FBB096AB4C555C9C ] Netman C:\WINDOWS\System32\netman.dll
13:19:44.0546 3952 Netman - ok
13:19:44.0593 3952 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:19:44.0593 3952 NetTcpPortSharing - ok
13:19:44.0609 3952 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:19:44.0781 3952 NIC1394 - ok
13:19:44.0828 3952 [ A6E79B60AC73241E5721AB6A573D2B24 ] Nla C:\WINDOWS\System32\mswsock.dll
13:19:44.0921 3952 Nla - ok
13:19:44.0953 3952 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:19:45.0125 3952 Npfs - ok
13:19:45.0218 3952 [ 6216798D29C3BA9D0D6F40BBBAB694A5 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys
13:19:45.0328 3952 NSCIRDA - ok
13:19:45.0343 3952 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:19:45.0906 3952 Ntfs - ok
13:19:45.0921 3952 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:19:46.0078 3952 NtLmSsp - ok
13:19:46.0109 3952 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:19:46.0296 3952 NtmsSvc - ok
13:19:46.0328 3952 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:19:46.0484 3952 Null - ok
13:19:46.0531 3952 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:19:46.0781 3952 NwlnkFlt - ok
13:19:46.0796 3952 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:19:47.0000 3952 NwlnkFwd - ok
13:19:47.0078 3952 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:19:47.0125 3952 odserv - ok
13:19:47.0156 3952 [ 0951DB8E5823EA366B0E408D71E1BA2A ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:19:47.0328 3952 ohci1394 - ok
13:19:47.0390 3952 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:19:47.0406 3952 ose - ok
13:19:47.0453 3952 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\drivers\Parport.sys
13:19:47.0625 3952 Parport - ok
13:19:47.0625 3952 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:19:47.0843 3952 PartMgr - ok
13:19:47.0906 3952 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:19:48.0062 3952 ParVdm - ok
13:19:48.0093 3952 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:19:48.0250 3952 PCI - ok
13:19:48.0250 3952 PCIDump - ok
13:19:48.0265 3952 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:19:48.0406 3952 PCIIde - ok
13:19:48.0421 3952 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
13:19:48.0578 3952 Pcmcia - ok
13:19:48.0578 3952 PDCOMP - ok
13:19:48.0593 3952 PDFRAME - ok
13:19:48.0609 3952 PDRELI - ok
13:19:48.0609 3952 PDRFRAME - ok
13:19:48.0625 3952 perc2 - ok
13:19:48.0640 3952 perc2hib - ok
13:19:48.0687 3952 [ 4F9F7B567970B524F31D9970A23F7C24 ] PlugPlay C:\WINDOWS\system32\services.exe
13:19:48.0796 3952 PlugPlay - ok
13:19:48.0828 3952 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:19:48.0968 3952 PolicyAgent - ok
13:19:49.0015 3952 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:19:49.0171 3952 PptpMiniport - ok
13:19:49.0171 3952 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:19:49.0328 3952 ProtectedStorage - ok
13:19:49.0328 3952 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:19:49.0546 3952 PSched - ok
13:19:49.0578 3952 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:19:49.0734 3952 Ptilink - ok
13:19:49.0750 3952 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:19:49.0750 3952 PxHelp20 - ok
13:19:49.0765 3952 ql1080 - ok
13:19:49.0781 3952 Ql10wnt - ok
13:19:49.0781 3952 ql12160 - ok
13:19:49.0796 3952 ql1240 - ok
13:19:49.0796 3952 ql1280 - ok
13:19:49.0828 3952 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:19:49.0984 3952 RasAcd - ok
13:19:50.0015 3952 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:19:50.0171 3952 RasAuto - ok
13:19:50.0187 3952 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
13:19:50.0281 3952 Rasirda - ok
13:19:50.0328 3952 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:19:50.0484 3952 Rasl2tp - ok
13:19:50.0546 3952 [ 43A5C7969718EE00940A6D096960DBC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:19:51.0078 3952 RasMan - ok
13:19:51.0078 3952 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:19:51.0234 3952 RasPppoe - ok
13:19:51.0265 3952 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:19:51.0421 3952 Raspti - ok
13:19:51.0484 3952 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:19:52.0031 3952 Rdbss - ok
13:19:52.0062 3952 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:19:52.0203 3952 RDPCDD - ok
13:19:52.0312 3952 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:19:52.0468 3952 rdpdr - ok
13:19:52.0546 3952 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:19:53.0078 3952 RDPWD - ok
13:19:53.0125 3952 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:19:53.0296 3952 RDSessMgr - ok
13:19:53.0328 3952 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:19:53.0484 3952 redbook - ok
13:19:53.0531 3952 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:19:53.0781 3952 RemoteAccess - ok
13:19:53.0828 3952 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:19:54.0000 3952 RemoteRegistry - ok
13:19:54.0093 3952 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:19:54.0234 3952 RpcLocator - ok
13:19:54.0281 3952 [ 2B269C916766BDB43404F043B763427D ] RpcSs C:\WINDOWS\System32\rpcss.dll
13:19:54.0421 3952 RpcSs - ok
13:19:54.0453 3952 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:19:54.0625 3952 RSVP - ok
13:19:54.0671 3952 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
13:19:54.0828 3952 SamSs - ok
13:19:54.0890 3952 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:19:55.0062 3952 SCardSvr - ok
13:19:55.0109 3952 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:19:55.0265 3952 Schedule - ok
13:19:55.0281 3952 [ 02FC71B020EC8700EE8A46C58BC6F276 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
13:19:55.0437 3952 sdbus - ok
13:19:55.0546 3952 [ 271077B91D7AD1B616F8AFDFE8E3F981 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:19:55.0546 3952 SeaPort - ok
13:19:55.0562 3952 Secdrv - ok
13:19:55.0609 3952 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:19:55.0765 3952 seclogon - ok
13:19:55.0781 3952 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
13:19:55.0937 3952 SENS - ok
13:19:55.0984 3952 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
13:19:56.0156 3952 Serial - ok
13:19:56.0234 3952 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:19:56.0265 3952 ServiceLayer - ok
13:19:56.0312 3952 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:19:56.0468 3952 Sfloppy - ok
13:19:56.0546 3952 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:19:56.0734 3952 SharedAccess - ok
13:19:56.0765 3952 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:19:57.0296 3952 ShellHWDetection - ok
13:19:57.0312 3952 Simbad - ok
13:19:57.0359 3952 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:19:57.0500 3952 SLIP - ok
13:19:57.0515 3952 Sparrow - ok
13:19:57.0562 3952 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:19:58.0109 3952 splitter - ok
13:19:58.0156 3952 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:19:58.0703 3952 Spooler - ok
13:19:58.0765 3952 [ 71E276F6D189413266EA22171806597B ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
13:19:58.0796 3952 sptd - ok
13:19:58.0843 3952 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:19:58.0953 3952 sr - ok
13:19:59.0000 3952 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
13:19:59.0109 3952 srservice - ok
13:19:59.0156 3952 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:19:59.0234 3952 Srv - ok
13:19:59.0281 3952 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:19:59.0406 3952 SSDPSRV - ok
13:19:59.0453 3952 [ B824215A934A24928CDDD1EF7E113035 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:20:00.0031 3952 stisvc - ok
13:20:00.0078 3952 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:20:00.0312 3952 streamip - ok
13:20:00.0375 3952 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:20:00.0593 3952 swenum - ok
13:20:00.0656 3952 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:20:00.0890 3952 swmidi - ok
13:20:00.0906 3952 SwPrv - ok
13:20:00.0906 3952 symc810 - ok
13:20:00.0921 3952 symc8xx - ok
13:20:00.0937 3952 sym_hi - ok
13:20:00.0937 3952 sym_u3 - ok
13:20:01.0281 3952 [ CC5DA243CFDAC58FC0408F7CE24084C5 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
13:20:01.0421 3952 SynTP - ok
13:20:01.0468 3952 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:20:01.0671 3952 sysaudio - ok
13:20:01.0734 3952 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:20:01.0921 3952 SysmonLog - ok
13:20:02.0000 3952 [ 250241D65CCF692AEACC318A266413C2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:20:02.0703 3952 TapiSrv - ok
13:20:02.0750 3952 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:20:02.0968 3952 Tcpip - ok
13:20:03.0000 3952 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:20:03.0171 3952 TDPIPE - ok
13:20:03.0187 3952 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:20:03.0359 3952 TDTCP - ok
13:20:03.0390 3952 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:20:03.0546 3952 TermDD - ok
13:20:03.0578 3952 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
13:20:03.0750 3952 TermService - ok
13:20:03.0750 3952 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:20:04.0328 3952 Themes - ok
13:20:04.0390 3952 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
13:20:04.0421 3952 tifm21 - ok
13:20:04.0468 3952 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:20:04.0609 3952 TlntSvr - ok
13:20:04.0625 3952 TosIde - ok
13:20:04.0640 3952 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:20:04.0812 3952 TrkWks - ok
13:20:04.0890 3952 [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] tvicport C:\WINDOWS\system32\drivers\tvicport.sys
13:20:04.0890 3952 tvicport ( UnsignedFile.Multi.Generic ) - warning
13:20:04.0890 3952 tvicport - detected UnsignedFile.Multi.Generic (1)
13:20:04.0937 3952 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:20:05.0078 3952 Udfs - ok
13:20:05.0078 3952 UIUSys - ok
13:20:05.0093 3952 ultra - ok
13:20:05.0187 3952 [ CED744117E91BDC0BEB810F7D8608183 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:20:05.0781 3952 Update - ok
13:20:05.0812 3952 [ 0C0C2C77C6B52181369594F2AA36AF40 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:20:06.0390 3952 upnphost - ok
13:20:06.0421 3952 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
13:20:06.0578 3952 UPS - ok
13:20:06.0687 3952 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
13:20:07.0031 3952 usbaudio - ok
13:20:07.0046 3952 usbbus - ok
13:20:07.0062 3952 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:20:07.0234 3952 usbccgp - ok
13:20:07.0250 3952 UsbDiag - ok
13:20:07.0296 3952 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:20:07.0453 3952 usbehci - ok
13:20:07.0500 3952 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:20:07.0750 3952 usbhub - ok
13:20:07.0765 3952 USBModem - ok
13:20:07.0812 3952 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:20:08.0015 3952 usbscan - ok
13:20:08.0062 3952 [ 49106EE29074E6A3D3AC9E24C6D791D8 ] usbser C:\WINDOWS\system32\drivers\usbser.sys
13:20:08.0203 3952 usbser - ok
13:20:08.0281 3952 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:20:08.0437 3952 USBSTOR - ok
13:20:08.0468 3952 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:20:08.0625 3952 usbuhci - ok
13:20:08.0640 3952 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:20:08.0796 3952 VgaSave - ok
13:20:08.0796 3952 ViaIde - ok
13:20:08.0843 3952 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:20:09.0000 3952 VolSnap - ok
13:20:09.0109 3952 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
13:20:09.0218 3952 VSS - ok
13:20:09.0234 3952 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
13:20:09.0390 3952 W32Time - ok
13:20:09.0453 3952 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:20:09.0687 3952 Wanarp - ok
13:20:09.0750 3952 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
13:20:09.0781 3952 Wdf01000 - ok
13:20:09.0781 3952 WDICA - ok
13:20:09.0812 3952 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:20:10.0390 3952 wdmaud - ok
13:20:10.0437 3952 [ 4BD50644CF52F00091F894AB7541E538 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:20:11.0000 3952 WebClient - ok
13:20:11.0062 3952 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:20:11.0109 3952 winachsf - ok
13:20:11.0203 3952 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:20:11.0359 3952 winmgmt - ok
13:20:11.0468 3952 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:20:11.0562 3952 WmdmPmSN - ok
13:20:11.0625 3952 [ E428EED87E8055FB995CF0E4D1532D4C ] Wmi C:\WINDOWS\System32\advapi32.dll
13:20:11.0765 3952 Wmi - ok
13:20:11.0796 3952 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:20:11.0953 3952 WmiAcpi - ok
13:20:12.0015 3952 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:20:12.0171 3952 WmiApSrv - ok
13:20:12.0328 3952 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:20:12.0359 3952 WMPNetworkSvc - ok
13:20:12.0406 3952 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
13:20:12.0453 3952 WpdUsb - ok
13:20:12.0453 3952 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:20:12.0625 3952 WS2IFSL - ok
13:20:12.0671 3952 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:20:12.0843 3952 wscsvc - ok
13:20:12.0859 3952 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:20:13.0078 3952 WSTCODEC - ok
13:20:13.0171 3952 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:20:13.0328 3952 wuauserv - ok
13:20:13.0359 3952 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:20:13.0421 3952 WudfPf - ok
13:20:13.0453 3952 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:20:13.0484 3952 WudfRd - ok
13:20:13.0515 3952 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:20:13.0546 3952 WudfSvc - ok
13:20:13.0609 3952 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:20:13.0796 3952 WZCSVC - ok
13:20:13.0812 3952 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:20:13.0984 3952 xmlprov - ok
13:20:14.0062 3952 [ 40AC8590CC9006DBB99FFCB37879D4C6 ] zntport C:\WINDOWS\system32\drivers\zntport.sys
13:20:14.0078 3952 zntport ( UnsignedFile.Multi.Generic ) - warning
13:20:14.0078 3952 zntport - detected UnsignedFile.Multi.Generic (1)
13:20:14.0109 3952 ================ Scan global ===============================
13:20:14.0171 3952 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
13:20:14.0218 3952 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
13:20:14.0250 3952 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
13:20:14.0296 3952 [ 4F9F7B567970B524F31D9970A23F7C24 ] C:\WINDOWS\system32\services.exe
13:20:14.0296 3952 [Global] - ok
13:20:14.0296 3952 ================ Scan MBR ==================================
13:20:14.0328 3952 [ 3B00EB857BBA060EBA3B17F7019E492F ] \Device\Harddisk0\DR0
13:20:14.0562 3952 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:20:14.0562 3952 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:20:14.0562 3952 ================ Scan VBR ==================================
13:20:14.0562 3952 [ 547DBCB024D36DE448AAAA6124F86884 ] \Device\Harddisk0\DR0\Partition1
13:20:14.0562 3952 \Device\Harddisk0\DR0\Partition1 - ok
13:20:14.0593 3952 [ 4BB30DA74C6C98EB818B7C9E216C119C ] \Device\Harddisk0\DR0\Partition2
13:20:14.0593 3952 \Device\Harddisk0\DR0\Partition2 - ok
13:20:14.0609 3952 ============================================================
13:20:14.0609 3952 Scan finished
13:20:14.0609 3952 ============================================================
13:20:14.0765 0248 Detected object count: 7
13:20:14.0765 0248 Actual detected object count: 7
13:22:24.0656 0248 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
13:22:24.0656 0248 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:22:24.0656 0248 GTDetectSc ( UnsignedFile.Multi.Generic ) - skipped by user
13:22:24.0656 0248 GTDetectSc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:22:24.0656 0248 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
13:22:24.0656 0248 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:22:24.0656 0248 NBService ( UnsignedFile.Multi.Generic ) - skipped by user
13:22:24.0656 0248 NBService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:22:24.0656 0248 tvicport ( UnsignedFile.Multi.Generic ) - skipped by user
13:22:24.0656 0248 tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:22:24.0656 0248 zntport ( UnsignedFile.Multi.Generic ) - skipped by user
13:22:24.0656 0248 zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:22:24.0656 0248 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:22:24.0656 0248 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:22:30.0484 2396 Deinitialize success
13:19:15.0625 3952 aspnet_state - ok
13:19:15.0656 3952 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
13:19:15.0671 3952 aswFsBlk - ok
13:19:15.0671 3952 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
13:19:15.0687 3952 aswMon2 - ok
13:19:15.0718 3952 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
13:19:15.0734 3952 AswRdr - ok
13:19:15.0750 3952 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
13:19:15.0781 3952 aswSnx - ok
13:19:15.0812 3952 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
13:19:15.0843 3952 aswSP - ok
13:19:15.0890 3952 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
13:19:15.0890 3952 aswTdi - ok
13:19:15.0953 3952 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:19:16.0343 3952 AsyncMac - ok
13:19:16.0375 3952 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:19:16.0546 3952 atapi - ok
13:19:16.0562 3952 Atdisk - ok
13:19:16.0671 3952 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:19:16.0859 3952 Atmarpc - ok
13:19:16.0890 3952 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:19:17.0093 3952 AudioSrv - ok
13:19:17.0171 3952 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:19:17.0343 3952 audstub - ok
13:19:17.0453 3952 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:19:17.0468 3952 avast! Antivirus - ok
13:19:17.0515 3952 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
13:19:17.0578 3952 b57w2k - ok
13:19:17.0656 3952 [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
13:19:17.0734 3952 BCM43XX - ok
13:19:17.0781 3952 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:19:18.0015 3952 Beep - ok
13:19:18.0062 3952 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
13:19:18.0328 3952 BITS - ok
13:19:18.0359 3952 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
13:19:18.0546 3952 Browser - ok
13:19:18.0609 3952 [ ECDC40CC54603C711E1A7A1C9255184A ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
13:19:18.0671 3952 btaudio - ok
13:19:18.0687 3952 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
13:19:18.0703 3952 BTDriver - ok
13:19:18.0828 3952 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
13:19:18.0875 3952 BTKRNL - ok
13:19:18.0921 3952 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
13:19:18.0937 3952 btwdins - ok
13:19:18.0937 3952 BTWDNDIS - ok
13:19:19.0000 3952 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
13:19:19.0000 3952 btwhid - ok
13:19:19.0000 3952 btwmodem - ok
13:19:19.0031 3952 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
13:19:19.0078 3952 BTWUSB - ok
13:19:19.0125 3952 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:19:19.0312 3952 cbidf2k - ok
13:19:19.0359 3952 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:19:19.0515 3952 CCDECODE - ok
13:19:19.0531 3952 cd20xrnt - ok
13:19:19.0562 3952 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:19:19.0734 3952 Cdaudio - ok
13:19:19.0781 3952 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:19:19.0937 3952 Cdfs - ok
13:19:19.0984 3952 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:19:20.0156 3952 Cdrom - ok
13:19:20.0265 3952 [ DAF1A8193B6CAF0FB858CADCC5C4AF4A ] Changer C:\WINDOWS\system32\drivers\Changer.sys
13:19:20.0437 3952 Changer - ok
13:19:20.0468 3952 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:19:20.0640 3952 CiSvc - ok
13:19:20.0656 3952 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:19:20.0812 3952 ClipSrv - ok
13:19:20.0859 3952 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:19:20.0875 3952 clr_optimization_v2.0.50727_32 - ok
13:19:20.0906 3952 [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
13:19:21.0078 3952 CmBatt - ok
13:19:21.0078 3952 CmdIde - ok
13:19:21.0156 3952 [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
13:19:21.0328 3952 Compbatt - ok
13:19:21.0343 3952 COMSysApp - ok
13:19:21.0359 3952 Cpqarray - ok
13:19:21.0453 3952 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:19:21.0625 3952 CryptSvc - ok
13:19:21.0625 3952 dac2w2k - ok
13:19:21.0640 3952 dac960nt - ok
13:19:21.0687 3952 [ 2B269C916766BDB43404F043B763427D ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:19:21.0906 3952 DcomLaunch - ok
13:19:21.0953 3952 [ 06A30F453CA4CB1431037E4813F697CB ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:19:22.0437 3952 Dhcp - ok
13:19:22.0453 3952 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:19:22.0687 3952 Disk - ok
13:19:22.0750 3952 [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
13:19:22.0812 3952 DKbFltr - ok
13:19:22.0812 3952 dmadmin - ok
13:19:22.0875 3952 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:19:23.0046 3952 dmboot - ok
13:19:23.0140 3952 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:19:23.0296 3952 dmio - ok
13:19:23.0343 3952 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:19:23.0515 3952 dmload - ok
13:19:23.0546 3952 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:19:23.0703 3952 dmserver - ok
13:19:23.0750 3952 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:19:23.0921 3952 DMusic - ok
13:19:23.0953 3952 [ 0EEF8922D46D4846B472B1F6FD0541BC ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:19:24.0453 3952 Dnscache - ok
13:19:24.0453 3952 dpti2o - ok
13:19:24.0500 3952 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:19:24.0671 3952 drmkaud - ok
13:19:24.0781 3952 [ D33EC04D1F0B5F388DE86CCC3333A59F ] eLockService C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
13:19:24.0812 3952 eLockService ( UnsignedFile.Multi.Generic ) - warning
13:19:24.0812 3952 eLockService - detected UnsignedFile.Multi.Generic (1)
13:19:24.0859 3952 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:19:25.0031 3952 ERSvc - ok
13:19:25.0078 3952 [ 4F9F7B567970B524F31D9970A23F7C24 ] Eventlog C:\WINDOWS\system32\services.exe
13:19:25.0203 3952 Eventlog - ok
13:19:25.0250 3952 [ 398314DF0B21338C4996B469101750D1 ] EventSystem C:\WINDOWS\system32\es.dll
13:19:25.0281 3952 EventSystem - ok
13:19:25.0312 3952 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:19:25.0484 3952 Fastfat - ok
13:19:25.0562 3952 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:19:26.0156 3952 FastUserSwitchingCompatibility - ok
13:19:26.0203 3952 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
13:19:26.0593 3952 Fdc - ok
13:19:26.0640 3952 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:19:26.0812 3952 Fips - ok
13:19:26.0843 3952 [ 5575EE5823DE1558F8486EB4E33FFA99 ] FlashUSB C:\WINDOWS\system32\DRIVERS\FlashUSB.sys
13:19:26.0921 3952 FlashUSB - ok
13:19:26.0968 3952 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
13:19:27.0140 3952 Flpydisk - ok
13:19:27.0171 3952 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:19:27.0687 3952 FltMgr - ok
13:19:27.0734 3952 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:19:27.0750 3952 FontCache3.0.0.0 - ok
13:19:27.0796 3952 [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
13:19:27.0796 3952 fssfltr - ok
13:19:27.0953 3952 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:19:27.0984 3952 fsssvc - ok
13:19:28.0031 3952 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:19:28.0171 3952 Fs_Rec - ok
13:19:28.0218 3952 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:19:28.0359 3952 Ftdisk - ok
13:19:28.0437 3952 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:19:28.0593 3952 Gpc - ok
13:19:28.0656 3952 [ 20A940D96E69BE65F9B6E4695BAAC6DC ] GT72NDISIPXP C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys
13:19:28.0703 3952 GT72NDISIPXP - ok
13:19:28.0750 3952 [ 1678D49EA3E76CCABDE89D7B26D5061C ] GT72UBUS C:\WINDOWS\system32\DRIVERS\gt72ubus.sys
13:19:28.0812 3952 GT72UBUS - ok
13:19:28.0890 3952 [ 4A58B52E866BC50F81F63FE181384982 ] GTDetectSc C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
13:19:28.0906 3952 GTDetectSc ( UnsignedFile.Multi.Generic ) - warning
13:19:28.0906 3952 GTDetectSc - detected UnsignedFile.Multi.Generic (1)
13:19:28.0968 3952 [ 346DDAEFA04E49AD804EE12D4BAA0ED3 ] GTPTSER C:\WINDOWS\system32\DRIVERS\gtptser.sys
13:19:29.0015 3952 GTPTSER - ok
13:19:29.0078 3952 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:19:29.0125 3952 HDAudBus - ok
13:19:29.0203 3952 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:19:29.0359 3952 helpsvc - ok
13:19:29.0359 3952 HidServ - ok
13:19:29.0437 3952 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:19:29.0609 3952 HidUsb - ok
13:19:29.0609 3952 hpn - ok
13:19:29.0671 3952 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
13:19:29.0718 3952 HSFHWAZL - ok
13:19:29.0781 3952 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
13:19:29.0828 3952 HSF_DPV - ok
13:19:29.0890 3952 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:19:29.0937 3952 HTTP - ok
13:19:29.0984 3952 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:19:30.0156 3952 HTTPFilter - ok
13:19:30.0250 3952 [ 2310CA92D37D97C9231ADF1796B47B9D ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
13:19:30.0328 3952 hwdatacard - ok
13:19:30.0375 3952 [ 8F09F91B5C91363B77BCD15599570F2C ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
13:19:30.0531 3952 i2omgmt - ok
13:19:30.0546 3952 i2omp - ok
13:19:30.0640 3952 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:19:30.0812 3952 i8042prt - ok
13:19:31.0062 3952 [ 28423512370705AEDA6A652FEDB25468 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
13:19:31.0312 3952 ialm - ok
13:19:31.0390 3952 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:19:31.0437 3952 idsvc - ok
13:19:31.0468 3952 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:19:31.0625 3952 Imapi - ok
13:19:31.0671 3952 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:19:31.0843 3952 ImapiService - ok
13:19:31.0859 3952 ini910u - ok
13:19:31.0937 3952 [ F8F75594C17FE7BCE1B4045BB7199868 ] int15 C:\WINDOWS\system32\drivers\int15.sys
13:19:31.0953 3952 int15 - ok
13:19:32.0140 3952 [ 12F4D2AA29745DC2A403FF42E75CF7FA ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:19:32.0359 3952 IntcAzAudAddService - ok
13:19:32.0375 3952 IntelIde - ok
13:19:32.0421 3952 [ 10A3AC0F0DF720AD3C3FD13861D50EB9 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:19:32.0578 3952 intelppm - ok
13:19:32.0625 3952 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:19:32.0921 3952 Ip6Fw - ok
13:19:32.0937 3952 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:19:33.0140 3952 IpFilterDriver - ok
13:19:33.0218 3952 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:19:33.0375 3952 IpInIp - ok
13:19:33.0437 3952 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:19:33.0937 3952 IpNat - ok
13:19:33.0968 3952 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:19:34.0125 3952 IPSec - ok
13:19:34.0140 3952 [ 86C204836FEEC22510D434982D4221B8 ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
13:19:34.0265 3952 irda - ok
13:19:34.0296 3952 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:19:34.0406 3952 IRENUM - ok
13:19:34.0421 3952 [ E16AC23F81CFE1223AB470F9982DE89D ] Irmon C:\WINDOWS\System32\irmon.dll
13:19:34.0531 3952 Irmon - ok
13:19:34.0640 3952 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:19:34.0796 3952 isapnp - ok
13:19:34.0890 3952 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
13:19:34.0890 3952 JavaQuickStarterService - ok
13:19:34.0906 3952 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:19:35.0062 3952 Kbdclass - ok
13:19:35.0140 3952 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:19:35.0656 3952 kmixer - ok
13:19:35.0703 3952 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:19:35.0796 3952 KSecDD - ok
13:19:35.0843 3952 [ 9757F6E16FD1EAB54D6EB9D5EB3CBCB5 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:19:36.0359 3952 lanmanserver - ok
13:19:36.0421 3952 [ 6BF7BAF420DD4422D2C35DFB3E51A29C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:19:36.0453 3952 lanmanworkstation - ok
13:19:36.0500 3952 [ CC50A66548C2F285BC8A7B0B8AA578E3 ] lbrtfdc C:\WINDOWS\system32\drivers\lbrtfdc.sys
13:19:36.0656 3952 lbrtfdc - ok
13:19:36.0734 3952 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:19:36.0890 3952 LmHosts - ok
13:19:36.0921 3952 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:19:36.0937 3952 MBAMProtector - ok
13:19:36.0984 3952 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:19:37.0000 3952 MBAMScheduler - ok
13:19:37.0046 3952 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:19:37.0078 3952 MBAMService - ok
13:19:37.0140 3952 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
13:19:37.0187 3952 MDM ( UnsignedFile.Multi.Generic ) - warning
13:19:37.0187 3952 MDM - detected UnsignedFile.Multi.Generic (1)
13:19:37.0234 3952 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:19:37.0265 3952 mdmxsdk - ok
13:19:37.0296 3952 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:19:37.0468 3952 Messenger - ok
13:19:37.0515 3952 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:19:37.0531 3952 Microsoft Office Groove Audit Service - ok
13:19:37.0562 3952 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:19:37.0796 3952 mnmdd - ok
13:19:37.0828 3952 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:19:38.0000 3952 mnmsrvc - ok
13:19:38.0046 3952 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:19:38.0187 3952 Modem - ok
13:19:38.0203 3952 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:19:38.0406 3952 Mouclass - ok
13:19:38.0453 3952 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:19:38.0609 3952 mouhid - ok
13:19:38.0625 3952 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:19:38.0781 3952 MountMgr - ok
13:19:38.0781 3952 mraid35x - ok
13:19:38.0812 3952 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:19:39.0359 3952 MRxDAV - ok
13:19:39.0406 3952 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:19:39.0484 3952 MRxSmb - ok
13:19:39.0531 3952 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:19:39.0796 3952 MSDTC - ok
13:19:39.0812 3952 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:19:40.0015 3952 Msfs - ok
13:19:40.0015 3952 MSIServer - ok
13:19:40.0109 3952 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:19:40.0281 3952 MSKSSRV - ok
13:19:40.0312 3952 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:19:40.0484 3952 MSPCLOCK - ok
13:19:40.0531 3952 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:19:40.0671 3952 MSPQM - ok
13:19:40.0703 3952 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:19:40.0859 3952 mssmbios - ok
13:19:40.0921 3952 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:19:41.0078 3952 MSTEE - ok
13:19:41.0140 3952 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:19:41.0281 3952 Mup - ok
13:19:41.0312 3952 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:19:41.0468 3952 NABTSFEC - ok
13:19:41.0609 3952 [ 87A00FAEDD703D8D2BDCB29CE5EEEA6B ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
13:19:41.0656 3952 NBService ( UnsignedFile.Multi.Generic ) - warning
13:19:41.0656 3952 NBService - detected UnsignedFile.Multi.Generic (1)
13:19:41.0703 3952 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:19:41.0890 3952 NDIS - ok
13:19:41.0921 3952 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:19:42.0093 3952 NdisIP - ok
13:19:42.0140 3952 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:19:42.0359 3952 NdisTapi - ok
13:19:42.0421 3952 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:19:42.0578 3952 Ndisuio - ok
13:19:42.0593 3952 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:19:42.0812 3952 NdisWan - ok
13:19:42.0828 3952 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:19:43.0000 3952 NDProxy - ok
13:19:43.0015 3952 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:19:43.0187 3952 NetBIOS - ok
13:19:43.0203 3952 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:19:43.0375 3952 NetBT - ok
13:19:43.0406 3952 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
13:19:43.0562 3952 NetDDE - ok
13:19:43.0578 3952 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:19:43.0718 3952 NetDDEdsdm - ok
13:19:43.0781 3952 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:19:43.0937 3952 Netlogon - ok
13:19:44.0015 3952 [ 86AD5B0E02F2C968FBB096AB4C555C9C ] Netman C:\WINDOWS\System32\netman.dll
13:19:44.0546 3952 Netman - ok
13:19:44.0593 3952 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:19:44.0593 3952 NetTcpPortSharing - ok
13:19:44.0609 3952 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:19:44.0781 3952 NIC1394 - ok
13:19:44.0828 3952 [ A6E79B60AC73241E5721AB6A573D2B24 ] Nla C:\WINDOWS\System32\mswsock.dll
13:19:44.0921 3952 Nla - ok
13:19:44.0953 3952 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:19:45.0125 3952 Npfs - ok
13:19:45.0218 3952 [ 6216798D29C3BA9D0D6F40BBBAB694A5 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys
13:19:45.0328 3952 NSCIRDA - ok
13:19:45.0343 3952 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:19:45.0906 3952 Ntfs - ok
13:19:45.0921 3952 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:19:46.0078 3952 NtLmSsp - ok
13:19:46.0109 3952 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:19:46.0296 3952 NtmsSvc - ok
13:19:46.0328 3952 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:19:46.0484 3952 Null - ok
13:19:46.0531 3952 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:19:46.0781 3952 NwlnkFlt - ok
13:19:46.0796 3952 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:19:47.0000 3952 NwlnkFwd - ok
13:19:47.0078 3952 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:19:47.0125 3952 odserv - ok
13:19:47.0156 3952 [ 0951DB8E5823EA366B0E408D71E1BA2A ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:19:47.0328 3952 ohci1394 - ok
13:19:47.0390 3952 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:19:47.0406 3952 ose - ok
13:19:47.0453 3952 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\drivers\Parport.sys
13:19:47.0625 3952 Parport - ok
13:19:47.0625 3952 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:19:47.0843 3952 PartMgr - ok
13:19:47.0906 3952 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:19:48.0062 3952 ParVdm - ok
13:19:48.0093 3952 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:19:48.0250 3952 PCI - ok
13:19:48.0250 3952 PCIDump - ok
13:19:48.0265 3952 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:19:48.0406 3952 PCIIde - ok
13:19:48.0421 3952 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
13:19:48.0578 3952 Pcmcia - ok
13:19:48.0578 3952 PDCOMP - ok
13:19:48.0593 3952 PDFRAME - ok
13:19:48.0609 3952 PDRELI - ok
13:19:48.0609 3952 PDRFRAME - ok
13:19:48.0625 3952 perc2 - ok
13:19:48.0640 3952 perc2hib - ok
13:19:48.0687 3952 [ 4F9F7B567970B524F31D9970A23F7C24 ] PlugPlay C:\WINDOWS\system32\services.exe
13:19:48.0796 3952 PlugPlay - ok
13:19:48.0828 3952 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:19:48.0968 3952 PolicyAgent - ok
13:19:49.0015 3952 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:19:49.0171 3952 PptpMiniport - ok
13:19:49.0171 3952 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:19:49.0328 3952 ProtectedStorage - ok
13:19:49.0328 3952 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:19:49.0546 3952 PSched - ok
13:19:49.0578 3952 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:19:49.0734 3952 Ptilink - ok
13:19:49.0750 3952 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:19:49.0750 3952 PxHelp20 - ok
13:19:49.0765 3952 ql1080 - ok
13:19:49.0781 3952 Ql10wnt - ok
13:19:49.0781 3952 ql12160 - ok
13:19:49.0796 3952 ql1240 - ok
13:19:49.0796 3952 ql1280 - ok
13:19:49.0828 3952 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:19:49.0984 3952 RasAcd - ok
13:19:50.0015 3952 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:19:50.0171 3952 RasAuto - ok
13:19:50.0187 3952 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
13:19:50.0281 3952 Rasirda - ok
13:19:50.0328 3952 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:19:50.0484 3952 Rasl2tp - ok
13:19:50.0546 3952 [ 43A5C7969718EE00940A6D096960DBC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:19:51.0078 3952 RasMan - ok
13:19:51.0078 3952 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:19:51.0234 3952 RasPppoe - ok
13:19:51.0265 3952 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:19:51.0421 3952 Raspti - ok
13:19:51.0484 3952 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:19:52.0031 3952 Rdbss - ok
13:19:52.0062 3952 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:19:52.0203 3952 RDPCDD - ok
13:19:52.0312 3952 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:19:52.0468 3952 rdpdr - ok
13:19:52.0546 3952 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:19:53.0078 3952 RDPWD - ok
13:19:53.0125 3952 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:19:53.0296 3952 RDSessMgr - ok
13:19:53.0328 3952 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:19:53.0484 3952 redbook - ok
13:19:53.0531 3952 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:19:53.0781 3952 RemoteAccess - ok
13:19:53.0828 3952 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:19:54.0000 3952 RemoteRegistry - ok
13:19:54.0093 3952 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:19:54.0234 3952 RpcLocator - ok
13:19:54.0281 3952 [ 2B269C916766BDB43404F043B763427D ] RpcSs C:\WINDOWS\System32\rpcss.dll
13:19:54.0421 3952 RpcSs - ok
13:19:54.0453 3952 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:19:54.0625 3952 RSVP - ok
13:19:54.0671 3952 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
13:19:54.0828 3952 SamSs - ok
13:19:54.0890 3952 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:19:55.0062 3952 SCardSvr - ok
13:19:55.0109 3952 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:19:55.0265 3952 Schedule - ok
13:19:55.0281 3952 [ 02FC71B020EC8700EE8A46C58BC6F276 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
13:19:55.0437 3952 sdbus - ok
13:19:55.0546 3952 [ 271077B91D7AD1B616F8AFDFE8E3F981 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:19:55.0546 3952 SeaPort - ok
13:19:55.0562 3952 Secdrv - ok
13:19:55.0609 3952 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:19:55.0765 3952 seclogon - ok
13:19:55.0781 3952 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
13:19:55.0937 3952 SENS - ok
13:19:55.0984 3952 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
13:19:56.0156 3952 Serial - ok
13:19:56.0234 3952 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:19:56.0265 3952 ServiceLayer - ok
13:19:56.0312 3952 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:19:56.0468 3952 Sfloppy - ok
13:19:56.0546 3952 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:19:56.0734 3952 SharedAccess - ok
13:19:56.0765 3952 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:19:57.0296 3952 ShellHWDetection - ok
13:19:57.0312 3952 Simbad - ok
13:19:57.0359 3952 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:19:57.0500 3952 SLIP - ok
13:19:57.0515 3952 Sparrow - ok
13:19:57.0562 3952 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:19:58.0109 3952 splitter - ok
13:19:58.0156 3952 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:19:58.0703 3952 Spooler - ok
13:19:58.0765 3952 [ 71E276F6D189413266EA22171806597B ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
13:19:58.0796 3952 sptd - ok
13:19:58.0843 3952 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:19:58.0953 3952 sr - ok
13:19:59.0000 3952 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
13:19:59.0109 3952 srservice - ok
13:19:59.0156 3952 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:19:59.0234 3952 Srv - ok
13:19:59.0281 3952 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:19:59.0406 3952 SSDPSRV - ok
13:19:59.0453 3952 [ B824215A934A24928CDDD1EF7E113035 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:20:00.0031 3952 stisvc - ok
13:20:00.0078 3952 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:20:00.0312 3952 streamip - ok
13:20:00.0375 3952 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:20:00.0593 3952 swenum - ok
13:20:00.0656 3952 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:20:00.0890 3952 swmidi - ok
13:20:00.0906 3952 SwPrv - ok
13:20:00.0906 3952 symc810 - ok
13:20:00.0921 3952 symc8xx - ok
13:20:00.0937 3952 sym_hi - ok
13:20:00.0937 3952 sym_u3 - ok
13:20:01.0281 3952 [ CC5DA243CFDAC58FC0408F7CE24084C5 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
13:20:01.0421 3952 SynTP - ok
13:20:01.0468 3952 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:20:01.0671 3952 sysaudio - ok
13:20:01.0734 3952 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:20:01.0921 3952 SysmonLog - ok
13:20:02.0000 3952 [ 250241D65CCF692AEACC318A266413C2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:20:02.0703 3952 TapiSrv - ok
13:20:02.0750 3952 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:20:02.0968 3952 Tcpip - ok
13:20:03.0000 3952 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:20:03.0171 3952 TDPIPE - ok
13:20:03.0187 3952 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:20:03.0359 3952 TDTCP - ok
13:20:03.0390 3952 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:20:03.0546 3952 TermDD - ok
13:20:03.0578 3952 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
13:20:03.0750 3952 TermService - ok
13:20:03.0750 3952 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:20:04.0328 3952 Themes - ok
13:20:04.0390 3952 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
13:20:04.0421 3952 tifm21 - ok
13:20:04.0468 3952 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:20:04.0609 3952 TlntSvr - ok
13:20:04.0625 3952 TosIde - ok
13:20:04.0640 3952 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:20:04.0812 3952 TrkWks - ok
13:20:04.0890 3952 [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] tvicport C:\WINDOWS\system32\drivers\tvicport.sys
13:20:04.0890 3952 tvicport ( UnsignedFile.Multi.Generic ) - warning
13:20:04.0890 3952 tvicport - detected UnsignedFile.Multi.Generic (1)
13:20:04.0937 3952 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:20:05.0078 3952 Udfs - ok
13:20:05.0078 3952 UIUSys - ok
13:20:05.0093 3952 ultra - ok
13:20:05.0187 3952 [ CED744117E91BDC0BEB810F7D8608183 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:20:05.0781 3952 Update - ok
13:20:05.0812 3952 [ 0C0C2C77C6B52181369594F2AA36AF40 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:20:06.0390 3952 upnphost - ok
13:20:06.0421 3952 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
13:20:06.0578 3952 UPS - ok
13:20:06.0687 3952 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
13:20:07.0031 3952 usbaudio - ok
13:20:07.0046 3952 usbbus - ok
13:20:07.0062 3952 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:20:07.0234 3952 usbccgp - ok
13:20:07.0250 3952 UsbDiag - ok
13:20:07.0296 3952 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:20:07.0453 3952 usbehci - ok
13:20:07.0500 3952 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:20:07.0750 3952 usbhub - ok
13:20:07.0765 3952 USBModem - ok
13:20:07.0812 3952 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:20:08.0015 3952 usbscan - ok
13:20:08.0062 3952 [ 49106EE29074E6A3D3AC9E24C6D791D8 ] usbser C:\WINDOWS\system32\drivers\usbser.sys
13:20:08.0203 3952 usbser - ok
13:20:08.0281 3952 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:20:08.0437 3952 USBSTOR - ok
13:20:08.0468 3952 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:20:08.0625 3952 usbuhci - ok
13:20:08.0640 3952 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:20:08.0796 3952 VgaSave - ok
13:20:08.0796 3952 ViaIde - ok
13:20:08.0843 3952 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:20:09.0000 3952 VolSnap - ok
13:20:09.0109 3952 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
13:20:09.0218 3952 VSS - ok
13:20:09.0234 3952 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
13:20:09.0390 3952 W32Time - ok
13:20:09.0453 3952 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:20:09.0687 3952 Wanarp - ok
13:20:09.0750 3952 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
13:20:09.0781 3952 Wdf01000 - ok
13:20:09.0781 3952 WDICA - ok
13:20:09.0812 3952 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:20:10.0390 3952 wdmaud - ok
13:20:10.0437 3952 [ 4BD50644CF52F00091F894AB7541E538 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:20:11.0000 3952 WebClient - ok
13:20:11.0062 3952 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:20:11.0109 3952 winachsf - ok
13:20:11.0203 3952 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:20:11.0359 3952 winmgmt - ok
13:20:11.0468 3952 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:20:11.0562 3952 WmdmPmSN - ok
13:20:11.0625 3952 [ E428EED87E8055FB995CF0E4D1532D4C ] Wmi C:\WINDOWS\System32\advapi32.dll
13:20:11.0765 3952 Wmi - ok
13:20:11.0796 3952 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:20:11.0953 3952 WmiAcpi - ok
13:20:12.0015 3952 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:20:12.0171 3952 WmiApSrv - ok
13:20:12.0328 3952 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:20:12.0359 3952 WMPNetworkSvc - ok
13:20:12.0406 3952 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
13:20:12.0453 3952 WpdUsb - ok
13:20:12.0453 3952 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:20:12.0625 3952 WS2IFSL - ok
13:20:12.0671 3952 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:20:12.0843 3952 wscsvc - ok
13:20:12.0859 3952 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:20:13.0078 3952 WSTCODEC - ok
13:20:13.0171 3952 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:20:13.0328 3952 wuauserv - ok
13:20:13.0359 3952 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:20:13.0421 3952 WudfPf - ok
13:20:13.0453 3952 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:20:13.0484 3952 WudfRd - ok
13:20:13.0515 3952 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:20:13.0546 3952 WudfSvc - ok
13:20:13.0609 3952 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:20:13.0796 3952 WZCSVC - ok
13:20:13.0812 3952 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:20:13.0984 3952 xmlprov - ok
13:20:14.0062 3952 [ 40AC8590CC9006DBB99FFCB37879D4C6 ] zntport C:\WINDOWS\system32\drivers\zntport.sys
13:20:14.0078 3952 zntport ( UnsignedFile.Multi.Generic ) - warning
13:20:14.0078 3952 zntport - detected UnsignedFile.Multi.Generic (1)
13:20:14.0109 3952 ================ Scan global ===============================
13:20:14.0171 3952 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
13:20:14.0218 3952 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
13:20:14.0250 3952 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
13:20:14.0296 3952 [ 4F9F7B567970B524F31D9970A23F7C24 ] C:\WINDOWS\system32\services.exe
13:20:14.0296 3952 [Global] - ok
13:20:14.0296 3952 ================ Scan MBR ==================================
13:20:14.0328 3952 [ 3B00EB857BBA060EBA3B17F7019E492F ] \Device\Harddisk0\DR0
13:20:14.0562 3952 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:20:14.0562 3952 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:20:14.0562 3952 ================ Scan VBR ==================================
13:20:14.0562 3952 [ 547DBCB024D36DE448AAAA6124F86884 ] \Device\Harddisk0\DR0\Partition1
13:20:14.0562 3952 \Device\Harddisk0\DR0\Partition1 - ok
13:20:14.0593 3952 [ 4BB30DA74C6C98EB818B7C9E216C119C ] \Device\Harddisk0\DR0\Partition2
13:20:14.0593 3952 \Device\Harddisk0\DR0\Partition2 - ok
13:20:14.0609 3952 ============================================================
13:20:14.0609 3952 Scan finished
13:20:14.0609 3952 ============================================================
13:20:14.0765 0248 Detected object count: 7
13:20:14.0765 0248 Actual detected object count: 7
13:22:24.0656 0248 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
13:22:24.0656 0248 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:22:24.0656 0248 GTDetectSc ( UnsignedFile.Multi.Generic ) - skipped by user
13:22:24.0656 0248 GTDetectSc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:22:24.0656 0248 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
13:22:24.0656 0248 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:22:24.0656 0248 NBService ( UnsignedFile.Multi.Generic ) - skipped by user
13:22:24.0656 0248 NBService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:22:24.0656 0248 tvicport ( UnsignedFile.Multi.Generic ) - skipped by user
13:22:24.0656 0248 tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:22:24.0656 0248 zntport ( UnsignedFile.Multi.Generic ) - skipped by user
13:22:24.0656 0248 zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:22:24.0656 0248 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:22:24.0656 0248 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:22:30.0484 2396 Deinitialize success
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 128 hostů