Logfile of random's system information tool 1.09 (written by random/random)
Run by kubco at 2011-11-19 12:58:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 10 GB (9%) free of 119 GB
Total RAM: 4095 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:58:57, on 19. 11. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\kubko.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12659 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -service
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 2120
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007fc
\??\C:\Windows\system32\conhost.exe "103640897726233632688816563-209725818457385764-87927078-1360012862089115324
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0a5783ab-9885-476c-b248-30cbb1497f15 -SystemEventPortName:HostProcess-0af93ffb-72a8-492b-a4be-f06b1d40c62a -IoCancelEventPortName:HostProcess-6e350e93-a846-4805-8122-c6735f34f674 -NonStateChangingEventPortName:HostProcess-46f42717-8c1d-4311-a0a5-7dce02bf3dab -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:329d5970-7e6b-4866-829e-5e7614808bd3
"taskhost.exe"
taskeng.exe {FF247D05-BEB1-4933-9046-6C97613700AB}
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:2060
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3448.63417b0.1716515636 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.8.0 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 3448 "\\.\pipe\gecko-crash-server-pipe.3448" plugin
C:\Windows\System32\svchost.exe -k DEFRAGSVC
"C:\Windows\system32\dfrgui.exe" /analyze \\?\Volume{7e768145-bf09-11de-a1d6-806e6f6e6963}\
C:\Windows\system32\AUDIODG.EXE 0x498
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
"C:\Users\kubko\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\kubko\AppData\Roaming\Mozilla\Firefox\Profiles\er3vzgei.kubco
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06, support@lastpass.com:1.74.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Aurora\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Aurora\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Aurora\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\kubko\AppData\Roaming\Mozilla\Firefox\Profiles\er3vzgei.kubco\extensions\
support@lastpass.com
{91aa5abe-9de4-4347-b7b5-322c38dd9271}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll [2010-06-13 2734688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll [2010-06-13 2734688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
D:\ICQ7\ICQ7.2\ICQ.exe [2011-01-05 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2009-10-22 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^kubko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-05-25 24176560]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"ADSMTray"=C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
"ZoneAlarm Client"=C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [2010-11-16 1043968]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-10-19 258512]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]
C:\Users\kubko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 115200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-11-19 12:43:29 ----D---- C:\Program Files\trend micro
2011-11-19 02:24:49 ----D---- C:\Program Files (x86)\Webteh
2011-11-18 21:18:31 ----DC---- C:\TDSSKiller_Quarantine
2011-11-18 21:14:23 ----AC---- C:\TDSSKiller.2.6.19.0_18.11.2011_21.14.23_log.txt
2011-11-18 11:48:17 ----D---- C:\ProgramData\Blizzard Entertainment
2011-11-17 15:03:43 ----DC---- C:\Download
2011-11-17 12:28:13 ----D---- C:\Users\kubko\AppData\Roaming\Apple Computer
2011-11-17 12:28:01 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2011-11-17 12:28:01 ----A---- C:\Windows\system32\GEARAspi64.dll
2011-11-17 12:28:01 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-11-17 12:27:19 ----D---- C:\Program Files\iPod
2011-11-17 12:27:18 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-11-17 12:27:18 ----D---- C:\Program Files\iTunes
2011-11-17 12:27:18 ----D---- C:\Program Files (x86)\iTunes
2011-11-17 12:26:03 ----D---- C:\Program Files (x86)\Apple Software Update
2011-11-17 11:58:17 ----D---- C:\Program Files (x86)\EphPod
2011-11-16 18:04:46 ----D---- C:\ProgramData\NexonUS
2011-11-16 15:57:27 ----D---- C:\Windows\system32\Macromed
2011-11-16 14:00:13 ----D---- C:\Users\kubko\AppData\Roaming\Evolved
2011-11-16 13:47:58 ----D---- C:\Program Files (x86)\Jane's Advanced Strike Fighters
2011-11-13 11:09:13 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2011-11-13 11:09:13 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2011-11-13 11:09:13 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-11-13 11:09:13 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-11-13 11:09:12 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2011-11-13 11:09:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2011-11-13 11:09:12 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-11-13 11:09:12 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-11-13 11:08:58 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2011-11-13 11:08:58 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-11-13 11:08:57 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2011-11-13 11:08:57 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-11-13 10:39:32 ----D---- C:\Windows\SYSWOW64\directx
2011-11-13 10:35:51 ----D---- C:\Program Files (x86)\theHunter
2011-11-11 19:11:26 ----D---- C:\ProgramData\NFS Underground
2011-11-11 17:03:01 ----D---- C:\Program Files (x86)\EA GAMES
2011-11-10 21:01:57 ----D---- C:\Program Files (x86)\Rockstar Games
2011-11-10 20:31:55 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-11-09 15:30:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-11-09 13:24:20 ----D---- C:\Program Files (x86)\Magical Jelly Bean
2011-11-09 08:29:02 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-09 08:28:58 ----A---- C:\Windows\system32\win32k.sys
2011-11-08 16:52:28 ----D---- C:\Users\kubko\AppData\Roaming\Avira
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-11-08 16:46:36 ----D---- C:\ProgramData\Avira
2011-11-08 16:46:36 ----D---- C:\Program Files (x86)\Avira
2011-11-07 16:26:25 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-11-07 16:26:25 ----A---- C:\Windows\system32\xmllite.dll
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-11-07 16:26:12 ----A---- C:\Windows\system32\shell32.dll
2011-11-07 16:26:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-11-07 16:25:46 ----A---- C:\Windows\system32\tquery.dll
2011-11-07 16:25:46 ----A---- C:\Windows\system32\mssrch.dll
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-11-07 16:25:45 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-11-07 16:25:45 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssvp.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssphtb.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssph.dll
2011-11-07 16:25:43 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-11-07 16:25:43 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-11-07 16:25:43 ----A---- C:\Windows\system32\msscntrs.dll
2011-11-07 16:25:40 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-11-07 16:25:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\FntCache.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\DWrite.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\d2d1.dll
2011-11-07 16:25:37 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-11-07 16:25:37 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-11-07 16:25:35 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-11-07 16:25:35 ----A---- C:\Windows\explorer.exe
2011-11-07 16:25:32 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-11-07 16:25:30 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-11-07 16:25:30 ----A---- C:\Windows\system32\XpsPrint.dll
2011-11-07 16:22:29 ----A---- C:\Windows\system32\esent.dll
2011-11-07 16:22:28 ----A---- C:\Windows\SYSWOW64\esent.dll
2011-11-07 16:22:28 ----A---- C:\Windows\system32\fsutil.exe
2011-11-07 16:22:27 ----A---- C:\Windows\system32\drivers\storport.sys
2011-11-07 16:22:27 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-11-07 16:22:26 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-11-07 16:22:24 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-11-07 16:21:15 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2011-11-07 16:21:15 ----A---- C:\Windows\system32\prevhost.exe
2011-10-31 18:27:59 ----D---- C:\Program Files (x86)\DotAlicious Gaming Client
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\java.exe
======List of files/folders modified in the last 1 month======
2011-11-19 12:58:53 ----D---- C:\Windows\Temp
2011-11-19 12:55:00 ----D---- C:\Windows\Internet Logs
2011-11-19 12:43:36 ----D---- C:\Windows\Prefetch
2011-11-19 12:43:29 ----RD---- C:\Program Files
2011-11-19 11:42:14 ----D---- C:\Windows\tracing
2011-11-19 11:01:22 ----D---- C:\Windows\system32\config
2011-11-19 11:01:16 ----D---- C:\Windows\winsxs
2011-11-19 10:48:30 ----D---- C:\Users\kubko\AppData\Roaming\Dropbox
2011-11-19 10:45:21 ----SHD---- C:\Config.Msi
2011-11-19 10:44:35 ----D---- C:\Windows\system32\catroot
2011-11-19 10:41:59 ----SHD---- C:\Windows\Installer
2011-11-19 10:41:42 ----D---- C:\Windows\system32\DriverStore
2011-11-19 10:41:42 ----D---- C:\Windows\inf
2011-11-19 10:41:38 ----D---- C:\Program Files\Common Files
2011-11-19 10:41:11 ----SHD---- C:\System Volume Information
2011-11-19 10:40:35 ----RD---- C:\Program Files (x86)
2011-11-19 10:40:34 ----D---- C:\Windows\SysWOW64
2011-11-19 10:40:34 ----D---- C:\Windows\System32
2011-11-19 02:17:22 ----D---- C:\Windows\SYSWOW64\drivers
2011-11-19 02:14:32 ----D---- C:\Users\kubko\AppData\Roaming\BSplayer
2011-11-18 21:14:25 ----D---- C:\Windows\system32\drivers
2011-11-18 20:58:39 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-18 18:49:57 ----D---- C:\Users\kubko\AppData\Roaming\ICQ
2011-11-18 13:38:25 ----D---- C:\Windows
2011-11-18 13:36:25 ----D---- C:\Users\kubko\AppData\Roaming\uTorrent
2011-11-18 11:48:17 ----HD---- C:\ProgramData
2011-11-18 11:43:22 ----D---- C:\Program Files (x86)\Google
2011-11-18 10:59:54 ----D---- C:\Users\kubko\AppData\Roaming\DAEMON Tools Lite
2011-11-18 10:59:47 ----D---- C:\Windows\Logs
2011-11-18 10:59:47 ----D---- C:\Windows\debug
2011-11-17 16:37:54 ----D---- C:\ProgramData\NexonEU
2011-11-17 16:34:48 ----D---- C:\Program Files (x86)\BandiMPEG1
2011-11-17 16:24:06 ----D---- C:\Nexon
2011-11-17 15:03:28 ----A---- C:\Windows\SYSWOW64\nxEuUninstall.bat
2011-11-17 15:03:27 ----A---- C:\Windows\NEXON_EU_DownloaderUpdater.exe
2011-11-17 13:58:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-17 12:28:00 ----DC---- C:\Windows\system32\DRVSTORE
2011-11-17 12:27:18 ----D---- C:\ProgramData\Apple Computer
2011-11-17 12:25:58 ----D---- C:\Windows\system32\Tasks
2011-11-17 12:25:32 ----D---- C:\ProgramData\Apple
2011-11-16 18:21:08 ----D---- C:\ProgramData\PMB Files
2011-11-15 22:39:31 ----D---- C:\Windows\system32\NDF
2011-11-13 11:10:18 ----D---- C:\Program Files (x86)\Aurora
2011-11-13 11:08:50 ----D---- C:\Windows\system32\catroot2
2011-11-13 09:43:48 ----D---- C:\Program Files\Common Files\System
2011-11-13 09:27:49 ----D---- C:\ProgramData\Microsoft Help
2011-11-13 09:26:10 ----RSD---- C:\Windows\assembly
2011-11-13 09:18:54 ----A---- C:\Windows\system32\MRT.exe
2011-11-12 21:37:36 ----D---- C:\Users\kubko\AppData\Roaming\Skype
2011-11-10 21:02:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-11-09 15:35:38 ----D---- C:\Program Files (x86)\MSBuild
2011-11-09 15:34:06 ----SD---- C:\ProgramData\Microsoft
2011-11-09 08:30:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-11-08 21:40:14 ----D---- C:\Windows\Microsoft.NET
2011-11-08 15:36:10 ----D---- C:\Windows\pss
2011-11-08 15:34:07 ----A---- C:\Windows\system32\acovcnt.exe
2011-11-07 16:56:42 ----RSD---- C:\Windows\Fonts
2011-11-07 16:56:39 ----D---- C:\Windows\AppPatch
2011-11-07 16:56:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-11-07 16:56:37 ----D---- C:\Windows\system32\cs-CZ
2011-10-31 11:31:47 ----D---- C:\Program Files (x86)\Java
2011-10-23 10:39:50 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-10-22 35384]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-06-15 229408]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-10 530488]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2010-06-15 593952]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-06-15 711712]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-10-19 130760]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-10-19 27760]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 458840]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-10-19 97312]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2010-06-15 81952]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-06-26 6036480]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-08-31 25416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_amd64.sys [2009-05-18 343592]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-06-05 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S3 adgrk2ph;adgrk2ph; C:\Windows\system32\drivers\adgrk2ph.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 7168]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2010-07-15 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2010-07-15 8456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-06-03 33344]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2010-04-29 32768]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2008-03-06 599320]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-06-25 203264]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-19 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-19 86224]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-07-10 128224]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2008-03-06 495936]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2010-11-16 2435592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 135664]
S3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 135664]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-11-13 934760]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-11-05 419624]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
margaretiak
- Návštěvník
- Příspěvky: 154
- Registrován: 13 úno 2010 00:56
- Bydliště: bratislava
prosim o kontrolu logu
Asus N55SF-SX384/procesor: Intel® Core™ i5-2430M (2.4GHz, 3MB)/grafika: NVIDIA® GeForce® GT 555M DDR3 2GB VRAM/systémová pameť: 8GB (2x4GB) DDR3 1333
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Hezké odpoledne 
Mohl bych viděl log z TDSSKilleru? C:\TDSSKiller.2.6.19.0_18.11.2011_21.14.23_log.txt
Spustíme si HijackThis
(Pokud nenajdeme nebo nemáme,tak stáhneme ZDE )
Otevřeme si Služby 
TFC
Údržba PC:
1)Čištění dočasných složek + neplatné registry
Ccleaner
Defraggler
FileHippo.com Update Checker
Jak se chová PC 
+ nový RSIT
Mohl bych viděl log z TDSSKilleru? C:\TDSSKiller.2.6.19.0_18.11.2011_21.14.23_log.txt Spustíme si HijackThis
Kód: Vybrat vše
C:\Program Files\trend micro\kubko.exe
- Dále klikneme na tlačítko Do a system scan only
- Najdeme a označíme následující položky:
Kód: Vybrat vše
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file) O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file) O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file) O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file) O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file) O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file) O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file) O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file) O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file) O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file) O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file) - klikneme na položku Fix checked a potvrdíme tlačítkem Ano
Otevřeme si Služby
- Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění. Zkopírujte a vložte sem následujíci text: services.msc a dejte enter
- Otevře se vám okno se službami vašeho pc,najděte následující služby,dvojklikem rozklikněte,klikneme na Zastavit a dále nastavte Typ spuštění:Zakázano
Kód: Vybrat vše
Služba Google Update (gupdate) Služba Google Update (gupdatem) Google Updater Service
TFC
- Stáhneme a spustíme program
- Klikneme na Start a potvrdíme OK
- Program začne uklízet,poté restartuje pc
- po použití program smažte
Údržba PC:
1)Čištění dočasných složek + neplatné registry
- Stáhneme a nainstalujeme program
- Spustíme program
- ČISTIČ
Windows zde necháme vše jak je (pokud používáme IE,tak odškrkneme jeho položky) a zaškrkneme položky Start Menu zástupci a Zástupci na ploše a odškrkneme volbu Zbytky souborů v paměti
Aplikace - necháme jak je,ale pokud používáme nějaký prohlížeč (Google chrome,Firefox,Opera..) tak odškrkneme jeho položky
>Stiskeneme tlačítko Analyzovat a poté Spustit Cleaner - Registry
>Stiskneme tlačítko Hledej problémy,program začne hledat neplatné registry..podé zvolíme Opravit vybrané problémy..
>Program se zeptá,zda chceme vytvořit zálohu registrů,zvolíme ano a uložíme si někde zálohu(kdyby byli po opravení registru s něčím problémy,tak zálohu obnovíme tak,že spustíme uloženou zálohu a potvrdíme ano),dále zvolíme Opravit všechny problémy a Zavřít
>opakujte dokud nebude registr bez problémů - Program používáme 1x 14dní (záleží na používání pc,můžeme i jednou týdně)
Defraggler
- Stáhneme a nainstalujeme program
- Spustíme program
- Vybereme disk ( C:,D:..prostě který používáme)
- Pokud je ve sloupci Fragmentace více než 5% dejte Defragmentovat
- Proveďte se všemi používanými disky
- Provádíme 1x za měsíc
FileHippo.com Update Checker
- Stáhneme a nainstalujeme program(Při instalaci odškrkneme volbu Run at Startup )
- Spustíme program
- Program vyhledá nainstalované programy v PC a zjistí dostupné aktualizace
- Poté se vám otevře internetová stránka,kde budou nabídnuté aplikace k aktualizování
>X Updates Detected..to jsou dostupné aktualizace..
> klikneme na zelenou šipečku a stáhneme program,poté nainstalujeme jeho aktuální verzi
>
X Beta Updates Detected..tyto aktualizace nestahujte,jedná se o betaverze,které jsou ve vývoji a jsou nestabilní 
- Provádíme 1x za 14 dní nebo jednou za měsíc
Jak se chová PC + nový RSITNapiš mi: chodnik74@gmail.com nebo 
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| 
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. 
Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
-
margaretiak
- Návštěvník
- Příspěvky: 154
- Registrován: 13 úno 2010 00:56
- Bydliště: bratislava
Re: prosim o kontrolu logu
Dobry den. Tie tri vysledky som po googlovani preskocil. Log postnem tak do 2hodin.
21:14:23.0757 4936 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
21:14:24.0460 4936 ============================================================
21:14:24.0460 4936 Current date / time: 2011/11/18 21:14:24.0460
21:14:24.0460 4936 SystemInfo:
21:14:24.0460 4936
21:14:24.0460 4936 OS Version: 6.1.7601 ServicePack: 1.0
21:14:24.0460 4936 Product type: Workstation
21:14:24.0460 4936 ComputerName: KUBKO-PC
21:14:24.0461 4936 UserName: kubko
21:14:24.0461 4936 Windows directory: C:\Windows
21:14:24.0461 4936 System windows directory: C:\Windows
21:14:24.0461 4936 Running under WOW64
21:14:24.0461 4936 Processor architecture: Intel x64
21:14:24.0461 4936 Number of processors: 2
21:14:24.0461 4936 Page size: 0x1000
21:14:24.0461 4936 Boot type: Normal boot
21:14:24.0461 4936 ============================================================
21:14:26.0103 4936 Initialize success
21:14:31.0501 4016 ============================================================
21:14:31.0501 4016 Scan started
21:14:31.0501 4016 Mode: Manual;
21:14:31.0501 4016 ============================================================
21:14:33.0271 4016 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:14:33.0300 4016 1394ohci - ok
21:14:33.0598 4016 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:14:33.0604 4016 ACPI - ok
21:14:33.0743 4016 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:14:33.0750 4016 AcpiPmi - ok
21:14:33.0858 4016 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:14:33.0890 4016 adp94xx - ok
21:14:33.0979 4016 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:14:34.0021 4016 adpahci - ok
21:14:34.0049 4016 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:14:34.0063 4016 adpu320 - ok
21:14:34.0170 4016 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:14:34.0179 4016 AFD - ok
21:14:34.0278 4016 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:14:34.0298 4016 agp440 - ok
21:14:34.0506 4016 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:14:34.0513 4016 aliide - ok
21:14:34.0647 4016 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:14:34.0677 4016 amdide - ok
21:14:34.0718 4016 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:14:34.0728 4016 AmdK8 - ok
21:14:34.0751 4016 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:14:34.0767 4016 AmdPPM - ok
21:14:34.0786 4016 amdsata (8818a2ab90189b7ff60a24c0847f9a6b) C:\Windows\system32\DRIVERS\amdsata.sys
21:14:34.0787 4016 amdsata - ok
21:14:34.0811 4016 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:14:34.0829 4016 amdsbs - ok
21:14:34.0841 4016 amdxata (3c430969f097dee18d13010d678069cd) C:\Windows\system32\DRIVERS\amdxata.sys
21:14:34.0851 4016 amdxata - ok
21:14:34.0897 4016 androidusb (363571bc0c79e394e69300d1f2e3ddae) C:\Windows\system32\Drivers\androidusb.sys
21:14:34.0904 4016 androidusb - ok
21:14:34.0971 4016 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:14:34.0994 4016 AppID - ok
21:14:35.0238 4016 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:14:35.0255 4016 arc - ok
21:14:35.0538 4016 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:14:35.0583 4016 arcsas - ok
21:14:35.0735 4016 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
21:14:35.0754 4016 AsDsm - ok
21:14:35.0802 4016 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
21:14:35.0817 4016 ASMMAP64 - ok
21:14:35.0946 4016 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:14:35.0973 4016 AsyncMac - ok
21:14:36.0076 4016 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:14:36.0090 4016 atapi - ok
21:14:36.0195 4016 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
21:14:36.0286 4016 athr - ok
21:14:36.0948 4016 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys
21:14:37.0179 4016 atikmdag - ok
21:14:37.0277 4016 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
21:14:37.0288 4016 AtiPcie - ok
21:14:37.0340 4016 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
21:14:37.0353 4016 avgntflt - ok
21:14:37.0468 4016 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys
21:14:37.0483 4016 avipbb - ok
21:14:37.0609 4016 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:14:37.0618 4016 avkmgr - ok
21:14:37.0672 4016 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:14:37.0691 4016 b06bdrv - ok
21:14:37.0715 4016 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:14:37.0730 4016 b57nd60a - ok
21:14:37.0775 4016 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\Drivers\beep.sys
21:14:37.0781 4016 Beep - ok
21:14:37.0817 4016 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:14:37.0825 4016 blbdrive - ok
21:14:37.0867 4016 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:14:37.0880 4016 bowser - ok
21:14:37.0943 4016 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:14:37.0949 4016 BrFiltLo - ok
21:14:37.0971 4016 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:14:37.0976 4016 BrFiltUp - ok
21:14:38.0025 4016 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:14:38.0045 4016 Brserid - ok
21:14:38.0066 4016 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:14:38.0074 4016 BrSerWdm - ok
21:14:38.0105 4016 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:14:38.0112 4016 BrUsbMdm - ok
21:14:38.0129 4016 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:14:38.0134 4016 BrUsbSer - ok
21:14:38.0154 4016 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:14:38.0163 4016 BTHMODEM - ok
21:14:38.0199 4016 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:14:38.0211 4016 cdfs - ok
21:14:38.0238 4016 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:14:38.0251 4016 cdrom - ok
21:14:38.0268 4016 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:14:38.0277 4016 circlass - ok
21:14:38.0328 4016 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:14:38.0385 4016 CLFS - ok
21:14:38.0553 4016 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:14:38.0560 4016 CmBatt - ok
21:14:38.0694 4016 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:14:38.0714 4016 cmdide - ok
21:14:38.0865 4016 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
21:14:38.0938 4016 CNG - ok
21:14:39.0095 4016 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:14:39.0118 4016 Compbatt - ok
21:14:39.0203 4016 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:14:39.0218 4016 CompositeBus - ok
21:14:39.0387 4016 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:14:39.0395 4016 crcdisk - ok
21:14:39.0542 4016 CRFILTER (64beed6775c22b0362fa9ded3f8124a1) C:\Windows\system32\DRIVERS\CRFILTER.sys
21:14:39.0559 4016 CRFILTER - ok
21:14:39.0658 4016 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:14:39.0670 4016 DfsC - ok
21:14:39.0730 4016 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:14:39.0732 4016 discache - ok
21:14:39.0775 4016 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:14:39.0784 4016 Disk - ok
21:14:39.0903 4016 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:14:39.0919 4016 drmkaud - ok
21:14:40.0005 4016 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:14:40.0055 4016 DXGKrnl - ok
21:14:40.0126 4016 EagleX64 - ok
21:14:40.0148 4016 eamonm - ok
21:14:40.0482 4016 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:14:40.0607 4016 ebdrv - ok
21:14:40.0769 4016 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:14:40.0790 4016 elxstor - ok
21:14:41.0016 4016 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
21:14:41.0157 4016 epmntdrv - ok
21:14:41.0281 4016 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:14:41.0301 4016 ErrDev - ok
21:14:41.0461 4016 ETD (5cd1005b9bc241c3ab8501d5fbf09fd4) C:\Windows\system32\DRIVERS\ETD.sys
21:14:41.0481 4016 ETD - ok
21:14:41.0550 4016 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys
21:14:41.0558 4016 EuGdiDrv - ok
21:14:41.0600 4016 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:14:41.0613 4016 exfat - ok
21:14:41.0640 4016 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:14:41.0653 4016 fastfat - ok
21:14:41.0679 4016 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:14:41.0686 4016 fdc - ok
21:14:41.0709 4016 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:14:41.0758 4016 FileInfo - ok
21:14:41.0866 4016 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:14:41.0891 4016 Filetrace - ok
21:14:42.0007 4016 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:14:42.0033 4016 flpydisk - ok
21:14:42.0128 4016 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:14:42.0146 4016 FltMgr - ok
21:14:42.0219 4016 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:14:42.0236 4016 FsDepends - ok
21:14:42.0275 4016 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
21:14:42.0289 4016 fssfltr - ok
21:14:42.0326 4016 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:14:42.0335 4016 Fs_Rec - ok
21:14:42.0371 4016 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:14:42.0375 4016 fvevol - ok
21:14:42.0403 4016 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:14:42.0413 4016 gagp30kx - ok
21:14:42.0460 4016 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:14:42.0469 4016 GEARAspiWDM - ok
21:14:42.0629 4016 hamachi (f8f0851d336c3b88dbd7232b6348e09a) C:\Windows\system32\DRIVERS\hamachi.sys
21:14:42.0638 4016 hamachi - ok
21:14:42.0674 4016 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:14:42.0682 4016 hcw85cir - ok
21:14:42.0751 4016 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:14:42.0775 4016 HdAudAddService - ok
21:14:42.0822 4016 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:14:42.0837 4016 HDAudBus - ok
21:14:42.0871 4016 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:14:42.0878 4016 HidBatt - ok
21:14:42.0917 4016 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:14:42.0926 4016 HidBth - ok
21:14:42.0948 4016 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:14:42.0956 4016 HidIr - ok
21:14:42.0987 4016 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
21:14:43.0005 4016 HidUsb - ok
21:14:43.0077 4016 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:14:43.0100 4016 HpSAMD - ok
21:14:43.0162 4016 HTCAND64 (363571bc0c79e394e69300d1f2e3ddae) C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:14:43.0163 4016 HTCAND64 - ok
21:14:43.0330 4016 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:14:43.0385 4016 HTTP - ok
21:14:43.0426 4016 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:14:43.0428 4016 hwpolicy - ok
21:14:43.0539 4016 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:14:43.0563 4016 i8042prt - ok
21:14:43.0639 4016 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:14:43.0661 4016 iaStorV - ok
21:14:43.0713 4016 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:14:43.0724 4016 iirsp - ok
21:14:43.0770 4016 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:14:43.0778 4016 intelide - ok
21:14:43.0798 4016 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:14:43.0808 4016 intelppm - ok
21:14:43.0849 4016 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:14:43.0863 4016 IpFilterDriver - ok
21:14:43.0888 4016 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:14:43.0899 4016 IPMIDRV - ok
21:14:43.0926 4016 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:14:43.0937 4016 IPNAT - ok
21:14:43.0970 4016 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:14:43.0976 4016 IRENUM - ok
21:14:43.0993 4016 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:14:44.0001 4016 isapnp - ok
21:14:44.0028 4016 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:14:44.0047 4016 iScsiPrt - ok
21:14:44.0068 4016 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:14:44.0078 4016 kbdclass - ok
21:14:44.0104 4016 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:14:44.0112 4016 kbdhid - ok
21:14:44.0137 4016 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
21:14:44.0143 4016 kbfiltr - ok
21:14:44.0194 4016 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
21:14:44.0205 4016 KSecDD - ok
21:14:44.0250 4016 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
21:14:44.0274 4016 KSecPkg - ok
21:14:44.0306 4016 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:14:44.0315 4016 ksthunk - ok
21:14:44.0363 4016 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:14:44.0372 4016 lltdio - ok
21:14:44.0406 4016 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:14:44.0423 4016 LSI_FC - ok
21:14:44.0454 4016 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:14:44.0464 4016 LSI_SAS - ok
21:14:44.0485 4016 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:14:44.0494 4016 LSI_SAS2 - ok
21:14:44.0518 4016 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:14:44.0529 4016 LSI_SCSI - ok
21:14:44.0552 4016 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:14:44.0554 4016 luafv - ok
21:14:44.0583 4016 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
21:14:44.0594 4016 lullaby - ok
21:14:44.0652 4016 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
21:14:44.0654 4016 MBAMProtector - ok
21:14:44.0728 4016 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:14:44.0747 4016 megasas - ok
21:14:44.0829 4016 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:14:44.0848 4016 MegaSR - ok
21:14:44.0943 4016 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:14:44.0951 4016 Modem - ok
21:14:44.0990 4016 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:14:44.0991 4016 monitor - ok
21:14:45.0027 4016 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:14:45.0037 4016 mouclass - ok
21:14:45.0054 4016 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:14:45.0062 4016 mouhid - ok
21:14:45.0093 4016 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:14:45.0095 4016 mountmgr - ok
21:14:45.0135 4016 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:14:45.0150 4016 mpio - ok
21:14:45.0175 4016 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:14:45.0185 4016 mpsdrv - ok
21:14:45.0253 4016 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:14:45.0265 4016 MRxDAV - ok
21:14:45.0304 4016 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:14:45.0317 4016 mrxsmb - ok
21:14:45.0361 4016 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:14:45.0382 4016 mrxsmb10 - ok
21:14:45.0411 4016 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:14:45.0421 4016 mrxsmb20 - ok
21:14:45.0438 4016 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:14:45.0449 4016 msahci - ok
21:14:45.0485 4016 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:14:45.0500 4016 msdsm - ok
21:14:45.0540 4016 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:14:45.0551 4016 Msfs - ok
21:14:45.0573 4016 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:14:45.0578 4016 mshidkmdf - ok
21:14:45.0602 4016 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:14:45.0613 4016 msisadrv - ok
21:14:45.0647 4016 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:14:45.0652 4016 MSKSSRV - ok
21:14:45.0673 4016 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:14:45.0680 4016 MSPCLOCK - ok
21:14:45.0704 4016 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:14:45.0710 4016 MSPQM - ok
21:14:45.0741 4016 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:14:45.0758 4016 MsRPC - ok
21:14:45.0805 4016 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:14:45.0806 4016 mssmbios - ok
21:14:45.0824 4016 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:14:45.0830 4016 MSTEE - ok
21:14:45.0855 4016 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:14:45.0862 4016 MTConfig - ok
21:14:45.0894 4016 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
21:14:45.0901 4016 MTsensor - ok
21:14:45.0975 4016 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:14:45.0986 4016 Mup - ok
21:14:46.0033 4016 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:14:46.0040 4016 NativeWifiP - ok
21:14:46.0099 4016 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:14:46.0127 4016 NDIS - ok
21:14:46.0147 4016 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:14:46.0156 4016 NdisCap - ok
21:14:46.0179 4016 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:14:46.0204 4016 NdisTapi - ok
21:14:46.0236 4016 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:14:46.0247 4016 Ndisuio - ok
21:14:46.0292 4016 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:14:46.0324 4016 NdisWan - ok
21:14:46.0356 4016 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:14:46.0365 4016 NDProxy - ok
21:14:46.0398 4016 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:14:46.0406 4016 NetBIOS - ok
21:14:46.0451 4016 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:14:46.0455 4016 NetBT - ok
21:14:46.0506 4016 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:14:46.0516 4016 nfrd960 - ok
21:14:46.0541 4016 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:14:46.0549 4016 Npfs - ok
21:14:46.0575 4016 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:14:46.0576 4016 nsiproxy - ok
21:14:46.0648 4016 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:14:46.0738 4016 Ntfs - ok
21:14:46.0799 4016 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:14:46.0804 4016 Null - ok
21:14:46.0841 4016 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:14:46.0853 4016 nvraid - ok
21:14:46.0883 4016 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:14:46.0896 4016 nvstor - ok
21:14:46.0934 4016 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:14:46.0947 4016 nv_agp - ok
21:14:46.0990 4016 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:14:47.0001 4016 ohci1394 - ok
21:14:47.0054 4016 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:14:47.0064 4016 Parport - ok
21:14:47.0090 4016 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:14:47.0101 4016 partmgr - ok
21:14:47.0126 4016 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:14:47.0149 4016 pci - ok
21:14:47.0164 4016 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:14:47.0177 4016 pciide - ok
21:14:47.0224 4016 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:14:47.0241 4016 pcmcia - ok
21:14:47.0254 4016 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:14:47.0267 4016 pcw - ok
21:14:47.0299 4016 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:14:47.0330 4016 PEAUTH - ok
21:14:47.0416 4016 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:14:47.0431 4016 PptpMiniport - ok
21:14:47.0473 4016 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:14:47.0484 4016 Processor - ok
21:14:47.0520 4016 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:14:47.0522 4016 Psched - ok
21:14:47.0569 4016 pwdrvio (3d895d9e93d39e113184a3b0fd49ac77) C:\Windows\system32\pwdrvio.sys
21:14:47.0778 4016 pwdrvio - ok
21:14:47.0880 4016 pwdspio (2f7f3d3bdb65cafce52f3e1d52cab937) C:\Windows\system32\pwdspio.sys
21:14:47.0891 4016 pwdspio - ok
21:14:47.0968 4016 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:14:48.0030 4016 ql2300 - ok
21:14:48.0054 4016 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:14:48.0068 4016 ql40xx - ok
21:14:48.0092 4016 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:14:48.0100 4016 QWAVEdrv - ok
21:14:48.0123 4016 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:14:48.0130 4016 RasAcd - ok
21:14:48.0170 4016 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:14:48.0179 4016 RasAgileVpn - ok
21:14:48.0214 4016 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:14:48.0226 4016 Rasl2tp - ok
21:14:48.0251 4016 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:14:48.0262 4016 RasPppoe - ok
21:14:48.0287 4016 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:14:48.0298 4016 RasSstp - ok
21:14:48.0345 4016 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:14:48.0364 4016 rdbss - ok
21:14:48.0383 4016 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:14:48.0391 4016 rdpbus - ok
21:14:48.0419 4016 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:14:48.0420 4016 RDPCDD - ok
21:14:48.0440 4016 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:14:48.0441 4016 RDPENCDD - ok
21:14:48.0459 4016 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:14:48.0461 4016 RDPREFMP - ok
21:14:48.0495 4016 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:14:48.0508 4016 RDPWD - ok
21:14:48.0549 4016 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:14:48.0565 4016 rdyboost - ok
21:14:48.0634 4016 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:14:48.0644 4016 rspndr - ok
21:14:48.0683 4016 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:14:48.0700 4016 RTL8167 - ok
21:14:48.0738 4016 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:14:48.0751 4016 sbp2port - ok
21:14:48.0787 4016 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:14:48.0796 4016 scfilter - ok
21:14:48.0844 4016 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:14:48.0850 4016 secdrv - ok
21:14:48.0890 4016 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:14:48.0899 4016 Serenum - ok
21:14:48.0930 4016 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:14:48.0942 4016 Serial - ok
21:14:48.0979 4016 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:14:48.0986 4016 sermouse - ok
21:14:49.0037 4016 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:14:49.0043 4016 sffdisk - ok
21:14:49.0063 4016 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:14:49.0071 4016 sffp_mmc - ok
21:14:49.0087 4016 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:14:49.0094 4016 sffp_sd - ok
21:14:49.0124 4016 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:14:49.0130 4016 sfloppy - ok
21:14:49.0171 4016 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
21:14:49.0182 4016 SiSGbeLH - ok
21:14:49.0207 4016 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:14:49.0217 4016 SiSRaid2 - ok
21:14:49.0238 4016 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:14:49.0248 4016 SiSRaid4 - ok
21:14:49.0274 4016 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:14:49.0285 4016 Smb - ok
21:14:49.0345 4016 snapman (d33f37dd403741982dbe99c7b6b6ff63) C:\Windows\system32\DRIVERS\snapman.sys
21:14:49.0364 4016 snapman - ok
21:14:49.0421 4016 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
21:14:49.0491 4016 SNP2UVC - ok
21:14:49.0531 4016 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:14:49.0540 4016 spldr - ok
21:14:49.0595 4016 sptd (d519ad2de7968cd2b47fea807c5b29b2) C:\Windows\System32\Drivers\sptd.sys
21:14:49.0595 4016 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: d519ad2de7968cd2b47fea807c5b29b2
21:14:49.0598 4016 sptd ( LockedFile.Multi.Generic ) - warning
21:14:49.0598 4016 sptd - detected LockedFile.Multi.Generic (1)
21:14:49.0652 4016 SRS_PremiumSound_Service (ac51533c7eeb05aa02b294a60e946238) C:\Windows\system32\drivers\srs_PremiumSound_amd64.sys
21:14:49.0673 4016 SRS_PremiumSound_Service - ok
21:14:49.0722 4016 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:14:49.0743 4016 srv - ok
21:14:49.0783 4016 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:14:49.0823 4016 srv2 - ok
21:14:49.0838 4016 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:14:49.0852 4016 srvnet - ok
21:14:49.0909 4016 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:14:49.0918 4016 stexstor - ok
21:14:49.0959 4016 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:14:49.0967 4016 swenum - ok
21:14:50.0056 4016 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:14:50.0104 4016 Tcpip - ok
21:14:50.0167 4016 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:14:50.0204 4016 TCPIP6 - ok
21:14:50.0242 4016 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:14:50.0251 4016 tcpipreg - ok
21:14:50.0291 4016 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:14:50.0298 4016 TDPIPE - ok
21:14:50.0356 4016 tdrpman (ac1fc18d04b92bac16cbd85de2a08a0b) C:\Windows\system32\DRIVERS\tdrpman.sys
21:14:50.0393 4016 tdrpman - ok
21:14:50.0407 4016 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:14:50.0416 4016 TDTCP - ok
21:14:50.0457 4016 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:14:50.0468 4016 tdx - ok
21:14:50.0503 4016 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:14:50.0514 4016 TermDD - ok
21:14:50.0563 4016 tifsfilter (3e24b7fe52bc455da8d6e2cc2b4ca23f) C:\Windows\system32\DRIVERS\tifsfilt.sys
21:14:50.0574 4016 tifsfilter - ok
21:14:50.0620 4016 timounter (ec4fd4d147985a97e881729e808e6f34) C:\Windows\system32\DRIVERS\timntr.sys
21:14:50.0671 4016 timounter - ok
21:14:50.0731 4016 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:14:50.0739 4016 tssecsrv - ok
21:14:50.0797 4016 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:14:50.0808 4016 TsUsbFlt - ok
21:14:50.0906 4016 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
21:14:50.0908 4016 TuneUpUtilitiesDrv - ok
21:14:50.0994 4016 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:14:51.0008 4016 tunnel - ok
21:14:51.0056 4016 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:14:51.0067 4016 uagp35 - ok
21:14:51.0120 4016 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:14:51.0148 4016 udfs - ok
21:14:51.0196 4016 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:14:51.0210 4016 uliagpkx - ok
21:14:51.0247 4016 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:14:51.0260 4016 umbus - ok
21:14:51.0304 4016 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:14:51.0310 4016 UmPass - ok
21:14:51.0345 4016 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:14:51.0356 4016 usbccgp - ok
21:14:51.0385 4016 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:14:51.0483 4016 usbcir - ok
21:14:51.0525 4016 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:14:51.0535 4016 usbehci - ok
21:14:51.0568 4016 usbfilter (d524f3716d85b744762ff5eaaef8f3a2) C:\Windows\system32\DRIVERS\usbfilter.sys
21:14:51.0578 4016 usbfilter - ok
21:14:51.0617 4016 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:14:51.0637 4016 usbhub - ok
21:14:51.0675 4016 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
21:14:51.0682 4016 usbohci - ok
21:14:51.0724 4016 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:14:51.0731 4016 usbprint - ok
21:14:51.0762 4016 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:14:51.0772 4016 USBSTOR - ok
21:14:51.0794 4016 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
21:14:51.0802 4016 usbuhci - ok
21:14:51.0849 4016 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
21:14:51.0863 4016 usbvideo - ok
21:14:51.0918 4016 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:14:51.0927 4016 vdrvroot - ok
21:14:51.0965 4016 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:14:51.0972 4016 vga - ok
21:14:52.0005 4016 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:14:52.0012 4016 VgaSave - ok
21:14:52.0059 4016 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:14:52.0078 4016 vhdmp - ok
21:14:52.0132 4016 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys
21:14:52.0172 4016 VIAHdAudAddService - ok
21:14:52.0222 4016 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:14:52.0230 4016 viaide - ok
21:14:52.0272 4016 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:14:52.0282 4016 volmgr - ok
21:14:52.0322 4016 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:14:52.0345 4016 volmgrx - ok
21:14:52.0385 4016 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:14:52.0403 4016 volsnap - ok
21:14:52.0489 4016 Vsdatant (48bfa6276bcc0535f5f8898107ed489a) C:\Windows\system32\DRIVERS\vsdatant.sys
21:14:52.0499 4016 Vsdatant - ok
21:14:52.0577 4016 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:14:52.0589 4016 vsmraid - ok
21:14:52.0632 4016 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:14:52.0640 4016 vwifibus - ok
21:14:52.0681 4016 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:14:52.0690 4016 vwififlt - ok
21:14:52.0730 4016 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
21:14:52.0736 4016 vwifimp - ok
21:14:52.0786 4016 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:14:52.0794 4016 WacomPen - ok
21:14:52.0826 4016 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:14:52.0839 4016 WANARP - ok
21:14:52.0845 4016 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:14:52.0847 4016 Wanarpv6 - ok
21:14:52.0898 4016 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:14:52.0907 4016 Wd - ok
21:14:52.0950 4016 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:14:52.0984 4016 Wdf01000 - ok
21:14:53.0041 4016 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:14:53.0047 4016 WfpLwf - ok
21:14:53.0099 4016 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
21:14:53.0112 4016 WimFltr - ok
21:14:53.0133 4016 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:14:53.0144 4016 WIMMount - ok
21:14:53.0208 4016 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:14:53.0221 4016 WinUsb - ok
21:14:53.0306 4016 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:14:53.0312 4016 WmiAcpi - ok
21:14:53.0369 4016 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:14:53.0376 4016 ws2ifsl - ok
21:14:53.0426 4016 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:14:53.0437 4016 WudfPf - ok
21:14:53.0458 4016 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:14:53.0475 4016 WUDFRd - ok
21:14:53.0521 4016 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:14:53.0540 4016 \Device\Harddisk0\DR0 - ok
21:14:53.0550 4016 Boot (0x1200) (6e134c1b5ed39e6d84c107648a77ef13) \Device\Harddisk0\DR0\Partition0
21:14:53.0552 4016 \Device\Harddisk0\DR0\Partition0 - ok
21:14:53.0570 4016 Boot (0x1200) (b06ddc6a5ce931eeded21392ef2dc853) \Device\Harddisk0\DR0\Partition1
21:14:53.0573 4016 \Device\Harddisk0\DR0\Partition1 - ok
21:14:53.0573 4016 ============================================================
21:14:53.0574 4016 Scan finished
21:14:53.0574 4016 ============================================================
21:14:53.0595 3204 Detected object count: 1
21:14:53.0595 3204 Actual detected object count: 1
21:18:31.0563 3204 C:\Windows\System32\Drivers\sptd.sys - copied to quarantine
21:18:31.0566 3204 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
21:18:39.0587 3736 ============================================================
21:18:39.0587 3736 Scan started
21:18:39.0587 3736 Mode: Manual; SigCheck; TDLFS;
21:18:39.0587 3736 ============================================================
21:18:40.0291 3736 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:18:40.0459 3736 1394ohci - ok
21:18:40.0541 3736 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:18:40.0565 3736 ACPI - ok
21:18:40.0664 3736 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:18:40.0765 3736 AcpiPmi - ok
21:18:40.0864 3736 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:18:40.0889 3736 adp94xx - ok
21:18:40.0920 3736 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:18:40.0941 3736 adpahci - ok
21:18:40.0969 3736 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:18:40.0987 3736 adpu320 - ok
21:18:41.0055 3736 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:18:41.0112 3736 AFD - ok
21:18:41.0198 3736 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:18:41.0213 3736 agp440 - ok
21:18:41.0272 3736 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:18:41.0286 3736 aliide - ok
21:18:41.0314 3736 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:18:41.0329 3736 amdide - ok
21:18:41.0363 3736 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:18:41.0411 3736 AmdK8 - ok
21:18:41.0440 3736 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:18:41.0481 3736 AmdPPM - ok
21:18:41.0508 3736 amdsata (8818a2ab90189b7ff60a24c0847f9a6b) C:\Windows\system32\DRIVERS\amdsata.sys
21:18:41.0604 3736 amdsata - ok
21:18:41.0688 3736 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:18:41.0705 3736 amdsbs - ok
21:18:41.0741 3736 amdxata (3c430969f097dee18d13010d678069cd) C:\Windows\system32\DRIVERS\amdxata.sys
21:18:41.0754 3736 amdxata - ok
21:18:41.0795 3736 androidusb (363571bc0c79e394e69300d1f2e3ddae) C:\Windows\system32\Drivers\androidusb.sys
21:18:41.0834 3736 androidusb - ok
21:18:41.0880 3736 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:18:42.0054 3736 AppID - ok
21:18:42.0146 3736 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:18:42.0163 3736 arc - ok
21:18:42.0205 3736 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:18:42.0221 3736 arcsas - ok
21:18:42.0259 3736 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
21:18:42.0277 3736 AsDsm - ok
21:18:42.0326 3736 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
21:18:42.0341 3736 ASMMAP64 - ok
21:18:42.0415 3736 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:18:42.0488 3736 AsyncMac - ok
21:18:42.0523 3736 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:18:42.0537 3736 atapi - ok
21:18:42.0637 3736 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
21:18:42.0733 3736 athr - ok
21:18:42.0941 3736 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys
21:18:43.0079 3736 atikmdag - ok
21:18:43.0119 3736 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
21:18:43.0131 3736 AtiPcie - ok
21:18:43.0179 3736 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
21:18:43.0194 3736 avgntflt - ok
21:18:43.0232 3736 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys
21:18:43.0247 3736 avipbb - ok
21:18:43.0286 3736 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:18:43.0299 3736 avkmgr - ok
21:18:43.0382 3736 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:18:43.0424 3736 b06bdrv - ok
21:18:43.0458 3736 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:18:43.0499 3736 b57nd60a - ok
21:18:43.0528 3736 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\Drivers\beep.sys
21:18:43.0603 3736 Beep - ok
21:18:43.0637 3736 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:18:43.0662 3736 blbdrive - ok
21:18:43.0698 3736 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:18:43.0757 3736 bowser - ok
21:18:43.0840 3736 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:18:43.0923 3736 BrFiltLo - ok
21:18:44.0022 3736 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:18:44.0059 3736 BrFiltUp - ok
21:18:44.0108 3736 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:18:44.0149 3736 Brserid - ok
21:18:44.0182 3736 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:18:44.0229 3736 BrSerWdm - ok
21:18:44.0265 3736 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:18:44.0292 3736 BrUsbMdm - ok
21:18:44.0333 3736 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:18:44.0359 3736 BrUsbSer - ok
21:18:44.0403 3736 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:18:44.0439 3736 BTHMODEM - ok
21:18:44.0480 3736 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:18:44.0545 3736 cdfs - ok
21:18:44.0597 3736 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:18:44.0636 3736 cdrom - ok
21:18:44.0722 3736 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:18:44.0784 3736 circlass - ok
21:18:44.0896 3736 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:18:44.0918 3736 CLFS - ok
21:18:44.0989 3736 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:18:45.0016 3736 CmBatt - ok
21:18:45.0053 3736 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:18:45.0071 3736 cmdide - ok
21:18:45.0104 3736 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
21:18:45.0144 3736 CNG - ok
21:18:45.0185 3736 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:18:45.0205 3736 Compbatt - ok
21:18:45.0232 3736 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:18:45.0278 3736 CompositeBus - ok
21:18:45.0306 3736 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:18:45.0320 3736 crcdisk - ok
21:18:45.0351 3736 CRFILTER (64beed6775c22b0362fa9ded3f8124a1) C:\Windows\system32\DRIVERS\CRFILTER.sys
21:18:45.0424 3736 CRFILTER - ok
21:18:45.0522 3736 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:18:45.0594 3736 DfsC - ok
21:18:45.0638 3736 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:18:45.0701 3736 discache - ok
21:18:45.0804 3736 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:18:45.0828 3736 Disk - ok
21:18:45.0865 3736 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:18:45.0901 3736 drmkaud - ok
21:18:45.0964 3736 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:18:45.0995 3736 DXGKrnl - ok
21:18:46.0007 3736 EagleX64 - ok
21:18:46.0022 3736 eamonm - ok
21:18:46.0142 3736 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:18:46.0222 3736 ebdrv - ok
21:18:46.0286 3736 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:18:46.0317 3736 elxstor - ok
21:18:46.0340 3736 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
21:18:46.0378 3736 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
21:18:46.0378 3736 epmntdrv - detected UnsignedFile.Multi.Generic (1)
21:18:46.0418 3736 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:18:46.0461 3736 ErrDev - ok
21:18:46.0500 3736 ETD (5cd1005b9bc241c3ab8501d5fbf09fd4) C:\Windows\system32\DRIVERS\ETD.sys
21:18:46.0540 3736 ETD - ok
21:18:46.0632 3736 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys
21:18:46.0662 3736 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
21:18:46.0662 3736 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
21:18:46.0715 3736 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:18:46.0788 3736 exfat - ok
21:18:46.0868 3736 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:18:46.0921 3736 fastfat - ok
21:18:46.0959 3736 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:18:46.0983 3736 fdc - ok
21:18:47.0019 3736 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:18:47.0035 3736 FileInfo - ok
21:18:47.0069 3736 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:18:47.0129 3736 Filetrace - ok
21:18:47.0166 3736 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:18:47.0192 3736 flpydisk - ok
21:18:47.0242 3736 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:18:47.0265 3736 FltMgr - ok
21:18:47.0302 3736 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:18:47.0317 3736 FsDepends - ok
21:18:47.0357 3736 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
21:18:47.0372 3736 fssfltr - ok
21:18:47.0398 3736 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:18:47.0412 3736 Fs_Rec - ok
21:18:47.0453 3736 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:18:47.0477 3736 fvevol - ok
21:18:47.0507 3736 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:18:47.0522 3736 gagp30kx - ok
21:18:47.0565 3736 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:18:47.0585 3736 GEARAspiWDM - ok
21:18:47.0712 3736 hamachi (f8f0851d336c3b88dbd7232b6348e09a) C:\Windows\system32\DRIVERS\hamachi.sys
21:18:47.0728 3736 hamachi - ok
21:18:47.0767 3736 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:18:47.0811 3736 hcw85cir - ok
21:18:47.0919 3736 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:18:47.0960 3736 HdAudAddService - ok
21:18:48.0059 3736 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:18:48.0097 3736 HDAudBus - ok
21:18:48.0185 3736 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:18:48.0213 3736 HidBatt - ok
21:18:48.0307 3736 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:18:48.0341 3736 HidBth - ok
21:18:48.0427 3736 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:18:48.0475 3736 HidIr - ok
21:18:48.0587 3736 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
21:18:48.0607 3736 HidUsb - ok
21:18:48.0654 3736 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:18:48.0670 3736 HpSAMD - ok
21:18:48.0729 3736 HTCAND64 (363571bc0c79e394e69300d1f2e3ddae) C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:18:48.0753 3736 HTCAND64 - ok
21:18:48.0808 3736 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:18:48.0899 3736 HTTP - ok
21:18:49.0026 3736 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:18:49.0047 3736 hwpolicy - ok
21:18:49.0095 3736 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:18:49.0119 3736 i8042prt - ok
21:18:49.0171 3736 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:18:49.0195 3736 iaStorV - ok
21:18:49.0247 3736 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:18:49.0262 3736 iirsp - ok
21:18:49.0303 3736 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:18:49.0319 3736 intelide - ok
21:18:49.0342 3736 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:18:49.0375 3736 intelppm - ok
21:18:49.0415 3736 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:18:49.0475 3736 IpFilterDriver - ok
21:18:49.0510 3736 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:18:49.0537 3736 IPMIDRV - ok
21:18:49.0581 3736 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:18:49.0629 3736 IPNAT - ok
21:18:49.0668 3736 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:18:49.0707 3736 IRENUM - ok
21:18:49.0758 3736 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:18:49.0776 3736 isapnp - ok
21:18:49.0804 3736 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:18:49.0823 3736 iScsiPrt - ok
21:18:49.0855 3736 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:18:49.0870 3736 kbdclass - ok
21:18:49.0923 3736 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:18:49.0960 3736 kbdhid - ok
21:18:49.0986 3736 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
21:18:50.0000 3736 kbfiltr - ok
21:18:50.0035 3736 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
21:18:50.0051 3736 KSecDD - ok
21:18:50.0085 3736 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
21:18:50.0103 3736 KSecPkg - ok
21:18:50.0137 3736 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:18:50.0200 3736 ksthunk - ok
21:18:50.0238 3736 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:18:50.0293 3736 lltdio - ok
21:18:50.0335 3736 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:18:50.0352 3736 LSI_FC - ok
21:18:50.0383 3736 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:18:50.0399 3736 LSI_SAS - ok
21:18:50.0425 3736 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:18:50.0441 3736 LSI_SAS2 - ok
21:18:50.0469 3736 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:18:50.0500 3736 LSI_SCSI - ok
21:18:50.0526 3736 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:18:50.0588 3736 luafv - ok
21:18:50.0611 3736 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
21:18:50.0624 3736 lullaby - ok
21:18:50.0658 3736 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
21:18:50.0675 3736 MBAMProtector - ok
21:18:50.0712 3736 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:18:50.0727 3736 megasas - ok
21:18:50.0759 3736 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:18:50.0781 3736 MegaSR - ok
21:18:50.0817 3736 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:18:50.0867 3736 Modem - ok
21:18:50.0887 3736 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:18:50.0910 3736 monitor - ok
21:18:50.0946 3736 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:18:50.0962 3736 mouclass - ok
21:18:50.0984 3736 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:18:51.0018 3736 mouhid - ok
21:18:51.0044 3736 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:18:51.0062 3736 mountmgr - ok
21:18:51.0108 3736 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:18:51.0127 3736 mpio - ok
21:18:51.0160 3736 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:18:51.0222 3736 mpsdrv - ok
21:18:51.0266 3736 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:18:51.0310 3736 MRxDAV - ok
21:18:51.0344 3736 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:18:51.0395 3736 mrxsmb - ok
21:18:51.0433 3736 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:18:51.0468 3736 mrxsmb10 - ok
21:18:51.0488 3736 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:18:51.0518 3736 mrxsmb20 - ok
21:18:51.0544 3736 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:18:51.0559 3736 msahci - ok
21:18:51.0591 3736 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:18:51.0612 3736 msdsm - ok
21:18:51.0656 3736 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:18:51.0720 3736 Msfs - ok
21:18:51.0743 3736 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:18:51.0809 3736 mshidkmdf - ok
21:18:51.0853 3736 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:18:51.0874 3736 msisadrv - ok
21:18:51.0918 3736 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:18:51.0972 3736 MSKSSRV - ok
21:18:51.0988 3736 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:18:52.0037 3736 MSPCLOCK - ok
21:18:52.0063 3736 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:18:52.0128 3736 MSPQM - ok
21:18:52.0166 3736 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:18:52.0188 3736 MsRPC - ok
21:18:52.0219 3736 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:18:52.0236 3736 mssmbios - ok
21:18:52.0271 3736 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:18:52.0331 3736 MSTEE - ok
21:18:52.0357 3736 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:18:52.0390 3736 MTConfig - ok
21:18:52.0418 3736 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
21:18:52.0431 3736 MTsensor - ok
21:18:52.0455 3736 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:18:52.0470 3736 Mup - ok
21:18:52.0512 3736 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:18:52.0560 3736 NativeWifiP - ok
21:18:52.0601 3736 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:18:52.0659 3736 NDIS - ok
21:18:52.0682 3736 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:18:52.0745 3736 NdisCap - ok
21:18:52.0769 3736 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:18:52.0827 3736 NdisTapi - ok
21:18:52.0859 3736 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:18:52.0919 3736 Ndisuio - ok
21:18:52.0948 3736 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:18:53.0008 3736 NdisWan - ok
21:18:53.0034 3736 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:18:53.0097 3736 NDProxy - ok
21:18:53.0175 3736 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:18:53.0234 3736 NetBIOS - ok
21:18:53.0295 3736 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:18:53.0348 3736 NetBT - ok
21:18:53.0393 3736 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:18:53.0408 3736 nfrd960 - ok
21:18:53.0439 3736 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:18:53.0487 3736 Npfs - ok
21:18:53.0517 3736 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:18:53.0579 3736 nsiproxy - ok
21:18:53.0647 3736 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:18:53.0693 3736 Ntfs - ok
21:18:53.0719 3736 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:18:53.0789 3736 Null - ok
21:18:53.0827 3736 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:18:53.0845 3736 nvraid - ok
21:18:53.0868 3736 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:18:53.0886 3736 nvstor - ok
21:18:53.0920 3736 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:18:53.0938 3736 nv_agp - ok
21:18:53.0971 3736 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:18:54.0001 3736 ohci1394 - ok
21:18:54.0063 3736 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:18:54.0102 3736 Parport - ok
21:18:54.0187 3736 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:18:54.0205 3736 partmgr - ok
21:18:54.0241 3736 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:18:54.0261 3736 pci - ok
21:18:54.0284 3736 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:18:54.0299 3736 pciide - ok
21:18:54.0343 3736 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:18:54.0363 3736 pcmcia - ok
21:18:54.0378 3736 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:18:54.0394 3736 pcw - ok
21:18:54.0431 3736 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:18:54.0504 3736 PEAUTH - ok
21:18:54.0601 3736 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:18:54.0656 3736 PptpMiniport - ok
21:18:54.0701 3736 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:18:54.0730 3736 Processor - ok
21:18:54.0814 3736 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:18:54.0883 3736 Psched - ok
21:18:54.0919 3736 pwdrvio (3d895d9e93d39e113184a3b0fd49ac77) C:\Windows\system32\pwdrvio.sys
21:18:54.0943 3736 pwdrvio - ok
21:18:54.0976 3736 pwdspio (2f7f3d3bdb65cafce52f3e1d52cab937) C:\Windows\system32\pwdspio.sys
21:18:54.0995 3736 pwdspio - ok
21:18:55.0057 3736 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:18:55.0104 3736 ql2300 - ok
21:18:55.0128 3736 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:18:55.0144 3736 ql40xx - ok
21:18:55.0177 3736 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:18:55.0219 3736 QWAVEdrv - ok
21:18:55.0241 3736 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:18:55.0301 3736 RasAcd - ok
21:18:55.0332 3736 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:18:55.0389 3736 RasAgileVpn - ok
21:18:55.0420 3736 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:18:55.0481 3736 Rasl2tp - ok
21:18:55.0511 3736 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:18:55.0571 3736 RasPppoe - ok
21:18:55.0587 3736 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:18:55.0641 3736 RasSstp - ok
21:18:55.0871 3736 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:18:55.0920 3736 rdbss - ok
21:18:55.0986 3736 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:18:56.0037 3736 rdpbus - ok
21:18:56.0065 3736 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:18:56.0132 3736 RDPCDD - ok
21:18:56.0160 3736 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:18:56.0211 3736 RDPENCDD - ok
21:18:56.0237 3736 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:18:56.0294 3736 RDPREFMP - ok
21:18:56.0350 3736 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:18:56.0409 3736 RDPWD - ok
21:18:56.0470 3736 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:18:56.0489 3736 rdyboost - ok
21:18:56.0545 3736 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:18:56.0612 3736 rspndr - ok
21:18:56.0646 3736 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:18:56.0689 3736 RTL8167 - ok
21:18:56.0781 3736 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:18:56.0797 3736 sbp2port - ok
21:18:56.0851 3736 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:18:56.0903 3736 scfilter - ok
21:18:56.0963 3736 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:18:57.0031 3736 secdrv - ok
21:18:57.0087 3736 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:18:57.0117 3736 Serenum - ok
21:18:57.0149 3736 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:18:57.0189 3736 Serial - ok
21:18:57.0264 3736 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:18:57.0286 3736 sermouse - ok
21:18:57.0354 3736 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:18:57.0409 3736 sffdisk - ok
21:18:57.0480 3736 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:18:57.0527 3736 sffp_mmc - ok
21:18:57.0559 3736 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:18:57.0600 3736 sffp_sd - ok
21:18:57.0651 3736 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:18:57.0689 3736 sfloppy - ok
21:18:57.0730 3736 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
21:18:57.0763 3736 SiSGbeLH - ok
21:18:57.0800 3736 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:18:57.0815 3736 SiSRaid2 - ok
21:18:57.0853 3736 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:18:57.0869 3736 SiSRaid4 - ok
21:18:57.0911 3736 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:18:57.0978 3736 Smb - ok
21:18:58.0037 3736 snapman (d33f37dd403741982dbe99c7b6b6ff63) C:\Windows\system32\DRIVERS\snapman.sys
21:18:58.0054 3736 snapman - ok
21:18:58.0149 3736 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
21:18:58.0197 3736 SNP2UVC - ok
21:18:58.0218 3736 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:18:58.0234 3736 spldr - ok
21:18:58.0294 3736 sptd (d519ad2de7968cd2b47fea807c5b29b2) C:\Windows\System32\Drivers\sptd.sys
21:18:58.0294 3736 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: d519ad2de7968cd2b47fea807c5b29b2
21:18:58.0297 3736 sptd ( LockedFile.Multi.Generic ) - warning
21:18:58.0297 3736 sptd - detected LockedFile.Multi.Generic (1)
21:18:58.0356 3736 SRS_PremiumSound_Service (ac51533c7eeb05aa02b294a60e946238) C:\Windows\system32\drivers\srs_PremiumSound_amd64.sys
21:18:58.0377 3736 SRS_PremiumSound_Service - ok
21:18:58.0415 3736 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:18:58.0474 3736 srv - ok
21:18:58.0563 3736 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:18:58.0603 3736 srv2 - ok
21:18:58.0645 3736 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:18:58.0667 3736 srvnet - ok
21:18:58.0711 3736 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:18:58.0726 3736 stexstor - ok
21:18:58.0761 3736 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:18:58.0780 3736 swenum - ok
21:18:58.0880 3736 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:18:58.0966 3736 Tcpip - ok
21:18:59.0033 3736 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:18:59.0092 3736 TCPIP6 - ok
21:18:59.0132 3736 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:18:59.0193 3736 tcpipreg - ok
21:18:59.0236 3736 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:18:59.0295 3736 TDPIPE - ok
21:18:59.0348 3736 tdrpman (ac1fc18d04b92bac16cbd85de2a08a0b) C:\Windows\system32\DRIVERS\tdrpman.sys
21:18:59.0381 3736 tdrpman - ok
21:18:59.0394 3736 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:18:59.0441 3736 TDTCP - ok
21:18:59.0479 3736 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:18:59.0544 3736 tdx - ok
21:18:59.0592 3736 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:18:59.0607 3736 TermDD - ok
21:18:59.0663 3736 tifsfilter (3e24b7fe52bc455da8d6e2cc2b4ca23f) C:\Windows\system32\DRIVERS\tifsfilt.sys
21:18:59.0676 3736 tifsfilter - ok
21:18:59.0714 3736 timounter (ec4fd4d147985a97e881729e808e6f34) C:\Windows\system32\DRIVERS\timntr.sys
21:18:59.0741 3736 timounter - ok
21:18:59.0797 3736 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:18:59.0867 3736 tssecsrv - ok
21:18:59.0896 3736 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:18:59.0946 3736 TsUsbFlt - ok
21:19:00.0016 3736 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
21:19:00.0030 3736 TuneUpUtilitiesDrv - ok
21:19:00.0115 3736 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:19:00.0172 3736 tunnel - ok
21:19:00.0221 3736 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:19:00.0239 3736 uagp35 - ok
21:19:00.0296 3736 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:19:00.0354 3736 udfs - ok
21:19:00.0406 3736 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:19:00.0422 3736 uliagpkx - ok
21:19:00.0446 3736 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:19:00.0472 3736 umbus - ok
21:19:00.0502 3736 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:19:00.0522 3736 UmPass - ok
21:19:00.0554 3736 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:19:00.0580 3736 usbccgp - ok
21:19:00.0616 3736 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:19:00.0655 3736 usbcir - ok
21:19:00.0734 3736 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:19:00.0771 3736 usbehci - ok
21:19:00.0802 3736 usbfilter (d524f3716d85b744762ff5eaaef8f3a2) C:\Windows\system32\DRIVERS\usbfilter.sys
21:19:00.0819 3736 usbfilter - ok
21:19:00.0870 3736 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:19:00.0908 3736 usbhub - ok
21:19:01.0005 3736 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
21:19:01.0041 3736 usbohci - ok
21:19:01.0109 3736 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:19:01.0147 3736 usbprint - ok
21:19:01.0191 3736 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:19:01.0223 3736 USBSTOR - ok
21:19:01.0311 3736 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
21:19:01.0355 3736 usbuhci - ok
21:19:01.0411 3736 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
21:19:01.0459 3736 usbvideo - ok
21:19:01.0546 3736 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:19:01.0565 3736 vdrvroot - ok
21:19:01.0636 3736 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:19:01.0664 3736 vga - ok
21:19:01.0709 3736 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:19:01.0758 3736 VgaSave - ok
21:19:01.0819 3736 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:19:01.0843 3736 vhdmp - ok
21:19:01.0925 3736 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys
21:19:02.0031 3736 VIAHdAudAddService - ok
21:19:02.0114 3736 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:19:02.0138 3736 viaide - ok
21:19:02.0185 3736 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:19:02.0201 3736 volmgr - ok
21:19:02.0228 3736 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:19:02.0251 3736 volmgrx - ok
21:19:02.0277 3736 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:19:02.0298 3736 volsnap - ok
21:19:02.0336 3736 Vsdatant (48bfa6276bcc0535f5f8898107ed489a) C:\Windows\system32\DRIVERS\vsdatant.sys
21:19:02.0363 3736 Vsdatant - ok
21:19:02.0402 3736 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:19:02.0420 3736 vsmraid - ok
21:19:02.0446 3736 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:19:02.0477 3736 vwifibus - ok
21:19:02.0506 3736 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:19:02.0535 3736 vwififlt - ok
21:19:02.0555 3736 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
21:19:02.0582 3736 vwifimp - ok
21:19:02.0623 3736 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:19:02.0648 3736 WacomPen - ok
21:19:02.0683 3736 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:19:02.0746 3736 WANARP - ok
21:19:02.0753 3736 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:19:02.0799 3736 Wanarpv6 - ok
21:19:02.0856 3736 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:19:02.0870 3736 Wd - ok
21:19:02.0908 3736 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:19:02.0935 3736 Wdf01000 - ok
21:19:02.0977 3736 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:19:03.0025 3736 WfpLwf - ok
21:19:03.0090 3736 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
21:19:03.0111 3736 WimFltr - ok
21:19:03.0146 3736 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:19:03.0160 3736 WIMMount - ok
21:19:03.0253 3736 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:19:03.0285 3736 WinUsb - ok
21:19:03.0384 3736 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:19:03.0427 3736 WmiAcpi - ok
21:19:03.0503 3736 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:19:03.0569 3736 ws2ifsl - ok
21:19:03.0636 3736 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:19:03.0683 3736 WudfPf - ok
21:19:03.0723 3736 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:19:03.0782 3736 WUDFRd - ok
21:19:03.0842 3736 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:19:04.0082 3736 \Device\Harddisk0\DR0 - ok
21:19:04.0093 3736 Boot (0x1200) (6e134c1b5ed39e6d84c107648a77ef13) \Device\Harddisk0\DR0\Partition0
21:19:04.0096 3736 \Device\Harddisk0\DR0\Partition0 - ok
21:19:04.0103 3736 Boot (0x1200) (b06ddc6a5ce931eeded21392ef2dc853) \Device\Harddisk0\DR0\Partition1
21:19:04.0104 3736 \Device\Harddisk0\DR0\Partition1 - ok
21:19:04.0107 3736 ============================================================
21:19:04.0107 3736 Scan finished
21:19:04.0107 3736 ============================================================
21:19:04.0124 5032 Detected object count: 3
21:19:04.0124 5032 Actual detected object count: 3
21:21:34.0261 5032 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:34.0261 5032 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:21:34.0262 5032 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:34.0262 5032 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:21:34.0265 5032 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:21:34.0265 5032 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:22:55.0579 3360 Deinitialize success
21:14:23.0757 4936 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
21:14:24.0460 4936 ============================================================
21:14:24.0460 4936 Current date / time: 2011/11/18 21:14:24.0460
21:14:24.0460 4936 SystemInfo:
21:14:24.0460 4936
21:14:24.0460 4936 OS Version: 6.1.7601 ServicePack: 1.0
21:14:24.0460 4936 Product type: Workstation
21:14:24.0460 4936 ComputerName: KUBKO-PC
21:14:24.0461 4936 UserName: kubko
21:14:24.0461 4936 Windows directory: C:\Windows
21:14:24.0461 4936 System windows directory: C:\Windows
21:14:24.0461 4936 Running under WOW64
21:14:24.0461 4936 Processor architecture: Intel x64
21:14:24.0461 4936 Number of processors: 2
21:14:24.0461 4936 Page size: 0x1000
21:14:24.0461 4936 Boot type: Normal boot
21:14:24.0461 4936 ============================================================
21:14:26.0103 4936 Initialize success
21:14:31.0501 4016 ============================================================
21:14:31.0501 4016 Scan started
21:14:31.0501 4016 Mode: Manual;
21:14:31.0501 4016 ============================================================
21:14:33.0271 4016 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:14:33.0300 4016 1394ohci - ok
21:14:33.0598 4016 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:14:33.0604 4016 ACPI - ok
21:14:33.0743 4016 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:14:33.0750 4016 AcpiPmi - ok
21:14:33.0858 4016 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:14:33.0890 4016 adp94xx - ok
21:14:33.0979 4016 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:14:34.0021 4016 adpahci - ok
21:14:34.0049 4016 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:14:34.0063 4016 adpu320 - ok
21:14:34.0170 4016 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:14:34.0179 4016 AFD - ok
21:14:34.0278 4016 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:14:34.0298 4016 agp440 - ok
21:14:34.0506 4016 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:14:34.0513 4016 aliide - ok
21:14:34.0647 4016 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:14:34.0677 4016 amdide - ok
21:14:34.0718 4016 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:14:34.0728 4016 AmdK8 - ok
21:14:34.0751 4016 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:14:34.0767 4016 AmdPPM - ok
21:14:34.0786 4016 amdsata (8818a2ab90189b7ff60a24c0847f9a6b) C:\Windows\system32\DRIVERS\amdsata.sys
21:14:34.0787 4016 amdsata - ok
21:14:34.0811 4016 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:14:34.0829 4016 amdsbs - ok
21:14:34.0841 4016 amdxata (3c430969f097dee18d13010d678069cd) C:\Windows\system32\DRIVERS\amdxata.sys
21:14:34.0851 4016 amdxata - ok
21:14:34.0897 4016 androidusb (363571bc0c79e394e69300d1f2e3ddae) C:\Windows\system32\Drivers\androidusb.sys
21:14:34.0904 4016 androidusb - ok
21:14:34.0971 4016 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:14:34.0994 4016 AppID - ok
21:14:35.0238 4016 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:14:35.0255 4016 arc - ok
21:14:35.0538 4016 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:14:35.0583 4016 arcsas - ok
21:14:35.0735 4016 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
21:14:35.0754 4016 AsDsm - ok
21:14:35.0802 4016 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
21:14:35.0817 4016 ASMMAP64 - ok
21:14:35.0946 4016 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:14:35.0973 4016 AsyncMac - ok
21:14:36.0076 4016 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:14:36.0090 4016 atapi - ok
21:14:36.0195 4016 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
21:14:36.0286 4016 athr - ok
21:14:36.0948 4016 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys
21:14:37.0179 4016 atikmdag - ok
21:14:37.0277 4016 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
21:14:37.0288 4016 AtiPcie - ok
21:14:37.0340 4016 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
21:14:37.0353 4016 avgntflt - ok
21:14:37.0468 4016 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys
21:14:37.0483 4016 avipbb - ok
21:14:37.0609 4016 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:14:37.0618 4016 avkmgr - ok
21:14:37.0672 4016 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:14:37.0691 4016 b06bdrv - ok
21:14:37.0715 4016 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:14:37.0730 4016 b57nd60a - ok
21:14:37.0775 4016 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\Drivers\beep.sys
21:14:37.0781 4016 Beep - ok
21:14:37.0817 4016 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:14:37.0825 4016 blbdrive - ok
21:14:37.0867 4016 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:14:37.0880 4016 bowser - ok
21:14:37.0943 4016 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:14:37.0949 4016 BrFiltLo - ok
21:14:37.0971 4016 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:14:37.0976 4016 BrFiltUp - ok
21:14:38.0025 4016 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:14:38.0045 4016 Brserid - ok
21:14:38.0066 4016 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:14:38.0074 4016 BrSerWdm - ok
21:14:38.0105 4016 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:14:38.0112 4016 BrUsbMdm - ok
21:14:38.0129 4016 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:14:38.0134 4016 BrUsbSer - ok
21:14:38.0154 4016 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:14:38.0163 4016 BTHMODEM - ok
21:14:38.0199 4016 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:14:38.0211 4016 cdfs - ok
21:14:38.0238 4016 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:14:38.0251 4016 cdrom - ok
21:14:38.0268 4016 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:14:38.0277 4016 circlass - ok
21:14:38.0328 4016 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:14:38.0385 4016 CLFS - ok
21:14:38.0553 4016 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:14:38.0560 4016 CmBatt - ok
21:14:38.0694 4016 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:14:38.0714 4016 cmdide - ok
21:14:38.0865 4016 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
21:14:38.0938 4016 CNG - ok
21:14:39.0095 4016 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:14:39.0118 4016 Compbatt - ok
21:14:39.0203 4016 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:14:39.0218 4016 CompositeBus - ok
21:14:39.0387 4016 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:14:39.0395 4016 crcdisk - ok
21:14:39.0542 4016 CRFILTER (64beed6775c22b0362fa9ded3f8124a1) C:\Windows\system32\DRIVERS\CRFILTER.sys
21:14:39.0559 4016 CRFILTER - ok
21:14:39.0658 4016 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:14:39.0670 4016 DfsC - ok
21:14:39.0730 4016 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:14:39.0732 4016 discache - ok
21:14:39.0775 4016 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:14:39.0784 4016 Disk - ok
21:14:39.0903 4016 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:14:39.0919 4016 drmkaud - ok
21:14:40.0005 4016 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:14:40.0055 4016 DXGKrnl - ok
21:14:40.0126 4016 EagleX64 - ok
21:14:40.0148 4016 eamonm - ok
21:14:40.0482 4016 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:14:40.0607 4016 ebdrv - ok
21:14:40.0769 4016 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:14:40.0790 4016 elxstor - ok
21:14:41.0016 4016 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
21:14:41.0157 4016 epmntdrv - ok
21:14:41.0281 4016 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:14:41.0301 4016 ErrDev - ok
21:14:41.0461 4016 ETD (5cd1005b9bc241c3ab8501d5fbf09fd4) C:\Windows\system32\DRIVERS\ETD.sys
21:14:41.0481 4016 ETD - ok
21:14:41.0550 4016 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys
21:14:41.0558 4016 EuGdiDrv - ok
21:14:41.0600 4016 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:14:41.0613 4016 exfat - ok
21:14:41.0640 4016 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:14:41.0653 4016 fastfat - ok
21:14:41.0679 4016 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:14:41.0686 4016 fdc - ok
21:14:41.0709 4016 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:14:41.0758 4016 FileInfo - ok
21:14:41.0866 4016 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:14:41.0891 4016 Filetrace - ok
21:14:42.0007 4016 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:14:42.0033 4016 flpydisk - ok
21:14:42.0128 4016 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:14:42.0146 4016 FltMgr - ok
21:14:42.0219 4016 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:14:42.0236 4016 FsDepends - ok
21:14:42.0275 4016 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
21:14:42.0289 4016 fssfltr - ok
21:14:42.0326 4016 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:14:42.0335 4016 Fs_Rec - ok
21:14:42.0371 4016 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:14:42.0375 4016 fvevol - ok
21:14:42.0403 4016 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:14:42.0413 4016 gagp30kx - ok
21:14:42.0460 4016 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:14:42.0469 4016 GEARAspiWDM - ok
21:14:42.0629 4016 hamachi (f8f0851d336c3b88dbd7232b6348e09a) C:\Windows\system32\DRIVERS\hamachi.sys
21:14:42.0638 4016 hamachi - ok
21:14:42.0674 4016 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:14:42.0682 4016 hcw85cir - ok
21:14:42.0751 4016 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:14:42.0775 4016 HdAudAddService - ok
21:14:42.0822 4016 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:14:42.0837 4016 HDAudBus - ok
21:14:42.0871 4016 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:14:42.0878 4016 HidBatt - ok
21:14:42.0917 4016 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:14:42.0926 4016 HidBth - ok
21:14:42.0948 4016 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:14:42.0956 4016 HidIr - ok
21:14:42.0987 4016 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
21:14:43.0005 4016 HidUsb - ok
21:14:43.0077 4016 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:14:43.0100 4016 HpSAMD - ok
21:14:43.0162 4016 HTCAND64 (363571bc0c79e394e69300d1f2e3ddae) C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:14:43.0163 4016 HTCAND64 - ok
21:14:43.0330 4016 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:14:43.0385 4016 HTTP - ok
21:14:43.0426 4016 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:14:43.0428 4016 hwpolicy - ok
21:14:43.0539 4016 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:14:43.0563 4016 i8042prt - ok
21:14:43.0639 4016 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:14:43.0661 4016 iaStorV - ok
21:14:43.0713 4016 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:14:43.0724 4016 iirsp - ok
21:14:43.0770 4016 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:14:43.0778 4016 intelide - ok
21:14:43.0798 4016 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:14:43.0808 4016 intelppm - ok
21:14:43.0849 4016 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:14:43.0863 4016 IpFilterDriver - ok
21:14:43.0888 4016 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:14:43.0899 4016 IPMIDRV - ok
21:14:43.0926 4016 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:14:43.0937 4016 IPNAT - ok
21:14:43.0970 4016 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:14:43.0976 4016 IRENUM - ok
21:14:43.0993 4016 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:14:44.0001 4016 isapnp - ok
21:14:44.0028 4016 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:14:44.0047 4016 iScsiPrt - ok
21:14:44.0068 4016 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:14:44.0078 4016 kbdclass - ok
21:14:44.0104 4016 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:14:44.0112 4016 kbdhid - ok
21:14:44.0137 4016 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
21:14:44.0143 4016 kbfiltr - ok
21:14:44.0194 4016 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
21:14:44.0205 4016 KSecDD - ok
21:14:44.0250 4016 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
21:14:44.0274 4016 KSecPkg - ok
21:14:44.0306 4016 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:14:44.0315 4016 ksthunk - ok
21:14:44.0363 4016 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:14:44.0372 4016 lltdio - ok
21:14:44.0406 4016 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:14:44.0423 4016 LSI_FC - ok
21:14:44.0454 4016 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:14:44.0464 4016 LSI_SAS - ok
21:14:44.0485 4016 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:14:44.0494 4016 LSI_SAS2 - ok
21:14:44.0518 4016 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:14:44.0529 4016 LSI_SCSI - ok
21:14:44.0552 4016 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:14:44.0554 4016 luafv - ok
21:14:44.0583 4016 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
21:14:44.0594 4016 lullaby - ok
21:14:44.0652 4016 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
21:14:44.0654 4016 MBAMProtector - ok
21:14:44.0728 4016 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:14:44.0747 4016 megasas - ok
21:14:44.0829 4016 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:14:44.0848 4016 MegaSR - ok
21:14:44.0943 4016 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:14:44.0951 4016 Modem - ok
21:14:44.0990 4016 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:14:44.0991 4016 monitor - ok
21:14:45.0027 4016 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:14:45.0037 4016 mouclass - ok
21:14:45.0054 4016 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:14:45.0062 4016 mouhid - ok
21:14:45.0093 4016 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:14:45.0095 4016 mountmgr - ok
21:14:45.0135 4016 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:14:45.0150 4016 mpio - ok
21:14:45.0175 4016 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:14:45.0185 4016 mpsdrv - ok
21:14:45.0253 4016 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:14:45.0265 4016 MRxDAV - ok
21:14:45.0304 4016 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:14:45.0317 4016 mrxsmb - ok
21:14:45.0361 4016 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:14:45.0382 4016 mrxsmb10 - ok
21:14:45.0411 4016 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:14:45.0421 4016 mrxsmb20 - ok
21:14:45.0438 4016 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:14:45.0449 4016 msahci - ok
21:14:45.0485 4016 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:14:45.0500 4016 msdsm - ok
21:14:45.0540 4016 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:14:45.0551 4016 Msfs - ok
21:14:45.0573 4016 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:14:45.0578 4016 mshidkmdf - ok
21:14:45.0602 4016 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:14:45.0613 4016 msisadrv - ok
21:14:45.0647 4016 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:14:45.0652 4016 MSKSSRV - ok
21:14:45.0673 4016 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:14:45.0680 4016 MSPCLOCK - ok
21:14:45.0704 4016 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:14:45.0710 4016 MSPQM - ok
21:14:45.0741 4016 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:14:45.0758 4016 MsRPC - ok
21:14:45.0805 4016 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:14:45.0806 4016 mssmbios - ok
21:14:45.0824 4016 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:14:45.0830 4016 MSTEE - ok
21:14:45.0855 4016 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:14:45.0862 4016 MTConfig - ok
21:14:45.0894 4016 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
21:14:45.0901 4016 MTsensor - ok
21:14:45.0975 4016 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:14:45.0986 4016 Mup - ok
21:14:46.0033 4016 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:14:46.0040 4016 NativeWifiP - ok
21:14:46.0099 4016 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:14:46.0127 4016 NDIS - ok
21:14:46.0147 4016 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:14:46.0156 4016 NdisCap - ok
21:14:46.0179 4016 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:14:46.0204 4016 NdisTapi - ok
21:14:46.0236 4016 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:14:46.0247 4016 Ndisuio - ok
21:14:46.0292 4016 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:14:46.0324 4016 NdisWan - ok
21:14:46.0356 4016 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:14:46.0365 4016 NDProxy - ok
21:14:46.0398 4016 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:14:46.0406 4016 NetBIOS - ok
21:14:46.0451 4016 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:14:46.0455 4016 NetBT - ok
21:14:46.0506 4016 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:14:46.0516 4016 nfrd960 - ok
21:14:46.0541 4016 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:14:46.0549 4016 Npfs - ok
21:14:46.0575 4016 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:14:46.0576 4016 nsiproxy - ok
21:14:46.0648 4016 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:14:46.0738 4016 Ntfs - ok
21:14:46.0799 4016 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:14:46.0804 4016 Null - ok
21:14:46.0841 4016 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:14:46.0853 4016 nvraid - ok
21:14:46.0883 4016 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:14:46.0896 4016 nvstor - ok
21:14:46.0934 4016 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:14:46.0947 4016 nv_agp - ok
21:14:46.0990 4016 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:14:47.0001 4016 ohci1394 - ok
21:14:47.0054 4016 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:14:47.0064 4016 Parport - ok
21:14:47.0090 4016 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:14:47.0101 4016 partmgr - ok
21:14:47.0126 4016 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:14:47.0149 4016 pci - ok
21:14:47.0164 4016 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:14:47.0177 4016 pciide - ok
21:14:47.0224 4016 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:14:47.0241 4016 pcmcia - ok
21:14:47.0254 4016 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:14:47.0267 4016 pcw - ok
21:14:47.0299 4016 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:14:47.0330 4016 PEAUTH - ok
21:14:47.0416 4016 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:14:47.0431 4016 PptpMiniport - ok
21:14:47.0473 4016 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:14:47.0484 4016 Processor - ok
21:14:47.0520 4016 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:14:47.0522 4016 Psched - ok
21:14:47.0569 4016 pwdrvio (3d895d9e93d39e113184a3b0fd49ac77) C:\Windows\system32\pwdrvio.sys
21:14:47.0778 4016 pwdrvio - ok
21:14:47.0880 4016 pwdspio (2f7f3d3bdb65cafce52f3e1d52cab937) C:\Windows\system32\pwdspio.sys
21:14:47.0891 4016 pwdspio - ok
21:14:47.0968 4016 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:14:48.0030 4016 ql2300 - ok
21:14:48.0054 4016 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:14:48.0068 4016 ql40xx - ok
21:14:48.0092 4016 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:14:48.0100 4016 QWAVEdrv - ok
21:14:48.0123 4016 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:14:48.0130 4016 RasAcd - ok
21:14:48.0170 4016 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:14:48.0179 4016 RasAgileVpn - ok
21:14:48.0214 4016 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:14:48.0226 4016 Rasl2tp - ok
21:14:48.0251 4016 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:14:48.0262 4016 RasPppoe - ok
21:14:48.0287 4016 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:14:48.0298 4016 RasSstp - ok
21:14:48.0345 4016 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:14:48.0364 4016 rdbss - ok
21:14:48.0383 4016 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:14:48.0391 4016 rdpbus - ok
21:14:48.0419 4016 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:14:48.0420 4016 RDPCDD - ok
21:14:48.0440 4016 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:14:48.0441 4016 RDPENCDD - ok
21:14:48.0459 4016 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:14:48.0461 4016 RDPREFMP - ok
21:14:48.0495 4016 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:14:48.0508 4016 RDPWD - ok
21:14:48.0549 4016 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:14:48.0565 4016 rdyboost - ok
21:14:48.0634 4016 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:14:48.0644 4016 rspndr - ok
21:14:48.0683 4016 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:14:48.0700 4016 RTL8167 - ok
21:14:48.0738 4016 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:14:48.0751 4016 sbp2port - ok
21:14:48.0787 4016 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:14:48.0796 4016 scfilter - ok
21:14:48.0844 4016 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:14:48.0850 4016 secdrv - ok
21:14:48.0890 4016 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:14:48.0899 4016 Serenum - ok
21:14:48.0930 4016 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:14:48.0942 4016 Serial - ok
21:14:48.0979 4016 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:14:48.0986 4016 sermouse - ok
21:14:49.0037 4016 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:14:49.0043 4016 sffdisk - ok
21:14:49.0063 4016 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:14:49.0071 4016 sffp_mmc - ok
21:14:49.0087 4016 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:14:49.0094 4016 sffp_sd - ok
21:14:49.0124 4016 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:14:49.0130 4016 sfloppy - ok
21:14:49.0171 4016 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
21:14:49.0182 4016 SiSGbeLH - ok
21:14:49.0207 4016 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:14:49.0217 4016 SiSRaid2 - ok
21:14:49.0238 4016 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:14:49.0248 4016 SiSRaid4 - ok
21:14:49.0274 4016 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:14:49.0285 4016 Smb - ok
21:14:49.0345 4016 snapman (d33f37dd403741982dbe99c7b6b6ff63) C:\Windows\system32\DRIVERS\snapman.sys
21:14:49.0364 4016 snapman - ok
21:14:49.0421 4016 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
21:14:49.0491 4016 SNP2UVC - ok
21:14:49.0531 4016 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:14:49.0540 4016 spldr - ok
21:14:49.0595 4016 sptd (d519ad2de7968cd2b47fea807c5b29b2) C:\Windows\System32\Drivers\sptd.sys
21:14:49.0595 4016 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: d519ad2de7968cd2b47fea807c5b29b2
21:14:49.0598 4016 sptd ( LockedFile.Multi.Generic ) - warning
21:14:49.0598 4016 sptd - detected LockedFile.Multi.Generic (1)
21:14:49.0652 4016 SRS_PremiumSound_Service (ac51533c7eeb05aa02b294a60e946238) C:\Windows\system32\drivers\srs_PremiumSound_amd64.sys
21:14:49.0673 4016 SRS_PremiumSound_Service - ok
21:14:49.0722 4016 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:14:49.0743 4016 srv - ok
21:14:49.0783 4016 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:14:49.0823 4016 srv2 - ok
21:14:49.0838 4016 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:14:49.0852 4016 srvnet - ok
21:14:49.0909 4016 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:14:49.0918 4016 stexstor - ok
21:14:49.0959 4016 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:14:49.0967 4016 swenum - ok
21:14:50.0056 4016 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:14:50.0104 4016 Tcpip - ok
21:14:50.0167 4016 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:14:50.0204 4016 TCPIP6 - ok
21:14:50.0242 4016 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:14:50.0251 4016 tcpipreg - ok
21:14:50.0291 4016 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:14:50.0298 4016 TDPIPE - ok
21:14:50.0356 4016 tdrpman (ac1fc18d04b92bac16cbd85de2a08a0b) C:\Windows\system32\DRIVERS\tdrpman.sys
21:14:50.0393 4016 tdrpman - ok
21:14:50.0407 4016 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:14:50.0416 4016 TDTCP - ok
21:14:50.0457 4016 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:14:50.0468 4016 tdx - ok
21:14:50.0503 4016 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:14:50.0514 4016 TermDD - ok
21:14:50.0563 4016 tifsfilter (3e24b7fe52bc455da8d6e2cc2b4ca23f) C:\Windows\system32\DRIVERS\tifsfilt.sys
21:14:50.0574 4016 tifsfilter - ok
21:14:50.0620 4016 timounter (ec4fd4d147985a97e881729e808e6f34) C:\Windows\system32\DRIVERS\timntr.sys
21:14:50.0671 4016 timounter - ok
21:14:50.0731 4016 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:14:50.0739 4016 tssecsrv - ok
21:14:50.0797 4016 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:14:50.0808 4016 TsUsbFlt - ok
21:14:50.0906 4016 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
21:14:50.0908 4016 TuneUpUtilitiesDrv - ok
21:14:50.0994 4016 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:14:51.0008 4016 tunnel - ok
21:14:51.0056 4016 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:14:51.0067 4016 uagp35 - ok
21:14:51.0120 4016 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:14:51.0148 4016 udfs - ok
21:14:51.0196 4016 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:14:51.0210 4016 uliagpkx - ok
21:14:51.0247 4016 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:14:51.0260 4016 umbus - ok
21:14:51.0304 4016 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:14:51.0310 4016 UmPass - ok
21:14:51.0345 4016 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:14:51.0356 4016 usbccgp - ok
21:14:51.0385 4016 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:14:51.0483 4016 usbcir - ok
21:14:51.0525 4016 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:14:51.0535 4016 usbehci - ok
21:14:51.0568 4016 usbfilter (d524f3716d85b744762ff5eaaef8f3a2) C:\Windows\system32\DRIVERS\usbfilter.sys
21:14:51.0578 4016 usbfilter - ok
21:14:51.0617 4016 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:14:51.0637 4016 usbhub - ok
21:14:51.0675 4016 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
21:14:51.0682 4016 usbohci - ok
21:14:51.0724 4016 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:14:51.0731 4016 usbprint - ok
21:14:51.0762 4016 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:14:51.0772 4016 USBSTOR - ok
21:14:51.0794 4016 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
21:14:51.0802 4016 usbuhci - ok
21:14:51.0849 4016 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
21:14:51.0863 4016 usbvideo - ok
21:14:51.0918 4016 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:14:51.0927 4016 vdrvroot - ok
21:14:51.0965 4016 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:14:51.0972 4016 vga - ok
21:14:52.0005 4016 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:14:52.0012 4016 VgaSave - ok
21:14:52.0059 4016 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:14:52.0078 4016 vhdmp - ok
21:14:52.0132 4016 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys
21:14:52.0172 4016 VIAHdAudAddService - ok
21:14:52.0222 4016 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:14:52.0230 4016 viaide - ok
21:14:52.0272 4016 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:14:52.0282 4016 volmgr - ok
21:14:52.0322 4016 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:14:52.0345 4016 volmgrx - ok
21:14:52.0385 4016 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:14:52.0403 4016 volsnap - ok
21:14:52.0489 4016 Vsdatant (48bfa6276bcc0535f5f8898107ed489a) C:\Windows\system32\DRIVERS\vsdatant.sys
21:14:52.0499 4016 Vsdatant - ok
21:14:52.0577 4016 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:14:52.0589 4016 vsmraid - ok
21:14:52.0632 4016 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:14:52.0640 4016 vwifibus - ok
21:14:52.0681 4016 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:14:52.0690 4016 vwififlt - ok
21:14:52.0730 4016 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
21:14:52.0736 4016 vwifimp - ok
21:14:52.0786 4016 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:14:52.0794 4016 WacomPen - ok
21:14:52.0826 4016 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:14:52.0839 4016 WANARP - ok
21:14:52.0845 4016 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:14:52.0847 4016 Wanarpv6 - ok
21:14:52.0898 4016 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:14:52.0907 4016 Wd - ok
21:14:52.0950 4016 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:14:52.0984 4016 Wdf01000 - ok
21:14:53.0041 4016 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:14:53.0047 4016 WfpLwf - ok
21:14:53.0099 4016 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
21:14:53.0112 4016 WimFltr - ok
21:14:53.0133 4016 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:14:53.0144 4016 WIMMount - ok
21:14:53.0208 4016 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:14:53.0221 4016 WinUsb - ok
21:14:53.0306 4016 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:14:53.0312 4016 WmiAcpi - ok
21:14:53.0369 4016 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:14:53.0376 4016 ws2ifsl - ok
21:14:53.0426 4016 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:14:53.0437 4016 WudfPf - ok
21:14:53.0458 4016 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:14:53.0475 4016 WUDFRd - ok
21:14:53.0521 4016 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:14:53.0540 4016 \Device\Harddisk0\DR0 - ok
21:14:53.0550 4016 Boot (0x1200) (6e134c1b5ed39e6d84c107648a77ef13) \Device\Harddisk0\DR0\Partition0
21:14:53.0552 4016 \Device\Harddisk0\DR0\Partition0 - ok
21:14:53.0570 4016 Boot (0x1200) (b06ddc6a5ce931eeded21392ef2dc853) \Device\Harddisk0\DR0\Partition1
21:14:53.0573 4016 \Device\Harddisk0\DR0\Partition1 - ok
21:14:53.0573 4016 ============================================================
21:14:53.0574 4016 Scan finished
21:14:53.0574 4016 ============================================================
21:14:53.0595 3204 Detected object count: 1
21:14:53.0595 3204 Actual detected object count: 1
21:18:31.0563 3204 C:\Windows\System32\Drivers\sptd.sys - copied to quarantine
21:18:31.0566 3204 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
21:18:39.0587 3736 ============================================================
21:18:39.0587 3736 Scan started
21:18:39.0587 3736 Mode: Manual; SigCheck; TDLFS;
21:18:39.0587 3736 ============================================================
21:18:40.0291 3736 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:18:40.0459 3736 1394ohci - ok
21:18:40.0541 3736 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:18:40.0565 3736 ACPI - ok
21:18:40.0664 3736 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:18:40.0765 3736 AcpiPmi - ok
21:18:40.0864 3736 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:18:40.0889 3736 adp94xx - ok
21:18:40.0920 3736 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:18:40.0941 3736 adpahci - ok
21:18:40.0969 3736 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:18:40.0987 3736 adpu320 - ok
21:18:41.0055 3736 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:18:41.0112 3736 AFD - ok
21:18:41.0198 3736 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:18:41.0213 3736 agp440 - ok
21:18:41.0272 3736 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:18:41.0286 3736 aliide - ok
21:18:41.0314 3736 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:18:41.0329 3736 amdide - ok
21:18:41.0363 3736 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:18:41.0411 3736 AmdK8 - ok
21:18:41.0440 3736 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:18:41.0481 3736 AmdPPM - ok
21:18:41.0508 3736 amdsata (8818a2ab90189b7ff60a24c0847f9a6b) C:\Windows\system32\DRIVERS\amdsata.sys
21:18:41.0604 3736 amdsata - ok
21:18:41.0688 3736 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:18:41.0705 3736 amdsbs - ok
21:18:41.0741 3736 amdxata (3c430969f097dee18d13010d678069cd) C:\Windows\system32\DRIVERS\amdxata.sys
21:18:41.0754 3736 amdxata - ok
21:18:41.0795 3736 androidusb (363571bc0c79e394e69300d1f2e3ddae) C:\Windows\system32\Drivers\androidusb.sys
21:18:41.0834 3736 androidusb - ok
21:18:41.0880 3736 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:18:42.0054 3736 AppID - ok
21:18:42.0146 3736 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:18:42.0163 3736 arc - ok
21:18:42.0205 3736 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:18:42.0221 3736 arcsas - ok
21:18:42.0259 3736 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
21:18:42.0277 3736 AsDsm - ok
21:18:42.0326 3736 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
21:18:42.0341 3736 ASMMAP64 - ok
21:18:42.0415 3736 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:18:42.0488 3736 AsyncMac - ok
21:18:42.0523 3736 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:18:42.0537 3736 atapi - ok
21:18:42.0637 3736 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
21:18:42.0733 3736 athr - ok
21:18:42.0941 3736 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys
21:18:43.0079 3736 atikmdag - ok
21:18:43.0119 3736 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
21:18:43.0131 3736 AtiPcie - ok
21:18:43.0179 3736 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
21:18:43.0194 3736 avgntflt - ok
21:18:43.0232 3736 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys
21:18:43.0247 3736 avipbb - ok
21:18:43.0286 3736 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:18:43.0299 3736 avkmgr - ok
21:18:43.0382 3736 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:18:43.0424 3736 b06bdrv - ok
21:18:43.0458 3736 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:18:43.0499 3736 b57nd60a - ok
21:18:43.0528 3736 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\Drivers\beep.sys
21:18:43.0603 3736 Beep - ok
21:18:43.0637 3736 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:18:43.0662 3736 blbdrive - ok
21:18:43.0698 3736 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:18:43.0757 3736 bowser - ok
21:18:43.0840 3736 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:18:43.0923 3736 BrFiltLo - ok
21:18:44.0022 3736 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:18:44.0059 3736 BrFiltUp - ok
21:18:44.0108 3736 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:18:44.0149 3736 Brserid - ok
21:18:44.0182 3736 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:18:44.0229 3736 BrSerWdm - ok
21:18:44.0265 3736 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:18:44.0292 3736 BrUsbMdm - ok
21:18:44.0333 3736 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:18:44.0359 3736 BrUsbSer - ok
21:18:44.0403 3736 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:18:44.0439 3736 BTHMODEM - ok
21:18:44.0480 3736 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:18:44.0545 3736 cdfs - ok
21:18:44.0597 3736 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:18:44.0636 3736 cdrom - ok
21:18:44.0722 3736 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:18:44.0784 3736 circlass - ok
21:18:44.0896 3736 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:18:44.0918 3736 CLFS - ok
21:18:44.0989 3736 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:18:45.0016 3736 CmBatt - ok
21:18:45.0053 3736 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:18:45.0071 3736 cmdide - ok
21:18:45.0104 3736 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
21:18:45.0144 3736 CNG - ok
21:18:45.0185 3736 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:18:45.0205 3736 Compbatt - ok
21:18:45.0232 3736 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:18:45.0278 3736 CompositeBus - ok
21:18:45.0306 3736 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:18:45.0320 3736 crcdisk - ok
21:18:45.0351 3736 CRFILTER (64beed6775c22b0362fa9ded3f8124a1) C:\Windows\system32\DRIVERS\CRFILTER.sys
21:18:45.0424 3736 CRFILTER - ok
21:18:45.0522 3736 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:18:45.0594 3736 DfsC - ok
21:18:45.0638 3736 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:18:45.0701 3736 discache - ok
21:18:45.0804 3736 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:18:45.0828 3736 Disk - ok
21:18:45.0865 3736 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:18:45.0901 3736 drmkaud - ok
21:18:45.0964 3736 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:18:45.0995 3736 DXGKrnl - ok
21:18:46.0007 3736 EagleX64 - ok
21:18:46.0022 3736 eamonm - ok
21:18:46.0142 3736 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:18:46.0222 3736 ebdrv - ok
21:18:46.0286 3736 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:18:46.0317 3736 elxstor - ok
21:18:46.0340 3736 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
21:18:46.0378 3736 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
21:18:46.0378 3736 epmntdrv - detected UnsignedFile.Multi.Generic (1)
21:18:46.0418 3736 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:18:46.0461 3736 ErrDev - ok
21:18:46.0500 3736 ETD (5cd1005b9bc241c3ab8501d5fbf09fd4) C:\Windows\system32\DRIVERS\ETD.sys
21:18:46.0540 3736 ETD - ok
21:18:46.0632 3736 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys
21:18:46.0662 3736 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
21:18:46.0662 3736 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
21:18:46.0715 3736 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:18:46.0788 3736 exfat - ok
21:18:46.0868 3736 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:18:46.0921 3736 fastfat - ok
21:18:46.0959 3736 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:18:46.0983 3736 fdc - ok
21:18:47.0019 3736 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:18:47.0035 3736 FileInfo - ok
21:18:47.0069 3736 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:18:47.0129 3736 Filetrace - ok
21:18:47.0166 3736 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:18:47.0192 3736 flpydisk - ok
21:18:47.0242 3736 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:18:47.0265 3736 FltMgr - ok
21:18:47.0302 3736 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:18:47.0317 3736 FsDepends - ok
21:18:47.0357 3736 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
21:18:47.0372 3736 fssfltr - ok
21:18:47.0398 3736 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:18:47.0412 3736 Fs_Rec - ok
21:18:47.0453 3736 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:18:47.0477 3736 fvevol - ok
21:18:47.0507 3736 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:18:47.0522 3736 gagp30kx - ok
21:18:47.0565 3736 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:18:47.0585 3736 GEARAspiWDM - ok
21:18:47.0712 3736 hamachi (f8f0851d336c3b88dbd7232b6348e09a) C:\Windows\system32\DRIVERS\hamachi.sys
21:18:47.0728 3736 hamachi - ok
21:18:47.0767 3736 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:18:47.0811 3736 hcw85cir - ok
21:18:47.0919 3736 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:18:47.0960 3736 HdAudAddService - ok
21:18:48.0059 3736 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:18:48.0097 3736 HDAudBus - ok
21:18:48.0185 3736 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:18:48.0213 3736 HidBatt - ok
21:18:48.0307 3736 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:18:48.0341 3736 HidBth - ok
21:18:48.0427 3736 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:18:48.0475 3736 HidIr - ok
21:18:48.0587 3736 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
21:18:48.0607 3736 HidUsb - ok
21:18:48.0654 3736 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:18:48.0670 3736 HpSAMD - ok
21:18:48.0729 3736 HTCAND64 (363571bc0c79e394e69300d1f2e3ddae) C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:18:48.0753 3736 HTCAND64 - ok
21:18:48.0808 3736 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:18:48.0899 3736 HTTP - ok
21:18:49.0026 3736 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:18:49.0047 3736 hwpolicy - ok
21:18:49.0095 3736 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:18:49.0119 3736 i8042prt - ok
21:18:49.0171 3736 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:18:49.0195 3736 iaStorV - ok
21:18:49.0247 3736 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:18:49.0262 3736 iirsp - ok
21:18:49.0303 3736 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:18:49.0319 3736 intelide - ok
21:18:49.0342 3736 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:18:49.0375 3736 intelppm - ok
21:18:49.0415 3736 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:18:49.0475 3736 IpFilterDriver - ok
21:18:49.0510 3736 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:18:49.0537 3736 IPMIDRV - ok
21:18:49.0581 3736 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:18:49.0629 3736 IPNAT - ok
21:18:49.0668 3736 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:18:49.0707 3736 IRENUM - ok
21:18:49.0758 3736 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:18:49.0776 3736 isapnp - ok
21:18:49.0804 3736 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:18:49.0823 3736 iScsiPrt - ok
21:18:49.0855 3736 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:18:49.0870 3736 kbdclass - ok
21:18:49.0923 3736 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:18:49.0960 3736 kbdhid - ok
21:18:49.0986 3736 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
21:18:50.0000 3736 kbfiltr - ok
21:18:50.0035 3736 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
21:18:50.0051 3736 KSecDD - ok
21:18:50.0085 3736 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
21:18:50.0103 3736 KSecPkg - ok
21:18:50.0137 3736 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:18:50.0200 3736 ksthunk - ok
21:18:50.0238 3736 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:18:50.0293 3736 lltdio - ok
21:18:50.0335 3736 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:18:50.0352 3736 LSI_FC - ok
21:18:50.0383 3736 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:18:50.0399 3736 LSI_SAS - ok
21:18:50.0425 3736 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:18:50.0441 3736 LSI_SAS2 - ok
21:18:50.0469 3736 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:18:50.0500 3736 LSI_SCSI - ok
21:18:50.0526 3736 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:18:50.0588 3736 luafv - ok
21:18:50.0611 3736 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
21:18:50.0624 3736 lullaby - ok
21:18:50.0658 3736 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
21:18:50.0675 3736 MBAMProtector - ok
21:18:50.0712 3736 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:18:50.0727 3736 megasas - ok
21:18:50.0759 3736 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:18:50.0781 3736 MegaSR - ok
21:18:50.0817 3736 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:18:50.0867 3736 Modem - ok
21:18:50.0887 3736 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:18:50.0910 3736 monitor - ok
21:18:50.0946 3736 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:18:50.0962 3736 mouclass - ok
21:18:50.0984 3736 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:18:51.0018 3736 mouhid - ok
21:18:51.0044 3736 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:18:51.0062 3736 mountmgr - ok
21:18:51.0108 3736 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:18:51.0127 3736 mpio - ok
21:18:51.0160 3736 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:18:51.0222 3736 mpsdrv - ok
21:18:51.0266 3736 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:18:51.0310 3736 MRxDAV - ok
21:18:51.0344 3736 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:18:51.0395 3736 mrxsmb - ok
21:18:51.0433 3736 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:18:51.0468 3736 mrxsmb10 - ok
21:18:51.0488 3736 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:18:51.0518 3736 mrxsmb20 - ok
21:18:51.0544 3736 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:18:51.0559 3736 msahci - ok
21:18:51.0591 3736 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:18:51.0612 3736 msdsm - ok
21:18:51.0656 3736 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:18:51.0720 3736 Msfs - ok
21:18:51.0743 3736 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:18:51.0809 3736 mshidkmdf - ok
21:18:51.0853 3736 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:18:51.0874 3736 msisadrv - ok
21:18:51.0918 3736 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:18:51.0972 3736 MSKSSRV - ok
21:18:51.0988 3736 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:18:52.0037 3736 MSPCLOCK - ok
21:18:52.0063 3736 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:18:52.0128 3736 MSPQM - ok
21:18:52.0166 3736 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:18:52.0188 3736 MsRPC - ok
21:18:52.0219 3736 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:18:52.0236 3736 mssmbios - ok
21:18:52.0271 3736 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:18:52.0331 3736 MSTEE - ok
21:18:52.0357 3736 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:18:52.0390 3736 MTConfig - ok
21:18:52.0418 3736 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
21:18:52.0431 3736 MTsensor - ok
21:18:52.0455 3736 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:18:52.0470 3736 Mup - ok
21:18:52.0512 3736 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:18:52.0560 3736 NativeWifiP - ok
21:18:52.0601 3736 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:18:52.0659 3736 NDIS - ok
21:18:52.0682 3736 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:18:52.0745 3736 NdisCap - ok
21:18:52.0769 3736 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:18:52.0827 3736 NdisTapi - ok
21:18:52.0859 3736 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:18:52.0919 3736 Ndisuio - ok
21:18:52.0948 3736 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:18:53.0008 3736 NdisWan - ok
21:18:53.0034 3736 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:18:53.0097 3736 NDProxy - ok
21:18:53.0175 3736 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:18:53.0234 3736 NetBIOS - ok
21:18:53.0295 3736 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:18:53.0348 3736 NetBT - ok
21:18:53.0393 3736 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:18:53.0408 3736 nfrd960 - ok
21:18:53.0439 3736 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:18:53.0487 3736 Npfs - ok
21:18:53.0517 3736 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:18:53.0579 3736 nsiproxy - ok
21:18:53.0647 3736 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:18:53.0693 3736 Ntfs - ok
21:18:53.0719 3736 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:18:53.0789 3736 Null - ok
21:18:53.0827 3736 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:18:53.0845 3736 nvraid - ok
21:18:53.0868 3736 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:18:53.0886 3736 nvstor - ok
21:18:53.0920 3736 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:18:53.0938 3736 nv_agp - ok
21:18:53.0971 3736 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:18:54.0001 3736 ohci1394 - ok
21:18:54.0063 3736 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:18:54.0102 3736 Parport - ok
21:18:54.0187 3736 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:18:54.0205 3736 partmgr - ok
21:18:54.0241 3736 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:18:54.0261 3736 pci - ok
21:18:54.0284 3736 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:18:54.0299 3736 pciide - ok
21:18:54.0343 3736 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:18:54.0363 3736 pcmcia - ok
21:18:54.0378 3736 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:18:54.0394 3736 pcw - ok
21:18:54.0431 3736 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:18:54.0504 3736 PEAUTH - ok
21:18:54.0601 3736 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:18:54.0656 3736 PptpMiniport - ok
21:18:54.0701 3736 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:18:54.0730 3736 Processor - ok
21:18:54.0814 3736 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:18:54.0883 3736 Psched - ok
21:18:54.0919 3736 pwdrvio (3d895d9e93d39e113184a3b0fd49ac77) C:\Windows\system32\pwdrvio.sys
21:18:54.0943 3736 pwdrvio - ok
21:18:54.0976 3736 pwdspio (2f7f3d3bdb65cafce52f3e1d52cab937) C:\Windows\system32\pwdspio.sys
21:18:54.0995 3736 pwdspio - ok
21:18:55.0057 3736 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:18:55.0104 3736 ql2300 - ok
21:18:55.0128 3736 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:18:55.0144 3736 ql40xx - ok
21:18:55.0177 3736 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:18:55.0219 3736 QWAVEdrv - ok
21:18:55.0241 3736 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:18:55.0301 3736 RasAcd - ok
21:18:55.0332 3736 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:18:55.0389 3736 RasAgileVpn - ok
21:18:55.0420 3736 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:18:55.0481 3736 Rasl2tp - ok
21:18:55.0511 3736 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:18:55.0571 3736 RasPppoe - ok
21:18:55.0587 3736 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:18:55.0641 3736 RasSstp - ok
21:18:55.0871 3736 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:18:55.0920 3736 rdbss - ok
21:18:55.0986 3736 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:18:56.0037 3736 rdpbus - ok
21:18:56.0065 3736 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:18:56.0132 3736 RDPCDD - ok
21:18:56.0160 3736 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:18:56.0211 3736 RDPENCDD - ok
21:18:56.0237 3736 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:18:56.0294 3736 RDPREFMP - ok
21:18:56.0350 3736 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:18:56.0409 3736 RDPWD - ok
21:18:56.0470 3736 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:18:56.0489 3736 rdyboost - ok
21:18:56.0545 3736 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:18:56.0612 3736 rspndr - ok
21:18:56.0646 3736 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:18:56.0689 3736 RTL8167 - ok
21:18:56.0781 3736 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:18:56.0797 3736 sbp2port - ok
21:18:56.0851 3736 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:18:56.0903 3736 scfilter - ok
21:18:56.0963 3736 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:18:57.0031 3736 secdrv - ok
21:18:57.0087 3736 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:18:57.0117 3736 Serenum - ok
21:18:57.0149 3736 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:18:57.0189 3736 Serial - ok
21:18:57.0264 3736 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:18:57.0286 3736 sermouse - ok
21:18:57.0354 3736 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:18:57.0409 3736 sffdisk - ok
21:18:57.0480 3736 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:18:57.0527 3736 sffp_mmc - ok
21:18:57.0559 3736 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:18:57.0600 3736 sffp_sd - ok
21:18:57.0651 3736 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:18:57.0689 3736 sfloppy - ok
21:18:57.0730 3736 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
21:18:57.0763 3736 SiSGbeLH - ok
21:18:57.0800 3736 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:18:57.0815 3736 SiSRaid2 - ok
21:18:57.0853 3736 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:18:57.0869 3736 SiSRaid4 - ok
21:18:57.0911 3736 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:18:57.0978 3736 Smb - ok
21:18:58.0037 3736 snapman (d33f37dd403741982dbe99c7b6b6ff63) C:\Windows\system32\DRIVERS\snapman.sys
21:18:58.0054 3736 snapman - ok
21:18:58.0149 3736 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
21:18:58.0197 3736 SNP2UVC - ok
21:18:58.0218 3736 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:18:58.0234 3736 spldr - ok
21:18:58.0294 3736 sptd (d519ad2de7968cd2b47fea807c5b29b2) C:\Windows\System32\Drivers\sptd.sys
21:18:58.0294 3736 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: d519ad2de7968cd2b47fea807c5b29b2
21:18:58.0297 3736 sptd ( LockedFile.Multi.Generic ) - warning
21:18:58.0297 3736 sptd - detected LockedFile.Multi.Generic (1)
21:18:58.0356 3736 SRS_PremiumSound_Service (ac51533c7eeb05aa02b294a60e946238) C:\Windows\system32\drivers\srs_PremiumSound_amd64.sys
21:18:58.0377 3736 SRS_PremiumSound_Service - ok
21:18:58.0415 3736 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:18:58.0474 3736 srv - ok
21:18:58.0563 3736 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:18:58.0603 3736 srv2 - ok
21:18:58.0645 3736 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:18:58.0667 3736 srvnet - ok
21:18:58.0711 3736 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:18:58.0726 3736 stexstor - ok
21:18:58.0761 3736 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:18:58.0780 3736 swenum - ok
21:18:58.0880 3736 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:18:58.0966 3736 Tcpip - ok
21:18:59.0033 3736 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:18:59.0092 3736 TCPIP6 - ok
21:18:59.0132 3736 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:18:59.0193 3736 tcpipreg - ok
21:18:59.0236 3736 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:18:59.0295 3736 TDPIPE - ok
21:18:59.0348 3736 tdrpman (ac1fc18d04b92bac16cbd85de2a08a0b) C:\Windows\system32\DRIVERS\tdrpman.sys
21:18:59.0381 3736 tdrpman - ok
21:18:59.0394 3736 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:18:59.0441 3736 TDTCP - ok
21:18:59.0479 3736 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:18:59.0544 3736 tdx - ok
21:18:59.0592 3736 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:18:59.0607 3736 TermDD - ok
21:18:59.0663 3736 tifsfilter (3e24b7fe52bc455da8d6e2cc2b4ca23f) C:\Windows\system32\DRIVERS\tifsfilt.sys
21:18:59.0676 3736 tifsfilter - ok
21:18:59.0714 3736 timounter (ec4fd4d147985a97e881729e808e6f34) C:\Windows\system32\DRIVERS\timntr.sys
21:18:59.0741 3736 timounter - ok
21:18:59.0797 3736 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:18:59.0867 3736 tssecsrv - ok
21:18:59.0896 3736 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:18:59.0946 3736 TsUsbFlt - ok
21:19:00.0016 3736 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
21:19:00.0030 3736 TuneUpUtilitiesDrv - ok
21:19:00.0115 3736 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:19:00.0172 3736 tunnel - ok
21:19:00.0221 3736 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:19:00.0239 3736 uagp35 - ok
21:19:00.0296 3736 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:19:00.0354 3736 udfs - ok
21:19:00.0406 3736 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:19:00.0422 3736 uliagpkx - ok
21:19:00.0446 3736 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:19:00.0472 3736 umbus - ok
21:19:00.0502 3736 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:19:00.0522 3736 UmPass - ok
21:19:00.0554 3736 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:19:00.0580 3736 usbccgp - ok
21:19:00.0616 3736 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:19:00.0655 3736 usbcir - ok
21:19:00.0734 3736 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:19:00.0771 3736 usbehci - ok
21:19:00.0802 3736 usbfilter (d524f3716d85b744762ff5eaaef8f3a2) C:\Windows\system32\DRIVERS\usbfilter.sys
21:19:00.0819 3736 usbfilter - ok
21:19:00.0870 3736 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:19:00.0908 3736 usbhub - ok
21:19:01.0005 3736 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
21:19:01.0041 3736 usbohci - ok
21:19:01.0109 3736 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:19:01.0147 3736 usbprint - ok
21:19:01.0191 3736 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:19:01.0223 3736 USBSTOR - ok
21:19:01.0311 3736 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
21:19:01.0355 3736 usbuhci - ok
21:19:01.0411 3736 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
21:19:01.0459 3736 usbvideo - ok
21:19:01.0546 3736 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:19:01.0565 3736 vdrvroot - ok
21:19:01.0636 3736 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:19:01.0664 3736 vga - ok
21:19:01.0709 3736 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:19:01.0758 3736 VgaSave - ok
21:19:01.0819 3736 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:19:01.0843 3736 vhdmp - ok
21:19:01.0925 3736 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys
21:19:02.0031 3736 VIAHdAudAddService - ok
21:19:02.0114 3736 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:19:02.0138 3736 viaide - ok
21:19:02.0185 3736 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:19:02.0201 3736 volmgr - ok
21:19:02.0228 3736 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:19:02.0251 3736 volmgrx - ok
21:19:02.0277 3736 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:19:02.0298 3736 volsnap - ok
21:19:02.0336 3736 Vsdatant (48bfa6276bcc0535f5f8898107ed489a) C:\Windows\system32\DRIVERS\vsdatant.sys
21:19:02.0363 3736 Vsdatant - ok
21:19:02.0402 3736 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:19:02.0420 3736 vsmraid - ok
21:19:02.0446 3736 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:19:02.0477 3736 vwifibus - ok
21:19:02.0506 3736 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:19:02.0535 3736 vwififlt - ok
21:19:02.0555 3736 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
21:19:02.0582 3736 vwifimp - ok
21:19:02.0623 3736 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:19:02.0648 3736 WacomPen - ok
21:19:02.0683 3736 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:19:02.0746 3736 WANARP - ok
21:19:02.0753 3736 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:19:02.0799 3736 Wanarpv6 - ok
21:19:02.0856 3736 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:19:02.0870 3736 Wd - ok
21:19:02.0908 3736 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:19:02.0935 3736 Wdf01000 - ok
21:19:02.0977 3736 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:19:03.0025 3736 WfpLwf - ok
21:19:03.0090 3736 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
21:19:03.0111 3736 WimFltr - ok
21:19:03.0146 3736 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:19:03.0160 3736 WIMMount - ok
21:19:03.0253 3736 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:19:03.0285 3736 WinUsb - ok
21:19:03.0384 3736 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:19:03.0427 3736 WmiAcpi - ok
21:19:03.0503 3736 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:19:03.0569 3736 ws2ifsl - ok
21:19:03.0636 3736 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:19:03.0683 3736 WudfPf - ok
21:19:03.0723 3736 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:19:03.0782 3736 WUDFRd - ok
21:19:03.0842 3736 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:19:04.0082 3736 \Device\Harddisk0\DR0 - ok
21:19:04.0093 3736 Boot (0x1200) (6e134c1b5ed39e6d84c107648a77ef13) \Device\Harddisk0\DR0\Partition0
21:19:04.0096 3736 \Device\Harddisk0\DR0\Partition0 - ok
21:19:04.0103 3736 Boot (0x1200) (b06ddc6a5ce931eeded21392ef2dc853) \Device\Harddisk0\DR0\Partition1
21:19:04.0104 3736 \Device\Harddisk0\DR0\Partition1 - ok
21:19:04.0107 3736 ============================================================
21:19:04.0107 3736 Scan finished
21:19:04.0107 3736 ============================================================
21:19:04.0124 5032 Detected object count: 3
21:19:04.0124 5032 Actual detected object count: 3
21:21:34.0261 5032 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:34.0261 5032 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:21:34.0262 5032 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:34.0262 5032 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:21:34.0265 5032 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:21:34.0265 5032 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:22:55.0579 3360 Deinitialize success
Naposledy upravil(a) margaretiak dne 19 lis 2011 16:10, celkem upraveno 1 x.
Asus N55SF-SX384/procesor: Intel® Core™ i5-2430M (2.4GHz, 3MB)/grafika: NVIDIA® GeForce® GT 555M DDR3 2GB VRAM/systémová pameť: 8GB (2x4GB) DDR3 1333
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Udělejte znovu TDSSKiller a první dva objekty dejte smazat vše kromě sptd
vše kromě sptdNapiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
-
margaretiak
- Návštěvník
- Příspěvky: 154
- Registrován: 13 úno 2010 00:56
- Bydliště: bratislava
Re: prosim o kontrolu logu
TDSSKILLER mi po 2 scanoch vyhodil uz len ten sptd. Mam ich zmazat rucne? Ak jo, kde to najdem 
dakujem
dakujem Asus N55SF-SX384/procesor: Intel® Core™ i5-2430M (2.4GHz, 3MB)/grafika: NVIDIA® GeForce® GT 555M DDR3 2GB VRAM/systémová pameť: 8GB (2x4GB) DDR3 1333
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Pokračujte dále já se o ně postarám v novém RSITu
já se o ně postarám v novém RSITu Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
-
margaretiak
- Návštěvník
- Příspěvky: 154
- Registrován: 13 úno 2010 00:56
- Bydliště: bratislava
Re: prosim o kontrolu logu
Tu je novy RSIT, ale este stale defragmentujem. Teraz tu tak hodinku nebudem.
Logfile of random's system information tool 1.09 (written by random/random)
Run by kubko at 2011-11-19 16:23:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 11 GB (9%) free of 119 GB
Total RAM: 4095 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:23:20, on 19. 11. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
D:\runes of magic\Runes of Magic\ClientUpdate.exe
D:\runes of magic\Runes of Magic\patch_3.0.10.2385.en_3.0.11.2393.en.exe
C:\Program Files\trend micro\kubko.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
O4 - Startup: Dropbox.lnk = kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10976 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -service
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 2164
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000004f8
\??\C:\Windows\system32\conhost.exe "-260297576-1047445780-11737960511445996451702531111-1890143050-20904344541176377386
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-10f60465-e989-42d9-976b-372951fb0a86 -SystemEventPortName:HostProcess-05bc32a0-b679-4e0b-963a-53d6424d784b -IoCancelEventPortName:HostProcess-47c85e03-0297-4207-b293-df286eb93bb0 -NonStateChangingEventPortName:HostProcess-f86bce22-a624-4987-b589-b669ca051030 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5d73deee-abdd-49a0-8d25-dd50d2ab24f5
"taskhost.exe"
taskeng.exe {8108CE54-E7DD-4CDB-A626-FFDAC9992514}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:2096
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3984.765b4d0.1665645629 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.8.0 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 3984 "\\.\pipe\gecko-crash-server-pipe.3984" plugin
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\Defraggler\Defraggler64.exe"
"C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
"D:\runes of magic\Runes of Magic\ClientUpdate.exe" 0963
"D:\runes of magic\Runes of Magic\patch_3.0.10.2385.en_3.0.11.2393.en.exe"
C:\Windows\system32\AUDIODG.EXE 0x7a8
"C:\Users\kubko\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\kubko\AppData\Roaming\Mozilla\Firefox\Profiles\er3vzgei.kubco
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06, support@lastpass.com:1.74.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Aurora\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Aurora\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Aurora\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\kubko\AppData\Roaming\Mozilla\Firefox\Profiles\er3vzgei.kubco\extensions\
support@lastpass.com
{91aa5abe-9de4-4347-b7b5-322c38dd9271}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-11-19 75656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll [2010-06-13 2734688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll [2010-06-13 2734688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"=C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2010-08-09 248832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
D:\ICQ7\ICQ7.2\ICQ.exe [2011-01-05 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2009-10-22 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^kubko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-05-25 24176560]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"ADSMTray"=C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
"ZoneAlarm Client"=C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [2010-11-16 1043968]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-10-19 258512]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]
C:\Users\kubko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 115200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-11-19 16:13:31 ----AC---- C:\TDSSKiller.2.6.19.0_19.11.2011_16.13.31_log.txt
2011-11-19 16:07:22 ----A---- C:\Windows\system32\javaws.exe
2011-11-19 16:07:22 ----A---- C:\Windows\system32\javaw.exe
2011-11-19 16:07:22 ----A---- C:\Windows\system32\java.exe
2011-11-19 16:07:04 ----D---- C:\Program Files\Java
2011-11-19 16:02:37 ----D---- C:\Program Files\Defraggler
2011-11-19 12:43:29 ----D---- C:\Program Files\trend micro
2011-11-19 02:24:49 ----D---- C:\Program Files (x86)\Webteh
2011-11-18 21:18:31 ----DC---- C:\TDSSKiller_Quarantine
2011-11-18 21:14:23 ----AC---- C:\TDSSKiller.2.6.19.0_18.11.2011_21.14.23_log.txt
2011-11-18 11:48:17 ----D---- C:\ProgramData\Blizzard Entertainment
2011-11-17 15:03:43 ----DC---- C:\Download
2011-11-17 12:28:13 ----D---- C:\Users\kubko\AppData\Roaming\Apple Computer
2011-11-17 12:28:01 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2011-11-17 12:28:01 ----A---- C:\Windows\system32\GEARAspi64.dll
2011-11-17 12:28:01 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-11-17 12:27:19 ----D---- C:\Program Files\iPod
2011-11-17 12:27:18 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-11-17 12:27:18 ----D---- C:\Program Files\iTunes
2011-11-17 12:27:18 ----D---- C:\Program Files (x86)\iTunes
2011-11-17 12:26:03 ----D---- C:\Program Files (x86)\Apple Software Update
2011-11-17 11:58:17 ----D---- C:\Program Files (x86)\EphPod
2011-11-16 18:04:46 ----D---- C:\ProgramData\NexonUS
2011-11-16 15:57:27 ----D---- C:\Windows\system32\Macromed
2011-11-16 14:00:13 ----D---- C:\Users\kubko\AppData\Roaming\Evolved
2011-11-16 13:47:58 ----D---- C:\Program Files (x86)\Jane's Advanced Strike Fighters
2011-11-13 11:09:13 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2011-11-13 11:09:13 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2011-11-13 11:09:13 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-11-13 11:09:13 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-11-13 11:09:12 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2011-11-13 11:09:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2011-11-13 11:09:12 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-11-13 11:09:12 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-11-13 11:08:58 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2011-11-13 11:08:58 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-11-13 11:08:57 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2011-11-13 11:08:57 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-11-13 10:39:32 ----D---- C:\Windows\SYSWOW64\directx
2011-11-13 10:35:51 ----D---- C:\Program Files (x86)\theHunter
2011-11-11 19:11:26 ----D---- C:\ProgramData\NFS Underground
2011-11-11 17:03:01 ----D---- C:\Program Files (x86)\EA GAMES
2011-11-10 21:01:57 ----D---- C:\Program Files (x86)\Rockstar Games
2011-11-10 20:31:55 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-11-09 15:30:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-11-09 13:24:20 ----D---- C:\Program Files (x86)\Magical Jelly Bean
2011-11-09 08:29:02 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-09 08:28:58 ----A---- C:\Windows\system32\win32k.sys
2011-11-08 16:52:28 ----D---- C:\Users\kubko\AppData\Roaming\Avira
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-11-08 16:46:36 ----D---- C:\ProgramData\Avira
2011-11-08 16:46:36 ----D---- C:\Program Files (x86)\Avira
2011-11-07 16:26:25 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-11-07 16:26:25 ----A---- C:\Windows\system32\xmllite.dll
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-11-07 16:26:12 ----A---- C:\Windows\system32\shell32.dll
2011-11-07 16:26:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-11-07 16:25:46 ----A---- C:\Windows\system32\tquery.dll
2011-11-07 16:25:46 ----A---- C:\Windows\system32\mssrch.dll
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-11-07 16:25:45 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-11-07 16:25:45 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssvp.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssphtb.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssph.dll
2011-11-07 16:25:43 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-11-07 16:25:43 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-11-07 16:25:43 ----A---- C:\Windows\system32\msscntrs.dll
2011-11-07 16:25:40 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-11-07 16:25:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\FntCache.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\DWrite.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\d2d1.dll
2011-11-07 16:25:37 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-11-07 16:25:37 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-11-07 16:25:35 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-11-07 16:25:35 ----A---- C:\Windows\explorer.exe
2011-11-07 16:25:32 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-11-07 16:25:30 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-11-07 16:25:30 ----A---- C:\Windows\system32\XpsPrint.dll
2011-11-07 16:22:29 ----A---- C:\Windows\system32\esent.dll
2011-11-07 16:22:28 ----A---- C:\Windows\SYSWOW64\esent.dll
2011-11-07 16:22:28 ----A---- C:\Windows\system32\fsutil.exe
2011-11-07 16:22:27 ----A---- C:\Windows\system32\drivers\storport.sys
2011-11-07 16:22:27 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-11-07 16:22:26 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-11-07 16:22:24 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-11-07 16:21:15 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2011-11-07 16:21:15 ----A---- C:\Windows\system32\prevhost.exe
2011-10-31 18:27:59 ----D---- C:\Program Files (x86)\DotAlicious Gaming Client
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\java.exe
======List of files/folders modified in the last 1 month======
2011-11-19 16:23:22 ----D---- C:\Windows\Internet Logs
2011-11-19 16:23:17 ----D---- C:\Windows\Temp
2011-11-19 16:13:38 ----D---- C:\Windows\system32\drivers
2011-11-19 16:13:30 ----D---- C:\Windows\Prefetch
2011-11-19 16:12:25 ----D---- C:\Windows\system32\config
2011-11-19 16:07:47 ----SHD---- C:\Windows\Installer
2011-11-19 16:07:47 ----SHD---- C:\Config.Msi
2011-11-19 16:07:22 ----D---- C:\Windows\System32
2011-11-19 16:07:06 ----A---- C:\Windows\system32\deployJava1.dll
2011-11-19 16:07:04 ----RD---- C:\Program Files
2011-11-19 16:06:51 ----SHD---- C:\System Volume Information
2011-11-19 16:04:43 ----D---- C:\Windows\tracing
2011-11-19 16:01:27 ----D---- C:\Users\kubko\AppData\Roaming\uTorrent
2011-11-19 16:01:25 ----D---- C:\Windows\inf
2011-11-19 16:01:25 ----D---- C:\Windows
2011-11-19 15:58:34 ----D---- C:\Users\kubko\AppData\Roaming\Dropbox
2011-11-19 11:01:16 ----D---- C:\Windows\winsxs
2011-11-19 10:52:30 ----D---- C:\Nexon
2011-11-19 10:44:35 ----D---- C:\Windows\system32\catroot
2011-11-19 10:41:42 ----D---- C:\Windows\system32\DriverStore
2011-11-19 10:41:38 ----D---- C:\Program Files\Common Files
2011-11-19 10:40:35 ----RD---- C:\Program Files (x86)
2011-11-19 10:40:34 ----D---- C:\Windows\SysWOW64
2011-11-19 02:17:22 ----D---- C:\Windows\SYSWOW64\drivers
2011-11-19 02:14:32 ----D---- C:\Users\kubko\AppData\Roaming\BSplayer
2011-11-18 20:58:39 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-18 18:49:57 ----D---- C:\Users\kubko\AppData\Roaming\ICQ
2011-11-18 11:48:17 ----HD---- C:\ProgramData
2011-11-18 11:43:22 ----D---- C:\Program Files (x86)\Google
2011-11-18 10:59:54 ----D---- C:\Users\kubko\AppData\Roaming\DAEMON Tools Lite
2011-11-18 10:59:47 ----D---- C:\Windows\Logs
2011-11-18 10:59:47 ----D---- C:\Windows\debug
2011-11-17 16:37:54 ----D---- C:\ProgramData\NexonEU
2011-11-17 16:34:48 ----D---- C:\Program Files (x86)\BandiMPEG1
2011-11-17 15:03:28 ----A---- C:\Windows\SYSWOW64\nxEuUninstall.bat
2011-11-17 15:03:27 ----A---- C:\Windows\NEXON_EU_DownloaderUpdater.exe
2011-11-17 13:58:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-17 12:28:00 ----DC---- C:\Windows\system32\DRVSTORE
2011-11-17 12:27:18 ----D---- C:\ProgramData\Apple Computer
2011-11-17 12:25:58 ----D---- C:\Windows\system32\Tasks
2011-11-17 12:25:32 ----D---- C:\ProgramData\Apple
2011-11-16 18:21:08 ----D---- C:\ProgramData\PMB Files
2011-11-15 22:39:31 ----D---- C:\Windows\system32\NDF
2011-11-13 11:10:18 ----D---- C:\Program Files (x86)\Aurora
2011-11-13 11:08:50 ----D---- C:\Windows\system32\catroot2
2011-11-13 09:43:48 ----D---- C:\Program Files\Common Files\System
2011-11-13 09:27:49 ----D---- C:\ProgramData\Microsoft Help
2011-11-13 09:26:10 ----RSD---- C:\Windows\assembly
2011-11-13 09:18:54 ----A---- C:\Windows\system32\MRT.exe
2011-11-12 21:37:36 ----D---- C:\Users\kubko\AppData\Roaming\Skype
2011-11-10 21:02:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-11-09 15:35:38 ----D---- C:\Program Files (x86)\MSBuild
2011-11-09 15:34:06 ----SD---- C:\ProgramData\Microsoft
2011-11-09 08:30:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-11-08 21:40:14 ----D---- C:\Windows\Microsoft.NET
2011-11-08 15:36:10 ----D---- C:\Windows\pss
2011-11-08 15:34:07 ----A---- C:\Windows\system32\acovcnt.exe
2011-11-07 16:56:42 ----RSD---- C:\Windows\Fonts
2011-11-07 16:56:39 ----D---- C:\Windows\AppPatch
2011-11-07 16:56:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-11-07 16:56:37 ----D---- C:\Windows\system32\cs-CZ
2011-10-31 11:31:47 ----D---- C:\Program Files (x86)\Java
2011-10-23 10:39:50 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-10-22 35384]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-06-15 229408]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-10 530488]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2010-06-15 593952]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-06-15 711712]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-10-19 130760]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-10-19 27760]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 458840]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-10-19 97312]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2010-06-15 81952]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-06-26 6036480]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-08-31 25416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_amd64.sys [2009-05-18 343592]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-06-05 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 az2yhd6r;az2yhd6r; C:\Windows\system32\drivers\az2yhd6r.sys []
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 7168]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2010-07-15 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2010-07-15 8456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-06-03 33344]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2010-04-29 32768]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2008-03-06 599320]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-06-25 203264]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-19 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-19 86224]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-07-10 128224]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2008-03-06 495936]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2010-11-16 2435592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-11-13 934760]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-11-05 419624]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1255736]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 135664]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 135664]
S4 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by kubko at 2011-11-19 16:23:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 11 GB (9%) free of 119 GB
Total RAM: 4095 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:23:20, on 19. 11. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
D:\runes of magic\Runes of Magic\ClientUpdate.exe
D:\runes of magic\Runes of Magic\patch_3.0.10.2385.en_3.0.11.2393.en.exe
C:\Program Files\trend micro\kubko.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
O4 - Startup: Dropbox.lnk = kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10976 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -service
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 2164
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000004f8
\??\C:\Windows\system32\conhost.exe "-260297576-1047445780-11737960511445996451702531111-1890143050-20904344541176377386
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-10f60465-e989-42d9-976b-372951fb0a86 -SystemEventPortName:HostProcess-05bc32a0-b679-4e0b-963a-53d6424d784b -IoCancelEventPortName:HostProcess-47c85e03-0297-4207-b293-df286eb93bb0 -NonStateChangingEventPortName:HostProcess-f86bce22-a624-4987-b589-b669ca051030 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5d73deee-abdd-49a0-8d25-dd50d2ab24f5
"taskhost.exe"
taskeng.exe {8108CE54-E7DD-4CDB-A626-FFDAC9992514}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:2096
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3984.765b4d0.1665645629 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.8.0 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 3984 "\\.\pipe\gecko-crash-server-pipe.3984" plugin
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\Defraggler\Defraggler64.exe"
"C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
"D:\runes of magic\Runes of Magic\ClientUpdate.exe" 0963
"D:\runes of magic\Runes of Magic\patch_3.0.10.2385.en_3.0.11.2393.en.exe"
C:\Windows\system32\AUDIODG.EXE 0x7a8
"C:\Users\kubko\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\kubko\AppData\Roaming\Mozilla\Firefox\Profiles\er3vzgei.kubco
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06, support@lastpass.com:1.74.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Aurora\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Aurora\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Aurora\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\kubko\AppData\Roaming\Mozilla\Firefox\Profiles\er3vzgei.kubco\extensions\
support@lastpass.com
{91aa5abe-9de4-4347-b7b5-322c38dd9271}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-11-19 75656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll [2010-06-13 2734688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll [2010-06-13 2734688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"=C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2010-08-09 248832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
D:\ICQ7\ICQ7.2\ICQ.exe [2011-01-05 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2009-10-22 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^kubko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-05-25 24176560]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"ADSMTray"=C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
"ZoneAlarm Client"=C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [2010-11-16 1043968]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-10-19 258512]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]
C:\Users\kubko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 115200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-11-19 16:13:31 ----AC---- C:\TDSSKiller.2.6.19.0_19.11.2011_16.13.31_log.txt
2011-11-19 16:07:22 ----A---- C:\Windows\system32\javaws.exe
2011-11-19 16:07:22 ----A---- C:\Windows\system32\javaw.exe
2011-11-19 16:07:22 ----A---- C:\Windows\system32\java.exe
2011-11-19 16:07:04 ----D---- C:\Program Files\Java
2011-11-19 16:02:37 ----D---- C:\Program Files\Defraggler
2011-11-19 12:43:29 ----D---- C:\Program Files\trend micro
2011-11-19 02:24:49 ----D---- C:\Program Files (x86)\Webteh
2011-11-18 21:18:31 ----DC---- C:\TDSSKiller_Quarantine
2011-11-18 21:14:23 ----AC---- C:\TDSSKiller.2.6.19.0_18.11.2011_21.14.23_log.txt
2011-11-18 11:48:17 ----D---- C:\ProgramData\Blizzard Entertainment
2011-11-17 15:03:43 ----DC---- C:\Download
2011-11-17 12:28:13 ----D---- C:\Users\kubko\AppData\Roaming\Apple Computer
2011-11-17 12:28:01 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2011-11-17 12:28:01 ----A---- C:\Windows\system32\GEARAspi64.dll
2011-11-17 12:28:01 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-11-17 12:27:19 ----D---- C:\Program Files\iPod
2011-11-17 12:27:18 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-11-17 12:27:18 ----D---- C:\Program Files\iTunes
2011-11-17 12:27:18 ----D---- C:\Program Files (x86)\iTunes
2011-11-17 12:26:03 ----D---- C:\Program Files (x86)\Apple Software Update
2011-11-17 11:58:17 ----D---- C:\Program Files (x86)\EphPod
2011-11-16 18:04:46 ----D---- C:\ProgramData\NexonUS
2011-11-16 15:57:27 ----D---- C:\Windows\system32\Macromed
2011-11-16 14:00:13 ----D---- C:\Users\kubko\AppData\Roaming\Evolved
2011-11-16 13:47:58 ----D---- C:\Program Files (x86)\Jane's Advanced Strike Fighters
2011-11-13 11:09:13 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2011-11-13 11:09:13 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2011-11-13 11:09:13 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-11-13 11:09:13 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-11-13 11:09:12 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2011-11-13 11:09:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2011-11-13 11:09:12 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-11-13 11:09:12 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-11-13 11:08:58 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2011-11-13 11:08:58 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-11-13 11:08:57 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2011-11-13 11:08:57 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-11-13 10:39:32 ----D---- C:\Windows\SYSWOW64\directx
2011-11-13 10:35:51 ----D---- C:\Program Files (x86)\theHunter
2011-11-11 19:11:26 ----D---- C:\ProgramData\NFS Underground
2011-11-11 17:03:01 ----D---- C:\Program Files (x86)\EA GAMES
2011-11-10 21:01:57 ----D---- C:\Program Files (x86)\Rockstar Games
2011-11-10 20:31:55 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-11-09 15:30:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-11-09 13:24:20 ----D---- C:\Program Files (x86)\Magical Jelly Bean
2011-11-09 08:29:02 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-09 08:28:58 ----A---- C:\Windows\system32\win32k.sys
2011-11-08 16:52:28 ----D---- C:\Users\kubko\AppData\Roaming\Avira
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-11-08 16:46:36 ----D---- C:\ProgramData\Avira
2011-11-08 16:46:36 ----D---- C:\Program Files (x86)\Avira
2011-11-07 16:26:25 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-11-07 16:26:25 ----A---- C:\Windows\system32\xmllite.dll
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-11-07 16:26:12 ----A---- C:\Windows\system32\shell32.dll
2011-11-07 16:26:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-11-07 16:25:46 ----A---- C:\Windows\system32\tquery.dll
2011-11-07 16:25:46 ----A---- C:\Windows\system32\mssrch.dll
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-11-07 16:25:45 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-11-07 16:25:45 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssvp.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssphtb.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssph.dll
2011-11-07 16:25:43 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-11-07 16:25:43 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-11-07 16:25:43 ----A---- C:\Windows\system32\msscntrs.dll
2011-11-07 16:25:40 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-11-07 16:25:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\FntCache.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\DWrite.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\d2d1.dll
2011-11-07 16:25:37 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-11-07 16:25:37 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-11-07 16:25:35 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-11-07 16:25:35 ----A---- C:\Windows\explorer.exe
2011-11-07 16:25:32 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-11-07 16:25:30 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-11-07 16:25:30 ----A---- C:\Windows\system32\XpsPrint.dll
2011-11-07 16:22:29 ----A---- C:\Windows\system32\esent.dll
2011-11-07 16:22:28 ----A---- C:\Windows\SYSWOW64\esent.dll
2011-11-07 16:22:28 ----A---- C:\Windows\system32\fsutil.exe
2011-11-07 16:22:27 ----A---- C:\Windows\system32\drivers\storport.sys
2011-11-07 16:22:27 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-11-07 16:22:26 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-11-07 16:22:24 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-11-07 16:21:15 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2011-11-07 16:21:15 ----A---- C:\Windows\system32\prevhost.exe
2011-10-31 18:27:59 ----D---- C:\Program Files (x86)\DotAlicious Gaming Client
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\java.exe
======List of files/folders modified in the last 1 month======
2011-11-19 16:23:22 ----D---- C:\Windows\Internet Logs
2011-11-19 16:23:17 ----D---- C:\Windows\Temp
2011-11-19 16:13:38 ----D---- C:\Windows\system32\drivers
2011-11-19 16:13:30 ----D---- C:\Windows\Prefetch
2011-11-19 16:12:25 ----D---- C:\Windows\system32\config
2011-11-19 16:07:47 ----SHD---- C:\Windows\Installer
2011-11-19 16:07:47 ----SHD---- C:\Config.Msi
2011-11-19 16:07:22 ----D---- C:\Windows\System32
2011-11-19 16:07:06 ----A---- C:\Windows\system32\deployJava1.dll
2011-11-19 16:07:04 ----RD---- C:\Program Files
2011-11-19 16:06:51 ----SHD---- C:\System Volume Information
2011-11-19 16:04:43 ----D---- C:\Windows\tracing
2011-11-19 16:01:27 ----D---- C:\Users\kubko\AppData\Roaming\uTorrent
2011-11-19 16:01:25 ----D---- C:\Windows\inf
2011-11-19 16:01:25 ----D---- C:\Windows
2011-11-19 15:58:34 ----D---- C:\Users\kubko\AppData\Roaming\Dropbox
2011-11-19 11:01:16 ----D---- C:\Windows\winsxs
2011-11-19 10:52:30 ----D---- C:\Nexon
2011-11-19 10:44:35 ----D---- C:\Windows\system32\catroot
2011-11-19 10:41:42 ----D---- C:\Windows\system32\DriverStore
2011-11-19 10:41:38 ----D---- C:\Program Files\Common Files
2011-11-19 10:40:35 ----RD---- C:\Program Files (x86)
2011-11-19 10:40:34 ----D---- C:\Windows\SysWOW64
2011-11-19 02:17:22 ----D---- C:\Windows\SYSWOW64\drivers
2011-11-19 02:14:32 ----D---- C:\Users\kubko\AppData\Roaming\BSplayer
2011-11-18 20:58:39 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-18 18:49:57 ----D---- C:\Users\kubko\AppData\Roaming\ICQ
2011-11-18 11:48:17 ----HD---- C:\ProgramData
2011-11-18 11:43:22 ----D---- C:\Program Files (x86)\Google
2011-11-18 10:59:54 ----D---- C:\Users\kubko\AppData\Roaming\DAEMON Tools Lite
2011-11-18 10:59:47 ----D---- C:\Windows\Logs
2011-11-18 10:59:47 ----D---- C:\Windows\debug
2011-11-17 16:37:54 ----D---- C:\ProgramData\NexonEU
2011-11-17 16:34:48 ----D---- C:\Program Files (x86)\BandiMPEG1
2011-11-17 15:03:28 ----A---- C:\Windows\SYSWOW64\nxEuUninstall.bat
2011-11-17 15:03:27 ----A---- C:\Windows\NEXON_EU_DownloaderUpdater.exe
2011-11-17 13:58:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-17 12:28:00 ----DC---- C:\Windows\system32\DRVSTORE
2011-11-17 12:27:18 ----D---- C:\ProgramData\Apple Computer
2011-11-17 12:25:58 ----D---- C:\Windows\system32\Tasks
2011-11-17 12:25:32 ----D---- C:\ProgramData\Apple
2011-11-16 18:21:08 ----D---- C:\ProgramData\PMB Files
2011-11-15 22:39:31 ----D---- C:\Windows\system32\NDF
2011-11-13 11:10:18 ----D---- C:\Program Files (x86)\Aurora
2011-11-13 11:08:50 ----D---- C:\Windows\system32\catroot2
2011-11-13 09:43:48 ----D---- C:\Program Files\Common Files\System
2011-11-13 09:27:49 ----D---- C:\ProgramData\Microsoft Help
2011-11-13 09:26:10 ----RSD---- C:\Windows\assembly
2011-11-13 09:18:54 ----A---- C:\Windows\system32\MRT.exe
2011-11-12 21:37:36 ----D---- C:\Users\kubko\AppData\Roaming\Skype
2011-11-10 21:02:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-11-09 15:35:38 ----D---- C:\Program Files (x86)\MSBuild
2011-11-09 15:34:06 ----SD---- C:\ProgramData\Microsoft
2011-11-09 08:30:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-11-08 21:40:14 ----D---- C:\Windows\Microsoft.NET
2011-11-08 15:36:10 ----D---- C:\Windows\pss
2011-11-08 15:34:07 ----A---- C:\Windows\system32\acovcnt.exe
2011-11-07 16:56:42 ----RSD---- C:\Windows\Fonts
2011-11-07 16:56:39 ----D---- C:\Windows\AppPatch
2011-11-07 16:56:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-11-07 16:56:37 ----D---- C:\Windows\system32\cs-CZ
2011-10-31 11:31:47 ----D---- C:\Program Files (x86)\Java
2011-10-23 10:39:50 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-10-22 35384]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-06-15 229408]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-10 530488]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2010-06-15 593952]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-06-15 711712]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-10-19 130760]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-10-19 27760]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 458840]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-10-19 97312]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2010-06-15 81952]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-06-26 6036480]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-08-31 25416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_amd64.sys [2009-05-18 343592]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-06-05 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 az2yhd6r;az2yhd6r; C:\Windows\system32\drivers\az2yhd6r.sys []
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 7168]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2010-07-15 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2010-07-15 8456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-06-03 33344]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2010-04-29 32768]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2008-03-06 599320]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-06-25 203264]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-19 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-19 86224]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-07-10 128224]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2008-03-06 495936]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2010-11-16 2435592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-11-13 934760]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-11-05 419624]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1255736]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 135664]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 135664]
S4 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
-----------------EOF-----------------
Asus N55SF-SX384/procesor: Intel® Core™ i5-2430M (2.4GHz, 3MB)/grafika: NVIDIA® GeForce® GT 555M DDR3 2GB VRAM/systémová pameť: 8GB (2x4GB) DDR3 1333
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Výborně já jdu ted taky na hodinku zhruba pryč, tak pak vám napíši další návod
já jdu ted taky na hodinku zhruba pryč, tak pak vám napíši další návod Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
-
margaretiak
- Návštěvník
- Příspěvky: 154
- Registrován: 13 úno 2010 00:56
- Bydliště: bratislava
Re: prosim o kontrolu logu
A keby som mohol este, tak..mam problem: Do winu sa prihlasujem cez admina, ale ked chcem ukoncit nejake sluzby(napr WPM network sharing), pripadne niekedy nieco vymazat, tak mi to vypise, ze bol pristup odopreny, v inom pripade, ze nemam dostatocne privilegia, ze mam pouzit admina(cez ktory ale som prihlaseny).
A preco mi v sluzbach ide win defender, ked ho mam vypnuty? Ci ten si tam hrkuta stale?
A preco mi v sluzbach ide win defender, ked ho mam vypnuty? Ci ten si tam hrkuta stale?
Asus N55SF-SX384/procesor: Intel® Core™ i5-2430M (2.4GHz, 3MB)/grafika: NVIDIA® GeForce® GT 555M DDR3 2GB VRAM/systémová pameť: 8GB (2x4GB) DDR3 1333
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Stáhneme si na Plochu program OTM
- Spustíme soubor OTM.exe (pokud máte Windows Vista nebo Windows 7,tak na soubor klikněte pravým tlačítkem myši a dejte ,,Spustit jako správce,,)
- Spustí se nám program OTM a do levého okna ,,Paste Instructions for Items to be Moved,, vložíme následující skript a stiskneme tlačítko MoveIt
Kód: Vybrat vše
:Services epmntdrv EuGdiDrv :Files C:\Windows\syswow64\epmntdrv.sys C:\Windows\syswow64\EuGdiDrv.sys %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :Reg [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{381FFDE8-2394-4f90-B10D-FC6124A40F8C}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] "{BFC32E1D-EE75-4A48-BC60-104E11EE2431}"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "FileHippo.com"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^kubko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"=- "Malwarebytes' Anti-Malware"=- :Commands [ClearAllRestorePoints] [EmptyFlash] [EmptyTemp] [ResetHosts] - Po restartu pc se vám objeví log z OTM,ten mi sem prosím vložte..
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
-
margaretiak
- Návštěvník
- Příspěvky: 154
- Registrován: 13 úno 2010 00:56
- Bydliště: bratislava
Re: prosim o kontrolu logu
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
avira mi zablokovala host file. "In accordance with security guidelines, the Administrator has blocked access to the Hosts file."
mam vypnut realtime protection a spustit script znovu?
avira mi zablokovala host file. "In accordance with security guidelines, the Administrator has blocked access to the Hosts file."
mam vypnut realtime protection a spustit script znovu?
Asus N55SF-SX384/procesor: Intel® Core™ i5-2430M (2.4GHz, 3MB)/grafika: NVIDIA® GeForce® GT 555M DDR3 2GB VRAM/systémová pameť: 8GB (2x4GB) DDR3 1333
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
ano zkuste
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
-
margaretiak
- Návštěvník
- Příspěvky: 154
- Registrován: 13 úno 2010 00:56
- Bydliště: bratislava
Re: prosim o kontrolu logu
All processes killed
========== SERVICES/DRIVERS ==========
Error: No service named epmntdrv was found to stop!
Service\Driver key epmntdrv not found.
Error: No service named EuGdiDrv was found to stop!
Service\Driver key EuGdiDrv not found.
========== FILES ==========
File/Folder C:\Windows\syswow64\epmntdrv.sys not found.
File/Folder C:\Windows\syswow64\EuGdiDrv.sys not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{381FFDE8-2394-4f90-B10D-FC6124A40F8C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{381FFDE8-2394-4f90-B10D-FC6124A40F8C}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\FileHippo.com not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^kubko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware not found.
========== COMMANDS ==========
Error creating restore point.
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Kubco
->Flash cache emptied: 0 bytes
User: kubko
->Flash cache emptied: 719 bytes
User: Miska
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Kubco
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: kubko
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49152 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 19251417 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Miska
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 256 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 18.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.19.0 log created on 11192011_191239
Files moved on Reboot...
C:\Windows\temp\ZLT06f01.TMP moved successfully.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== SERVICES/DRIVERS ==========
Error: No service named epmntdrv was found to stop!
Service\Driver key epmntdrv not found.
Error: No service named EuGdiDrv was found to stop!
Service\Driver key EuGdiDrv not found.
========== FILES ==========
File/Folder C:\Windows\syswow64\epmntdrv.sys not found.
File/Folder C:\Windows\syswow64\EuGdiDrv.sys not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{381FFDE8-2394-4f90-B10D-FC6124A40F8C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{381FFDE8-2394-4f90-B10D-FC6124A40F8C}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\FileHippo.com not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^kubko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware not found.
========== COMMANDS ==========
Error creating restore point.
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Kubco
->Flash cache emptied: 0 bytes
User: kubko
->Flash cache emptied: 719 bytes
User: Miska
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Kubco
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: kubko
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49152 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 19251417 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Miska
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 256 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 18.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.19.0 log created on 11192011_191239
Files moved on Reboot...
C:\Windows\temp\ZLT06f01.TMP moved successfully.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Asus N55SF-SX384/procesor: Intel® Core™ i5-2430M (2.4GHz, 3MB)/grafika: NVIDIA® GeForce® GT 555M DDR3 2GB VRAM/systémová pameť: 8GB (2x4GB) DDR3 1333
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Výborně... poprosím o nový RSIT
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
-
margaretiak
- Návštěvník
- Příspěvky: 154
- Registrován: 13 úno 2010 00:56
- Bydliště: bratislava
Re: prosim o kontrolu logu
Logfile of random's system information tool 1.09 (written by random/random)
Run by kubko at 2011-11-19 19:28:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 10 GB (9%) free of 119 GB
Total RAM: 4095 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:28:51, on 19. 11. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\kubko.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - Startup: Dropbox.lnk = kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10441 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe"
taskeng.exe {16A9E6B7-ACF0-4A0F-8964-68C8DFC989C5}
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Atouch64.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:2420
WLIDSvcM.exe 2500
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000784
\??\C:\Windows\system32\conhost.exe "-8180107-1422938926585805580-3912722432052648820-146102876-17690219411173052109
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7d1ae32b-1948-4fc9-8f18-c04b00df6698 -SystemEventPortName:HostProcess-4b37e5bf-48df-4ef2-8948-3f738e1a2b3c -IoCancelEventPortName:HostProcess-fcc53edd-a264-4894-b36f-c96105de1140 -NonStateChangingEventPortName:HostProcess-c9b9629b-7664-427c-b409-e66ba138771a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e747ba5e-ea2e-44c9-ba9f-430abe0df01c
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\11192011_191239.log
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3456.74724e0.283763988 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.8.0 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 3456 "\\.\pipe\gecko-crash-server-pipe.3456" plugin
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\AUDIODG.EXE 0x7b4
"C:\Users\kubko\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\kubko\AppData\Roaming\Mozilla\Firefox\Profiles\er3vzgei.kubco
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06, support@lastpass.com:1.74.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Aurora\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Aurora\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Aurora\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\kubko\AppData\Roaming\Mozilla\Firefox\Profiles\er3vzgei.kubco\extensions\
support@lastpass.com
{91aa5abe-9de4-4347-b7b5-322c38dd9271}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-11-19 75656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll [2010-06-13 2734688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll [2010-06-13 2734688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
D:\ICQ7\ICQ7.2\ICQ.exe [2011-01-05 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2009-10-22 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^kubko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-05-25 24176560]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"ADSMTray"=C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
"ZoneAlarm Client"=C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [2010-11-16 1043968]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-10-19 258512]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
C:\Users\kubko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 115200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-11-19 18:57:45 ----DC---- C:\_OTM
2011-11-19 16:13:31 ----AC---- C:\TDSSKiller.2.6.19.0_19.11.2011_16.13.31_log.txt
2011-11-19 16:07:22 ----A---- C:\Windows\system32\javaws.exe
2011-11-19 16:07:22 ----A---- C:\Windows\system32\javaw.exe
2011-11-19 16:07:22 ----A---- C:\Windows\system32\java.exe
2011-11-19 16:07:04 ----D---- C:\Program Files\Java
2011-11-19 16:02:37 ----D---- C:\Program Files\Defraggler
2011-11-19 12:43:29 ----D---- C:\Program Files\trend micro
2011-11-19 02:24:49 ----D---- C:\Program Files (x86)\Webteh
2011-11-18 21:18:31 ----DC---- C:\TDSSKiller_Quarantine
2011-11-18 21:14:23 ----AC---- C:\TDSSKiller.2.6.19.0_18.11.2011_21.14.23_log.txt
2011-11-18 11:48:17 ----D---- C:\ProgramData\Blizzard Entertainment
2011-11-17 15:03:43 ----DC---- C:\Download
2011-11-17 12:28:13 ----D---- C:\Users\kubko\AppData\Roaming\Apple Computer
2011-11-17 12:28:01 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2011-11-17 12:28:01 ----A---- C:\Windows\system32\GEARAspi64.dll
2011-11-17 12:28:01 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-11-17 12:27:19 ----D---- C:\Program Files\iPod
2011-11-17 12:27:18 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-11-17 12:27:18 ----D---- C:\Program Files\iTunes
2011-11-17 12:27:18 ----D---- C:\Program Files (x86)\iTunes
2011-11-17 12:26:03 ----D---- C:\Program Files (x86)\Apple Software Update
2011-11-17 11:58:17 ----D---- C:\Program Files (x86)\EphPod
2011-11-16 18:04:46 ----D---- C:\ProgramData\NexonUS
2011-11-16 15:57:27 ----D---- C:\Windows\system32\Macromed
2011-11-16 14:00:13 ----D---- C:\Users\kubko\AppData\Roaming\Evolved
2011-11-16 13:47:58 ----D---- C:\Program Files (x86)\Jane's Advanced Strike Fighters
2011-11-13 11:09:13 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2011-11-13 11:09:13 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2011-11-13 11:09:13 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-11-13 11:09:13 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-11-13 11:09:12 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2011-11-13 11:09:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2011-11-13 11:09:12 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-11-13 11:09:12 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-11-13 11:08:58 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2011-11-13 11:08:58 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-11-13 11:08:57 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2011-11-13 11:08:57 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-11-13 10:39:32 ----D---- C:\Windows\SYSWOW64\directx
2011-11-13 10:35:51 ----D---- C:\Program Files (x86)\theHunter
2011-11-11 19:11:26 ----D---- C:\ProgramData\NFS Underground
2011-11-11 17:03:01 ----D---- C:\Program Files (x86)\EA GAMES
2011-11-10 21:01:57 ----D---- C:\Program Files (x86)\Rockstar Games
2011-11-10 20:31:55 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-11-09 15:30:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-11-09 13:24:20 ----D---- C:\Program Files (x86)\Magical Jelly Bean
2011-11-09 08:29:02 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-09 08:28:58 ----A---- C:\Windows\system32\win32k.sys
2011-11-08 16:52:28 ----D---- C:\Users\kubko\AppData\Roaming\Avira
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-11-08 16:46:36 ----D---- C:\ProgramData\Avira
2011-11-08 16:46:36 ----D---- C:\Program Files (x86)\Avira
2011-11-07 16:26:25 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-11-07 16:26:25 ----A---- C:\Windows\system32\xmllite.dll
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-11-07 16:26:12 ----A---- C:\Windows\system32\shell32.dll
2011-11-07 16:26:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-11-07 16:25:46 ----A---- C:\Windows\system32\tquery.dll
2011-11-07 16:25:46 ----A---- C:\Windows\system32\mssrch.dll
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-11-07 16:25:45 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-11-07 16:25:45 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssvp.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssphtb.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssph.dll
2011-11-07 16:25:43 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-11-07 16:25:43 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-11-07 16:25:43 ----A---- C:\Windows\system32\msscntrs.dll
2011-11-07 16:25:40 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-11-07 16:25:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\FntCache.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\DWrite.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\d2d1.dll
2011-11-07 16:25:37 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-11-07 16:25:37 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-11-07 16:25:35 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-11-07 16:25:35 ----A---- C:\Windows\explorer.exe
2011-11-07 16:25:32 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-11-07 16:25:30 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-11-07 16:25:30 ----A---- C:\Windows\system32\XpsPrint.dll
2011-11-07 16:22:29 ----A---- C:\Windows\system32\esent.dll
2011-11-07 16:22:28 ----A---- C:\Windows\SYSWOW64\esent.dll
2011-11-07 16:22:28 ----A---- C:\Windows\system32\fsutil.exe
2011-11-07 16:22:27 ----A---- C:\Windows\system32\drivers\storport.sys
2011-11-07 16:22:27 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-11-07 16:22:26 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-11-07 16:22:24 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-11-07 16:21:15 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2011-11-07 16:21:15 ----A---- C:\Windows\system32\prevhost.exe
2011-10-31 18:27:59 ----D---- C:\Program Files (x86)\DotAlicious Gaming Client
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\java.exe
======List of files/folders modified in the last 1 month======
2011-11-19 19:28:49 ----D---- C:\Windows\Temp
2011-11-19 19:27:05 ----D---- C:\Windows\Internet Logs
2011-11-19 19:16:22 ----D---- C:\Users\kubko\AppData\Roaming\Dropbox
2011-11-19 19:15:36 ----D---- C:\Windows\system32\config
2011-11-19 19:14:45 ----D---- C:\Windows
2011-11-19 19:13:05 ----D---- C:\Windows\system32\drivers\etc
2011-11-19 19:01:23 ----D---- C:\Windows\Prefetch
2011-11-19 18:58:23 ----SHD---- C:\System Volume Information
2011-11-19 18:57:47 ----D---- C:\Windows\SysWOW64
2011-11-19 16:13:38 ----D---- C:\Windows\system32\drivers
2011-11-19 16:07:47 ----SHD---- C:\Windows\Installer
2011-11-19 16:07:47 ----SHD---- C:\Config.Msi
2011-11-19 16:07:22 ----D---- C:\Windows\System32
2011-11-19 16:07:06 ----A---- C:\Windows\system32\deployJava1.dll
2011-11-19 16:07:04 ----RD---- C:\Program Files
2011-11-19 16:04:43 ----D---- C:\Windows\tracing
2011-11-19 16:01:27 ----D---- C:\Users\kubko\AppData\Roaming\uTorrent
2011-11-19 16:01:25 ----D---- C:\Windows\inf
2011-11-19 11:01:16 ----D---- C:\Windows\winsxs
2011-11-19 10:52:30 ----D---- C:\Nexon
2011-11-19 10:44:35 ----D---- C:\Windows\system32\catroot
2011-11-19 10:41:42 ----D---- C:\Windows\system32\DriverStore
2011-11-19 10:41:38 ----D---- C:\Program Files\Common Files
2011-11-19 10:40:35 ----RD---- C:\Program Files (x86)
2011-11-19 02:17:22 ----D---- C:\Windows\SYSWOW64\drivers
2011-11-19 02:14:32 ----D---- C:\Users\kubko\AppData\Roaming\BSplayer
2011-11-18 20:58:39 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-18 18:49:57 ----D---- C:\Users\kubko\AppData\Roaming\ICQ
2011-11-18 11:48:17 ----HD---- C:\ProgramData
2011-11-18 11:43:22 ----D---- C:\Program Files (x86)\Google
2011-11-18 10:59:54 ----D---- C:\Users\kubko\AppData\Roaming\DAEMON Tools Lite
2011-11-18 10:59:47 ----D---- C:\Windows\Logs
2011-11-18 10:59:47 ----D---- C:\Windows\debug
2011-11-17 16:37:54 ----D---- C:\ProgramData\NexonEU
2011-11-17 16:34:48 ----D---- C:\Program Files (x86)\BandiMPEG1
2011-11-17 15:03:28 ----A---- C:\Windows\SYSWOW64\nxEuUninstall.bat
2011-11-17 15:03:27 ----A---- C:\Windows\NEXON_EU_DownloaderUpdater.exe
2011-11-17 13:58:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-17 12:28:00 ----DC---- C:\Windows\system32\DRVSTORE
2011-11-17 12:27:18 ----D---- C:\ProgramData\Apple Computer
2011-11-17 12:25:58 ----D---- C:\Windows\system32\Tasks
2011-11-17 12:25:32 ----D---- C:\ProgramData\Apple
2011-11-16 18:21:08 ----D---- C:\ProgramData\PMB Files
2011-11-15 22:39:31 ----D---- C:\Windows\system32\NDF
2011-11-13 11:10:18 ----D---- C:\Program Files (x86)\Aurora
2011-11-13 11:08:50 ----D---- C:\Windows\system32\catroot2
2011-11-13 09:43:48 ----D---- C:\Program Files\Common Files\System
2011-11-13 09:27:49 ----D---- C:\ProgramData\Microsoft Help
2011-11-13 09:26:10 ----RSD---- C:\Windows\assembly
2011-11-13 09:18:54 ----A---- C:\Windows\system32\MRT.exe
2011-11-12 21:37:36 ----D---- C:\Users\kubko\AppData\Roaming\Skype
2011-11-10 21:02:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-11-09 15:35:38 ----D---- C:\Program Files (x86)\MSBuild
2011-11-09 15:34:06 ----SD---- C:\ProgramData\Microsoft
2011-11-09 08:30:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-11-08 21:40:14 ----D---- C:\Windows\Microsoft.NET
2011-11-08 15:36:10 ----D---- C:\Windows\pss
2011-11-08 15:34:07 ----A---- C:\Windows\system32\acovcnt.exe
2011-11-07 16:56:42 ----RSD---- C:\Windows\Fonts
2011-11-07 16:56:39 ----D---- C:\Windows\AppPatch
2011-11-07 16:56:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-11-07 16:56:37 ----D---- C:\Windows\system32\cs-CZ
2011-10-31 11:31:47 ----D---- C:\Program Files (x86)\Java
2011-10-23 10:39:50 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-10-22 35384]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-06-15 229408]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-10 530488]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2010-06-15 593952]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-06-15 711712]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-10-19 130760]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-10-19 27760]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 458840]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-10-19 97312]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2010-06-15 81952]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-06-26 6036480]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-08-31 25416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_amd64.sys [2009-05-18 343592]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-06-05 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 aud41dry;aud41dry; C:\Windows\system32\drivers\aud41dry.sys []
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 7168]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-06-03 33344]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2010-04-29 32768]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2008-03-06 599320]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-06-25 203264]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-19 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-19 86224]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-07-10 128224]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2008-03-06 495936]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2010-11-16 2435592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-11-13 934760]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-11-05 419624]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1255736]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 135664]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 135664]
S4 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
-----------------EOF-----------------
Run by kubko at 2011-11-19 19:28:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 10 GB (9%) free of 119 GB
Total RAM: 4095 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:28:51, on 19. 11. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\kubko.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - Startup: Dropbox.lnk = kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10441 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe"
taskeng.exe {16A9E6B7-ACF0-4A0F-8964-68C8DFC989C5}
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Atouch64.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:2420
WLIDSvcM.exe 2500
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000784
\??\C:\Windows\system32\conhost.exe "-8180107-1422938926585805580-3912722432052648820-146102876-17690219411173052109
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7d1ae32b-1948-4fc9-8f18-c04b00df6698 -SystemEventPortName:HostProcess-4b37e5bf-48df-4ef2-8948-3f738e1a2b3c -IoCancelEventPortName:HostProcess-fcc53edd-a264-4894-b36f-c96105de1140 -NonStateChangingEventPortName:HostProcess-c9b9629b-7664-427c-b409-e66ba138771a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e747ba5e-ea2e-44c9-ba9f-430abe0df01c
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\11192011_191239.log
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3456.74724e0.283763988 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.8.0 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 3456 "\\.\pipe\gecko-crash-server-pipe.3456" plugin
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\AUDIODG.EXE 0x7b4
"C:\Users\kubko\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\kubko\AppData\Roaming\Mozilla\Firefox\Profiles\er3vzgei.kubco
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06, support@lastpass.com:1.74.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Aurora\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Aurora\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Aurora\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\kubko\AppData\Roaming\Mozilla\Firefox\Profiles\er3vzgei.kubco\extensions\
support@lastpass.com
{91aa5abe-9de4-4347-b7b5-322c38dd9271}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-11-19 75656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll [2010-06-13 2734688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll [2010-06-13 2734688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
D:\ICQ7\ICQ7.2\ICQ.exe [2011-01-05 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2009-10-22 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^kubko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-05-25 24176560]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"ADSMTray"=C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
"ZoneAlarm Client"=C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [2010-11-16 1043968]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-10-19 258512]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
C:\Users\kubko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\kubko\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 115200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-11-19 18:57:45 ----DC---- C:\_OTM
2011-11-19 16:13:31 ----AC---- C:\TDSSKiller.2.6.19.0_19.11.2011_16.13.31_log.txt
2011-11-19 16:07:22 ----A---- C:\Windows\system32\javaws.exe
2011-11-19 16:07:22 ----A---- C:\Windows\system32\javaw.exe
2011-11-19 16:07:22 ----A---- C:\Windows\system32\java.exe
2011-11-19 16:07:04 ----D---- C:\Program Files\Java
2011-11-19 16:02:37 ----D---- C:\Program Files\Defraggler
2011-11-19 12:43:29 ----D---- C:\Program Files\trend micro
2011-11-19 02:24:49 ----D---- C:\Program Files (x86)\Webteh
2011-11-18 21:18:31 ----DC---- C:\TDSSKiller_Quarantine
2011-11-18 21:14:23 ----AC---- C:\TDSSKiller.2.6.19.0_18.11.2011_21.14.23_log.txt
2011-11-18 11:48:17 ----D---- C:\ProgramData\Blizzard Entertainment
2011-11-17 15:03:43 ----DC---- C:\Download
2011-11-17 12:28:13 ----D---- C:\Users\kubko\AppData\Roaming\Apple Computer
2011-11-17 12:28:01 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2011-11-17 12:28:01 ----A---- C:\Windows\system32\GEARAspi64.dll
2011-11-17 12:28:01 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-11-17 12:27:19 ----D---- C:\Program Files\iPod
2011-11-17 12:27:18 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-11-17 12:27:18 ----D---- C:\Program Files\iTunes
2011-11-17 12:27:18 ----D---- C:\Program Files (x86)\iTunes
2011-11-17 12:26:03 ----D---- C:\Program Files (x86)\Apple Software Update
2011-11-17 11:58:17 ----D---- C:\Program Files (x86)\EphPod
2011-11-16 18:04:46 ----D---- C:\ProgramData\NexonUS
2011-11-16 15:57:27 ----D---- C:\Windows\system32\Macromed
2011-11-16 14:00:13 ----D---- C:\Users\kubko\AppData\Roaming\Evolved
2011-11-16 13:47:58 ----D---- C:\Program Files (x86)\Jane's Advanced Strike Fighters
2011-11-13 11:09:13 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2011-11-13 11:09:13 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2011-11-13 11:09:13 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-11-13 11:09:13 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-11-13 11:09:12 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2011-11-13 11:09:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2011-11-13 11:09:12 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-11-13 11:09:12 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-11-13 11:08:59 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-11-13 11:08:58 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2011-11-13 11:08:58 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-11-13 11:08:57 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2011-11-13 11:08:57 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-11-13 10:39:32 ----D---- C:\Windows\SYSWOW64\directx
2011-11-13 10:35:51 ----D---- C:\Program Files (x86)\theHunter
2011-11-11 19:11:26 ----D---- C:\ProgramData\NFS Underground
2011-11-11 17:03:01 ----D---- C:\Program Files (x86)\EA GAMES
2011-11-10 21:01:57 ----D---- C:\Program Files (x86)\Rockstar Games
2011-11-10 20:31:55 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-11-09 15:30:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-11-09 13:24:20 ----D---- C:\Program Files (x86)\Magical Jelly Bean
2011-11-09 08:29:02 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-09 08:28:58 ----A---- C:\Windows\system32\win32k.sys
2011-11-08 16:52:28 ----D---- C:\Users\kubko\AppData\Roaming\Avira
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-11-08 16:46:39 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-11-08 16:46:36 ----D---- C:\ProgramData\Avira
2011-11-08 16:46:36 ----D---- C:\Program Files (x86)\Avira
2011-11-07 16:26:25 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-11-07 16:26:25 ----A---- C:\Windows\system32\xmllite.dll
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-11-07 16:26:21 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-11-07 16:26:12 ----A---- C:\Windows\system32\shell32.dll
2011-11-07 16:26:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-11-07 16:25:46 ----A---- C:\Windows\system32\tquery.dll
2011-11-07 16:25:46 ----A---- C:\Windows\system32\mssrch.dll
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-11-07 16:25:45 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-11-07 16:25:45 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-11-07 16:25:45 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-11-07 16:25:44 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssvp.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssphtb.dll
2011-11-07 16:25:44 ----A---- C:\Windows\system32\mssph.dll
2011-11-07 16:25:43 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-11-07 16:25:43 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-11-07 16:25:43 ----A---- C:\Windows\system32\msscntrs.dll
2011-11-07 16:25:40 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-11-07 16:25:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\FntCache.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\DWrite.dll
2011-11-07 16:25:40 ----A---- C:\Windows\system32\d2d1.dll
2011-11-07 16:25:37 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-11-07 16:25:37 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-11-07 16:25:35 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-11-07 16:25:35 ----A---- C:\Windows\explorer.exe
2011-11-07 16:25:32 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-11-07 16:25:30 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-11-07 16:25:30 ----A---- C:\Windows\system32\XpsPrint.dll
2011-11-07 16:22:29 ----A---- C:\Windows\system32\esent.dll
2011-11-07 16:22:28 ----A---- C:\Windows\SYSWOW64\esent.dll
2011-11-07 16:22:28 ----A---- C:\Windows\system32\fsutil.exe
2011-11-07 16:22:27 ----A---- C:\Windows\system32\drivers\storport.sys
2011-11-07 16:22:27 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-11-07 16:22:26 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-11-07 16:22:26 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-11-07 16:22:24 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-11-07 16:21:15 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2011-11-07 16:21:15 ----A---- C:\Windows\system32\prevhost.exe
2011-10-31 18:27:59 ----D---- C:\Program Files (x86)\DotAlicious Gaming Client
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-10-31 11:32:07 ----A---- C:\Windows\SYSWOW64\java.exe
======List of files/folders modified in the last 1 month======
2011-11-19 19:28:49 ----D---- C:\Windows\Temp
2011-11-19 19:27:05 ----D---- C:\Windows\Internet Logs
2011-11-19 19:16:22 ----D---- C:\Users\kubko\AppData\Roaming\Dropbox
2011-11-19 19:15:36 ----D---- C:\Windows\system32\config
2011-11-19 19:14:45 ----D---- C:\Windows
2011-11-19 19:13:05 ----D---- C:\Windows\system32\drivers\etc
2011-11-19 19:01:23 ----D---- C:\Windows\Prefetch
2011-11-19 18:58:23 ----SHD---- C:\System Volume Information
2011-11-19 18:57:47 ----D---- C:\Windows\SysWOW64
2011-11-19 16:13:38 ----D---- C:\Windows\system32\drivers
2011-11-19 16:07:47 ----SHD---- C:\Windows\Installer
2011-11-19 16:07:47 ----SHD---- C:\Config.Msi
2011-11-19 16:07:22 ----D---- C:\Windows\System32
2011-11-19 16:07:06 ----A---- C:\Windows\system32\deployJava1.dll
2011-11-19 16:07:04 ----RD---- C:\Program Files
2011-11-19 16:04:43 ----D---- C:\Windows\tracing
2011-11-19 16:01:27 ----D---- C:\Users\kubko\AppData\Roaming\uTorrent
2011-11-19 16:01:25 ----D---- C:\Windows\inf
2011-11-19 11:01:16 ----D---- C:\Windows\winsxs
2011-11-19 10:52:30 ----D---- C:\Nexon
2011-11-19 10:44:35 ----D---- C:\Windows\system32\catroot
2011-11-19 10:41:42 ----D---- C:\Windows\system32\DriverStore
2011-11-19 10:41:38 ----D---- C:\Program Files\Common Files
2011-11-19 10:40:35 ----RD---- C:\Program Files (x86)
2011-11-19 02:17:22 ----D---- C:\Windows\SYSWOW64\drivers
2011-11-19 02:14:32 ----D---- C:\Users\kubko\AppData\Roaming\BSplayer
2011-11-18 20:58:39 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-18 18:49:57 ----D---- C:\Users\kubko\AppData\Roaming\ICQ
2011-11-18 11:48:17 ----HD---- C:\ProgramData
2011-11-18 11:43:22 ----D---- C:\Program Files (x86)\Google
2011-11-18 10:59:54 ----D---- C:\Users\kubko\AppData\Roaming\DAEMON Tools Lite
2011-11-18 10:59:47 ----D---- C:\Windows\Logs
2011-11-18 10:59:47 ----D---- C:\Windows\debug
2011-11-17 16:37:54 ----D---- C:\ProgramData\NexonEU
2011-11-17 16:34:48 ----D---- C:\Program Files (x86)\BandiMPEG1
2011-11-17 15:03:28 ----A---- C:\Windows\SYSWOW64\nxEuUninstall.bat
2011-11-17 15:03:27 ----A---- C:\Windows\NEXON_EU_DownloaderUpdater.exe
2011-11-17 13:58:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-17 12:28:00 ----DC---- C:\Windows\system32\DRVSTORE
2011-11-17 12:27:18 ----D---- C:\ProgramData\Apple Computer
2011-11-17 12:25:58 ----D---- C:\Windows\system32\Tasks
2011-11-17 12:25:32 ----D---- C:\ProgramData\Apple
2011-11-16 18:21:08 ----D---- C:\ProgramData\PMB Files
2011-11-15 22:39:31 ----D---- C:\Windows\system32\NDF
2011-11-13 11:10:18 ----D---- C:\Program Files (x86)\Aurora
2011-11-13 11:08:50 ----D---- C:\Windows\system32\catroot2
2011-11-13 09:43:48 ----D---- C:\Program Files\Common Files\System
2011-11-13 09:27:49 ----D---- C:\ProgramData\Microsoft Help
2011-11-13 09:26:10 ----RSD---- C:\Windows\assembly
2011-11-13 09:18:54 ----A---- C:\Windows\system32\MRT.exe
2011-11-12 21:37:36 ----D---- C:\Users\kubko\AppData\Roaming\Skype
2011-11-10 21:02:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-11-09 15:35:38 ----D---- C:\Program Files (x86)\MSBuild
2011-11-09 15:34:06 ----SD---- C:\ProgramData\Microsoft
2011-11-09 08:30:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-11-08 21:40:14 ----D---- C:\Windows\Microsoft.NET
2011-11-08 15:36:10 ----D---- C:\Windows\pss
2011-11-08 15:34:07 ----A---- C:\Windows\system32\acovcnt.exe
2011-11-07 16:56:42 ----RSD---- C:\Windows\Fonts
2011-11-07 16:56:39 ----D---- C:\Windows\AppPatch
2011-11-07 16:56:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-11-07 16:56:37 ----D---- C:\Windows\system32\cs-CZ
2011-10-31 11:31:47 ----D---- C:\Program Files (x86)\Java
2011-10-23 10:39:50 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-10-22 35384]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-06-15 229408]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-10 530488]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2010-06-15 593952]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-06-15 711712]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-10-19 130760]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-10-19 27760]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 458840]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-10-19 97312]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2010-06-15 81952]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-06-26 6036480]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-08-31 25416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_amd64.sys [2009-05-18 343592]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-06-05 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 aud41dry;aud41dry; C:\Windows\system32\drivers\aud41dry.sys []
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 7168]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-06-03 33344]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2010-04-29 32768]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2008-03-06 599320]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-06-25 203264]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-19 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-19 86224]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-07-10 128224]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2008-03-06 495936]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2010-11-16 2435592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-11-13 934760]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-11-05 419624]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1255736]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 135664]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 135664]
S4 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
-----------------EOF-----------------
Asus N55SF-SX384/procesor: Intel® Core™ i5-2430M (2.4GHz, 3MB)/grafika: NVIDIA® GeForce® GT 555M DDR3 2GB VRAM/systémová pameť: 8GB (2x4GB) DDR3 1333
Přispějete na provoz fóra?