Ahoj,
už nějakou dobu bylo PC značně zpomalené, ale nějak zvlášť jsem to neřešil. Od včerejška se mi několikrát totálně vyplo bez jakéhokoliv varování. Prosím tedy o kontrolu logu.
Díky.
Logfile of random's system information tool 1.09 (written by random/random)
Run by radek at 2012-04-10 15:36:28
Microsoft® Windows Vista™ Ultimate
System drive C: has 2 GB (2%) free of 153 GB
Total RAM: 2046 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:36:40, on 10.4.2012
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\ESET\UpdateReminder.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Switcher\Switcher.exe
C:\Programs\Desktops\Desktops.exe
C:\Windows\System32\rundll32.exe
C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHAE.EXE
C:\Users\radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\radek\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\wuauclt.exe
C:\Downloads\RSIT.exe
C:\Program Files\trend micro\radek.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.*;127.0.0.1:9421;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Windows\WebIE.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocnik pro prihlaseni ke sluzbe Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Windows\WebIE.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe
O4 - HKLM\..\Run: [mumservice] C:\Program Files\Motorola\Software Update\mumservice.exe
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Switcher] "C:\Program Files\Switcher\Switcher.exe" /quiet
O4 - HKCU\..\Run: [Sysinternals Desktops] C:\Programs\Desktops\Desktops.exe
O4 - HKCU\..\Run: [appHelpInterval] rundll32.exe "C:\Users\radek\AppData\Local\EapEventserv\appHelpInterval.dll",appobjUI AsyncUser80
O4 - HKCU\..\Run: [Google Update] "C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP Infium\infium.exe" /autorun /autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [EPSONE7E783 (Epson Stylus SX430)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\radek\AppData\Local\Temp\E_SB8A1.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [RegistryWm] C:\Windows\system32\config\systemprofile\AppData\Roaming\qtwm.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RegistryWm] C:\Windows\system32\config\systemprofile\AppData\Roaming\qtwm.exe (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Startup: Dropbox.lnk = C:\Users\radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Windows\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit prekladac - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovnik - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Prelozit &oznaceny text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Prelozit &stranku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Windows\WebIE.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.vexcast.com/download/vexcast.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MSI\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Sluzba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Sluzba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: wampapache - Apache Software Foundation - c:\programs\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\programs\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
--
End of file - 13934 bytes
======Scheduled tasks folder======
C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-375337239-1711731820-815350120-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-375337239-1711731820-815350120-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\radek\AppData\Roaming\Mozilla\Firefox\Profiles\pvfdkeei.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:blank"
prefs.js - "extensions.enabledItems" - "{ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.96, {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:1.4, {e496ecc2-92a4-48d0-a1d3-753875a6846d}:2.1.22, jsobrier@zscaler.com:1.5, {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.7, {258735dc-6743-4805-95fc-f95941fffdad}:1.3.6, {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.0.2, {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2, firefox@ghostery.com:2.5.3, {582195F5-92E7-40a0-A127-DB71295901D7}:0.6.4.1, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.6, {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6, {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03, {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05, {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.6.12, moveplayer@movenetworks.com:1.0.0.%(version)s, maps@ovi.com:5.2.7.0, {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.3, xmpp4moz@hyperstruct.net:0.7.2.2010020221, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Program Files\Real\RealPlayer\browserrecord
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.228 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa2,version=2.0.0]
"Description"=Picasa2 plugin
"Path"=C:\Program Files\Picasa2\npPicasa2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Picasa2\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@movenetworks.com/Quantum Media Player]
"Description"=npmnqmp
"Path"=C:\Users\radek\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0]
"Description"=Rhapsody Control
"Path"=C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.16]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll
C:\Program Files\Mozilla Firefox\extensions\
adapter@babylontc.com
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
AskHPRFF.js
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIMediaPlugin.xpt
nsJSRealPlayerPlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppl3260.dll
nppstart.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
NPTURNMED.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
quiz.txt
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\radek\AppData\Roaming\Mozilla\Firefox\Profiles\pvfdkeei.default\extensions\
firefox@ghostery.com
jsobrier@zscaler.com
maps@ovi.com
xmpp4moz@hyperstruct.net
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
{1de0de3c-0b5c-4f67-90c6-689623894991}
{258735dc-6743-4805-95fc-f95941fffdad}
{37E4D8EA-8BDA-4831-8EA1-89053939A250}
{582195F5-92E7-40a0-A127-DB71295901D7}
{61ED2A9A-39EB-4AAF-BD14-06DFBE8880C3}
{77b819fa-95ad-4f2c-ac7c-486b356188a9}
{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
{ca0849e8-2c76-42ae-9abe-34e14d337acf}
{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
{e496ecc2-92a4-48d0-a1d3-753875a6846d}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
C:\Users\radek\AppData\Roaming\Mozilla\Firefox\Profiles\pvfdkeei.default\searchplugins\
hyperwords.xml
slovnk-encz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07A11D74-9D25-4fea-A833-8B0D76A5577A}]
CmjBrowserHelperObject Object - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll [2007-05-18 71184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Windows\WebIE.dll [2007-11-19 491520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-05-20 308856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-05 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}]
Babylon IE plugin - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [2011-06-20 242288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-05 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2007-05-16 191096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files\Hotspot Shield\hssie\HssIE.dll [2009-09-14 218160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Windows\WebIE.dll [2007-11-19 491520]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2007-11-16 949376]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-05-20 185896]
"UpdateReminder"=C:\Program Files\Eset\UpdateReminder.exe [2011-07-18 462848]
"mumservice"=C:\Program Files\Motorola\Software Update\mumservice.exe [2011-06-03 1066304]
"EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-10 1232896]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-11-17 171464]
"Switcher"=C:\Program Files\Switcher\Switcher.exe [2007-10-28 425984]
"Sysinternals Desktops"=C:\Programs\Desktops\Desktops.exe [2008-08-21 118824]
"appHelpInterval"=C:\Users\radek\AppData\Local\EapEventserv\appHelpInterval.dll [2010-10-28 81920]
"Google Update"=C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-26 136176]
"Infium"=C:\Program Files\QIP Infium\infium.exe [2009-03-25 5245440]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]
"EPSONE7E783 (Epson Stylus SX430)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [2012-03-02 212480]
C:\Users\radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled
Dropbox.lnk - C:\Users\radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-11-16 233888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\uusee\UUSeePlayer.exe"="C:\Program Files\uusee\UUSeePlayer.exe:*:Enabled:UUSEE"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.ACDV"=ACDV.dll
"msacm.msaudio1"=msaud32.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.mjpg"=pvmjpg30.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.sl_anet"=sl_anet.acm
======File associations======
.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-04-10 15:36:28 ----D---- C:\rsit
2012-04-10 09:15:56 ----D---- C:\Users\radek\AppData\Roaming\vlc
2012-04-09 16:29:07 ----ASH---- C:\Windows\system32\dds_trash_log.cmd
2012-04-09 16:27:51 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-04-05 14:34:36 ----A---- C:\Windows\system32\javaws.exe
2012-04-05 14:34:36 ----A---- C:\Windows\system32\javaw.exe
2012-04-05 14:34:36 ----A---- C:\Windows\system32\java.exe
2012-03-29 13:56:40 ----D---- C:\Users\radek\AppData\Roaming\pdfforge
2012-03-29 13:56:34 ----A---- C:\Windows\system32\MSMPIDE.DLL
2012-03-28 22:57:43 ----D---- C:\Program Files\Babylon
2012-03-28 22:57:22 ----D---- C:\Users\radek\AppData\Roaming\Babylon
2012-03-28 22:57:22 ----D---- C:\ProgramData\Babylon
2012-03-28 22:57:17 ----D---- C:\Program Files\Pdf Editor
2012-03-28 22:57:10 ----A---- C:\Windows\unins000.exe
2012-03-28 22:57:10 ----A---- C:\Windows\unins000.dat
2012-03-28 22:56:23 ----D---- C:\Program Files\AVI to MP4 Converter
2012-03-22 21:12:12 ----A---- C:\Windows\system32\GPhotos.scr
2012-03-22 11:08:32 ----A---- C:\Windows\system32\pdfcmon.dll
======List of files/folders modified in the last 1 month======
2012-04-10 15:36:40 ----D---- C:\Program Files\Trend Micro
2012-04-10 15:36:31 ----D---- C:\Windows\TEMP
2012-04-10 15:36:19 ----D---- C:\Downloads
2012-04-10 15:29:48 ----D---- C:\Windows\system32\FxsTmp
2012-04-10 15:29:19 ----D---- C:\Users\radek\AppData\Roaming\Dropbox
2012-04-10 15:28:58 ----D---- C:\Users\radek\AppData\Roaming\Skype
2012-04-10 15:28:52 ----D---- C:\Windows\Prefetch
2012-04-10 15:27:44 ----D---- C:\Program Files\Common Files\Akamai
2012-04-10 15:26:39 ----D---- C:\Windows\system32\drivers
2012-04-10 15:20:35 ----AD---- C:\ProgramData\TEMP
2012-04-10 15:04:30 ----D---- C:\CAAF
2012-04-10 10:43:29 ----D---- C:\Program Files\Common Files\AVSMedia
2012-04-10 10:43:27 ----D---- C:\Program Files\AVS4YOU
2012-04-10 10:42:56 ----SHD---- C:\System Volume Information
2012-04-10 10:34:43 ----RD---- C:\Program Files
2012-04-10 10:16:33 ----D---- C:\Windows\inf
2012-04-10 09:15:24 ----D---- C:\Windows\system32\catroot2
2012-04-10 00:49:49 ----D---- C:\Windows\System32
2012-04-10 00:43:46 ----D---- C:\Programs
2012-04-10 00:33:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-10 00:29:28 ----SHD---- C:\Windows\Installer
2012-04-10 00:29:18 ----D---- C:\Users\radek\AppData\Roaming\Mozilla
2012-04-09 21:31:48 ----D---- C:\Users\radek\AppData\Roaming\Azureus
2012-04-09 19:30:03 ----D---- C:\Music
2012-04-09 18:26:05 ----HD---- C:\ProgramData
2012-04-09 18:21:51 ----D---- C:\!tisk
2012-04-09 17:39:24 ----D---- C:\Panthers
2012-04-09 17:00:25 ----D---- C:\Program Files\RapidShareManager
2012-04-09 16:27:56 ----D---- C:\Windows\system32\Tasks
2012-04-09 16:27:55 ----D---- C:\Windows\Tasks
2012-04-09 16:27:47 ----D---- C:\Program Files\Mozilla Firefox
2012-04-09 16:27:40 ----AD---- C:\Windows
2012-04-09 16:04:48 ----D---- C:\Windows\winsxs
2012-04-08 19:16:41 ----D---- C:\Program Files\ffdshow
2012-04-08 19:04:05 ----D---- C:\Other
2012-04-06 13:13:13 ----D---- C:\Program Files\Picasa2
2012-04-06 12:40:30 ----D---- C:\Users\radek\AppData\Roaming\FileZilla
2012-04-06 11:24:15 ----D---- C:\IMEX
2012-04-05 14:35:10 ----D---- C:\Program Files\Common Files\Java
2012-04-05 14:34:19 ----A---- C:\Windows\system32\deployJava1.dll
2012-04-05 14:34:08 ----D---- C:\Program Files\Java
2012-04-05 01:12:56 ----D---- C:\TASFB
2012-04-04 10:23:54 ----D---- C:\TASFBC
2012-03-29 13:56:49 ----D---- C:\Program Files\PDFCreator
2012-03-24 00:07:12 ----D---- C:\Football
2012-03-23 13:09:36 ----D---- C:\IES
2012-03-19 19:51:00 ----D---- C:\Users\radek\AppData\Roaming\Epson
2012-03-19 16:20:22 ----RD---- C:\Program Files\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2006-11-02 121960]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-02-23 43872]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2007-11-18 685816]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 nod32drv;nod32drv; C:\Windows\system32\drivers\nod32drv.sys [2007-11-16 15424]
R2 AMON;AMON; C:\Windows\system32\drivers\amon.sys [2007-11-16 512096]
R2 RMCAST;Ovladač protokolu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2008-05-10 113664]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-04 3847168]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-04-29 19456]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-05-01 160768]
R3 HssDrv;Hotspot Shield Helper Miniport; C:\Windows\system32\DRIVERS\HssDrv.sys [2009-09-15 37376]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NETw4v32;Ovladaи adaptйru Intel(R) Wireless WiFi Link pro systйm Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2007-11-18 10368]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-03-28 42496]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-09-25 27632]
R3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2009-09-15 32768]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S2 TimerStop;TimerStop; \??\C:\Windows\system32\timerstop.sys [2007-01-27 3584]
S3 AF15BDA;AF9015 BDA Filter; C:\Windows\System32\Drivers\AF15BDA.sys [2006-09-28 283776]
S3 aj8gilkx;aj8gilkx; C:\Windows\system32\drivers\aj8gilkx.sys []
S3 BTCFilterService;USB Networking Driver Filter Service; C:\Windows\system32\DRIVERS\motfilt.sys [2009-01-29 6016]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-09-25 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-09-25 25512]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-11-30 25280]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 motccgp;Motorola USB Composite Device Driver; C:\Windows\system32\DRIVERS\motccgp.sys [2011-04-04 20480]
S3 motccgpfl;MotCcgpFlService; C:\Windows\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320]
S3 MotDev;Motorola Inc. USB Device; C:\Windows\system32\DRIVERS\motodrv.sys [2009-05-08 42752]
S3 motmodem;Motorola USB CDC ACM Driver; C:\Windows\system32\DRIVERS\motmodem.sys [2011-03-31 24064]
S3 MotoSwitchService;MotoSwitch Service; C:\Windows\system32\DRIVERS\motswch.sys [2007-11-02 6400]
S3 Motousbnet;Motorola USB Networking Driver Service; C:\Windows\system32\DRIVERS\Motousbnet.sys [2010-04-01 23424]
S3 motusbdevice;Motorola USB Dev Driver; C:\Windows\system32\DRIVERS\motusbdevice.sys [2011-02-07 11008]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2007-01-25 42000]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-07-22 28592]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2006-11-02 71552]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2006-11-02 16896]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2006-11-02 19968]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-04 692224]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 HssSrv;Hotspot Shield Routing Service; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2009-09-15 331824]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MotoHelper;MotoHelper Service; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [2011-04-26 223088]
R2 nipsvc;Mqdmmdm; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2007-11-16 552064]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-30 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-01-31 158856]
S2 vvdsvc;VJVodClientServices; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 253600]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MSI\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-03-10 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-30 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2009-09-15 57640]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-01-25 93048]
S3 wampapache;wampapache; c:\programs\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; c:\programs\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu - vypínání PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu - vypínání PC
Posílám log a soubory dle instrukcí. Zabalené logy z obou programů jsou v jednom archivu, fórum mi nedovolí uploadovat více než jeden soubor.
Kód: Vybrat vše
MBRScan v1.1.1
OS : Windows Vista (32 bit)
PROCESSOR : x86 Family 6 Model 15 Stepping 10, GenuineIntel
BOOT : Normal Boot
DATE : 2012/04/10 (ISO 8601) at 16:11:58
________________________________________________________________________________
DISK : Device\Harddisk0\DR0 __WDC WD1600BEVS-07RST0 (04.01G04)
BUS_TYPE : (0x03) P-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
Device\Harddisk0\DR0 149.1 Go [Fixed] ==> Vista MBR Code .
MBR_MD5 : 5C8EEE858A9CADDA6F54E27BF23BBB37
MBR_SHA1 : ADA2DAF1D053AC85BB6E98043B74392F0F45FED3
Device\Harddisk0\Partition1 149.0 Go 0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________
############################### Additional scan ################################
DRIVER : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the disk
ADDRESS : 0x89469000
SIZE : 44.0 Ko
DRIVER : C:\Windows\System32\Drivers\dump_msahci.sys => Invisible on the disk
ADDRESS : 0x8ABC1000
SIZE : 36.0 Ko
SystemStartOptions : /NOEXECUTE=OPTIN
________________________________________________________________________________
_______MBR \Device\Harddisk0\DR0
0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿.
0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹..
0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 10 01 83 C5 10 ½¾..~..|......Å.
0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF..
0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu.
0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t
0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h.
0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ.
0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..ë.¸..».|.V.
0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1E FE .v..N..n.Í.fas.þ
0x000000A0 4E 11 0F 85 0C 00 80 7E 00 80 0F 84 8A 00 B2 80 N......~......².
0x000000B0 EB 82 55 32 E4 8A 56 00 CD 13 5D EB 9C 81 3E FE ë.U2ä.V.Í.]ë..>þ
0x000000C0 7D 55 AA 75 6E FF 76 00 E8 8A 00 0F 85 15 00 B0 }Uªun.v.è......°
0x000000D0 D1 E6 64 E8 7F 00 B0 DF E6 60 E8 78 00 B0 FF E6 Ñædè..°ßæ`èx.°.æ
0x000000E0 64 E8 71 00 B8 00 BB CD 1A 66 23 C0 75 3B 66 81 dèq.¸.»Í.f#Àu;f.
0x000000F0 FB 54 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 ûTCPAu2.ù..r,fh.
0x00000100 BB 00 00 66 68 00 02 00 00 66 68 08 00 00 00 66 »..fh....fh....f
0x00000110 53 66 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 SfSfUfh....fh.|.
0x00000120 00 66 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 .fah...Í.Z2öê.|.
0x00000130 00 CD 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 .Í..·.ë..¶.ë..µ.
0x00000140 32 E4 05 00 07 8B F0 AC 3C 00 74 FC BB 07 00 B4 2ä....ð¬<.tü»..´
0x00000150 0E CD 10 EB F2 2B C9 E4 64 EB 00 24 02 E0 F8 24 .Í.ëò+Éädë.$.àø$
0x00000160 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 74 .ÃInvalid partit
0x00000170 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 20 ion table.Error
0x00000180 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 6E loading operatin
0x00000190 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E 67 g system.Missing
0x000001A0 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 65 operating syste
0x000001B0 6D 00 00 00 00 62 7A 99 A3 2D E3 12 00 00 80 20 m....bz.£-ã....
0x000001C0 21 00 07 FE FF FF 00 08 00 00 00 88 A1 12 00 00 !..þ........¡...
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
__________________________16_BIT_ASM_CODE
0x0000 33c0 XOR AX, AX
0x0002 8ed0 MOV SS, AX
0x0004 bc 007c MOV SP, 0x7c00
0x0007 8ec0 MOV ES, AX
0x0009 8ed8 MOV DS, AX
0x000B be 007c MOV SI, 0x7c00
0x000E bf 0006 MOV DI, 0x600
0x0011 b9 0002 MOV CX, 0x200
0x0014 fc CLD
0x0015 f3 a4 REP MOVSB
0x0017 50 PUSH AX
0x0018 68 1c06 PUSH 0x61c
0x001B cb RETF
0x001C fb STI
0x001D b9 0400 MOV CX, 0x4
0x0020 bd be07 MOV BP, 0x7be
0x0023 807e 00 00 CMP BYTE [BP+0x0], 0x0
0x0027 7c 0b JL 0x34
0x0029 0f85 1001 JNZ 0x13d
0x002D 83c5 10 ADD BP, 0x10
0x0030 e2 f1 LOOP 0x23
0x0032 cd 18 INT 0x18
0x0034 8856 00 MOV [BP+0x0], DL
0x0037 55 PUSH BP
0x0038 c646 11 05 MOV BYTE [BP+0x11], 0x5
0x003C c646 10 00 MOV BYTE [BP+0x10], 0x0
0x0040 b4 41 MOV AH, 0x41
0x0042 bb aa55 MOV BX, 0x55aa
0x0045 cd 13 INT 0x13
0x0047 5d POP BP
0x0048 72 0f JB 0x59
0x004A 81fb 55aa CMP BX, 0xaa55
0x004E 75 09 JNZ 0x59
0x0050 f7c1 0100 TEST CX, 0x1
0x0054 74 03 JZ 0x59
0x0056 fe46 10 INC BYTE [BP+0x10]
0x0059 66 60 PUSHAD
0x005B 807e 10 00 CMP BYTE [BP+0x10], 0x0
0x005F 74 26 JZ 0x87
0x0061 66 68 00000000 PUSH 0x0
0x0067 66 ff76 08 PUSH DWORD [BP+0x8]
0x006B 68 0000 PUSH 0x0
0x006E 68 007c PUSH 0x7c00
0x0071 68 0100 PUSH 0x1
0x0074 68 1000 PUSH 0x10
0x0077 b4 42 MOV AH, 0x42
0x0079 8a56 00 MOV DL, [BP+0x0]
0x007C 8bf4 MOV SI, SP
0x007E cd 13 INT 0x13
0x0080 9f LAHF
0x0081 83c4 10 ADD SP, 0x10
0x0084 9e SAHF
0x0085 eb 14 JMP 0x9b
0x0087 b8 0102 MOV AX, 0x201
0x008A bb 007c MOV BX, 0x7c00
0x008D 8a56 00 MOV DL, [BP+0x0]
0x0090 8a76 01 MOV DH, [BP+0x1]
0x0093 8a4e 02 MOV CL, [BP+0x2]
0x0096 8a6e 03 MOV CH, [BP+0x3]
0x0099 cd 13 INT 0x13
0x009B 66 61 POPAD
0x009D 73 1e JAE 0xbd
0x009F fe4e 11 DEC BYTE [BP+0x11]
0x00A2 0f85 0c00 JNZ 0xb2
0x00A6 807e 00 80 CMP BYTE [BP+0x0], 0x80
0x00AA 0f84 8a00 JZ 0x138
0x00AE b2 80 MOV DL, 0x80
0x00B0 eb 82 JMP 0x34
0x00B2 55 PUSH BP
0x00B3 32e4 XOR AH, AH
0x00B5 8a56 00 MOV DL, [BP+0x0]
0x00B8 cd 13 INT 0x13
0x00BA 5d POP BP
0x00BB eb 9c JMP 0x59
0x00BD 813e fe7d 55aa CMP WORD [0x7dfe], 0xaa55
0x00C3 75 6e JNZ 0x133
0x00C5 ff76 00 PUSH WORD [BP+0x0]
0x00C8 e8 8a00 CALL 0x155
0x00CB 0f85 1500 JNZ 0xe4
0x00CF b0 d1 MOV AL, 0xd1
0x00D1 e6 64 OUT 0x64, AL
0x00D3 e8 7f00 CALL 0x155
0x00D6 b0 df MOV AL, 0xdf
0x00D8 e6 60 OUT 0x60, AL
0x00DA e8 7800 CALL 0x155
0x00DD b0 ff MOV AL, 0xff
0x00DF e6 64 OUT 0x64, AL
0x00E1 e8 7100 CALL 0x155
0x00E4 b8 00bb MOV AX, 0xbb00
0x00E7 cd 1a INT 0x1a
0x00E9 66 23c0 AND EAX, EAX
0x00EC 75 3b JNZ 0x129
0x00EE 66 81fb 54435041CMP EBX, 0x41504354
0x00F5 75 32 JNZ 0x129
0x00F7 81f9 0201 CMP CX, 0x102
0x00FB 72 2c JB 0x129
0x00FD 66 68 07bb0000 PUSH 0xbb07
0x0103 66 68 00020000 PUSH 0x200
0x0109 66 68 08000000 PUSH 0x8
0x010F 66 53 PUSH EBX
0x0111 66 53 PUSH EBX
0x0113 66 55 PUSH EBP
0x0115 66 68 00000000 PUSH 0x0
0x011B 66 68 007c0000 PUSH 0x7c00
0x0121 66 61 POPAD
0x0123 68 0000 PUSH 0x0
0x0126 07 POP ES
0x0127 cd 1a INT 0x1a
0x0129 5a POP DX
0x012A 32f6 XOR DH, DH
0x012C ea 007c 0000 JMP FAR 0x0:0x7c00
0x0131 cd 18 INT 0x18
0x0133 a0 b707 MOV AL, [0x7b7]
0x0136 eb 08 JMP 0x140
0x0138 a0 b607 MOV AL, [0x7b6]
0x013B eb 03 JMP 0x140
0x013D a0 b507 MOV AL, [0x7b5]
0x0140 32e4 XOR AH, AH
0x0142 05 0007 ADD AX, 0x700
0x0145 8bf0 MOV SI, AX
0x0147 ac LODSB
0x0148 3c 00 CMP AL, 0x0
0x014A 74 fc JZ 0x148
0x014C bb 0700 MOV BX, 0x7
0x014F b4 0e MOV AH, 0xe
0x0151 cd 10 INT 0x10
0x0153 eb f2 JMP 0x147
0x0155 2bc9 SUB CX, CX
0x0157 e4 64 IN AL, 0x64
0x0159 eb 00 JMP 0x15b
0x015B 24 02 AND AL, 0x2
0x015D e0 f8 LOOPNZ 0x157
0x015F 24 02 AND AL, 0x2
0x0161 c3 RET
0x0162 49 DEC CX
0x0163 6e OUTSB
0x0164 76 61 JBE 0x1c7
0x0166 6c INSB
0x0167 6964 20 7061 IMUL SP, [SI+0x20], 0x6170
0x016C 72 74 JB 0x1e2
0x016E 6974 69 6f6e IMUL SI, [SI+0x69], 0x6e6f
0x0173 2074 61 AND [SI+0x61], DH
0x0176 626c 65 BOUND BP, [SI+0x65]
0x0179 0045 72 ADD [DI+0x72], AL
0x017C 72 6f JB 0x1ed
0x017E 72 20 JB 0x1a0
0x0180 6c INSB
0x0181 6f OUTSW
0x0182 61 POPA
0x0183 64 696e 67 206f IMUL BP, FS:[BP+0x67], 0x6f20
0x0189 70 65 JO 0x1f0
0x018B 72 61 JB 0x1ee
0x018D 74 69 JZ 0x1f8
0x018F 6e OUTSB
0x0190 67 2073 79 AND [EBX+0x79], DH
0x0194 73 74 JAE 0x20a
0x0196 65 6d INS WORD GS:[DI], DX
0x0198 004d 69 ADD [DI+0x69], CL
0x019B 73 73 JAE 0x210
0x019D 696e 67 206f IMUL BP, [BP+0x67], 0x6f20
0x01A2 70 65 JO 0x209
0x01A4 72 61 JB 0x207
0x01A6 74 69 JZ 0x211
0x01A8 6e OUTSB
0x01A9 67 2073 79 AND [EBX+0x79], DH
0x01AD 73 74 JAE 0x223
0x01AF 65 6d INS WORD GS:[DI], DX
0x01B1 0000 ADD [BX+SI], AL
0x01B3 0000 ADD [BX+SI], AL
0x01B5 627a 99 BOUND DI, [BP+SI-0x67]
0x01B8 a3 2de3 MOV [0xe32d], AX
0x01BB 1200 ADC AL, [BX+SI]
0x01BD 0080 2021 ADD [BX+SI+0x2120], AL
0x01C1 0007 ADD [BX], AL
0x01C3 fe DB 0xfe
0x01C4 ff DB 0xff
0x01C5 ff00 INC WORD [BX+SI]
0x01C7 0800 OR [BX+SI], AL
0x01C9 0000 ADD [BX+SI], AL
0x01CB 88a1 1200 MOV [BX+DI+0x12], AH
0x01CF 0000 ADD [BX+SI], AL
0x01D1 0000 ADD [BX+SI], AL
0x01D3 0000 ADD [BX+SI], AL
0x01D5 0000 ADD [BX+SI], AL
0x01D7 0000 ADD [BX+SI], AL
0x01D9 0000 ADD [BX+SI], AL
0x01DB 0000 ADD [BX+SI], AL
0x01DD 0000 ADD [BX+SI], AL
0x01DF 0000 ADD [BX+SI], AL
0x01E1 0000 ADD [BX+SI], AL
0x01E3 0000 ADD [BX+SI], AL
0x01E5 0000 ADD [BX+SI], AL
0x01E7 0000 ADD [BX+SI], AL
0x01E9 0000 ADD [BX+SI], AL
0x01EB 0000 ADD [BX+SI], AL
0x01ED 0000 ADD [BX+SI], AL
0x01EF 0000 ADD [BX+SI], AL
0x01F1 0000 ADD [BX+SI], AL
0x01F3 0000 ADD [BX+SI], AL
0x01F5 0000 ADD [BX+SI], AL
0x01F7 0000 ADD [BX+SI], AL
0x01F9 0000 ADD [BX+SI], AL
0x01FB 0000 ADD [BX+SI], AL
0x01FD 0055 aa ADD [DI-0x56], DL
- Přílohy
-
- Logy.rar
- (189.56 KiB) Staženo 43 x
Re: Prosím o kontrolu logu - vypínání PC
S Matlabem si poslední dva měsíce intenzivně hraju, je to vpohodě, ale nedá se říct, že by mě to nějak extrémně bavilo 
Log:
Log:
Kód: Vybrat vše
16:16:06.0265 1908 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
16:16:06.0518 1908 ============================================================
16:16:06.0518 1908 Current date / time: 2012/04/11 16:16:06.0518
16:16:06.0518 1908 SystemInfo:
16:16:06.0518 1908
16:16:06.0519 1908 OS Version: 6.0.6000 ServicePack: 0.0
16:16:06.0519 1908 Product type: Workstation
16:16:06.0519 1908 ComputerName: SALAT-V5545
16:16:06.0519 1908 UserName: radek
16:16:06.0519 1908 Windows directory: C:\Windows
16:16:06.0519 1908 System windows directory: C:\Windows
16:16:06.0519 1908 Processor architecture: Intel x86
16:16:06.0519 1908 Number of processors: 2
16:16:06.0519 1908 Page size: 0x1000
16:16:06.0519 1908 Boot type: Normal boot
16:16:06.0519 1908 ============================================================
16:16:10.0221 1908 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:16:10.0233 1908 \Device\Harddisk0\DR0:
16:16:10.0234 1908 MBR used
16:16:10.0234 1908 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
16:16:10.0291 1908 Initialize success
16:16:10.0291 1908 ============================================================
16:16:41.0731 5232 ============================================================
16:16:41.0731 5232 Scan started
16:16:41.0731 5232 Mode: Manual; SigCheck; TDLFS;
16:16:41.0731 5232 ============================================================
16:16:46.0015 5232 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
16:16:46.0319 5232 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
16:16:46.0493 5232 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
16:16:46.0529 5232 ACPI - ok
16:16:46.0613 5232 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:16:46.0625 5232 AdobeFlashPlayerUpdateSvc - ok
16:16:46.0704 5232 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
16:16:46.0749 5232 adp94xx - ok
16:16:46.0819 5232 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
16:16:46.0839 5232 adpahci - ok
16:16:46.0869 5232 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
16:16:46.0881 5232 adpu160m - ok
16:16:46.0908 5232 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
16:16:46.0922 5232 adpu320 - ok
16:16:46.0972 5232 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
16:16:47.0374 5232 AeLookupSvc - ok
16:16:47.0585 5232 AF15BDA (639a9c2dab390769be8fa23854435876) C:\Windows\system32\Drivers\AF15BDA.sys
16:16:47.0711 5232 AF15BDA - ok
16:16:47.0783 5232 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\Windows\system32\drivers\Afc.sys
16:16:47.0809 5232 Afc ( UnsignedFile.Multi.Generic ) - warning
16:16:47.0809 5232 Afc - detected UnsignedFile.Multi.Generic (1)
16:16:47.0873 5232 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
16:16:47.0951 5232 AFD - ok
16:16:47.0996 5232 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
16:16:48.0007 5232 agp440 - ok
16:16:48.0049 5232 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
16:16:48.0060 5232 aic78xx - ok
16:16:48.0259 5232 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common files\akamai/netsession_win_6c825ce.dll
16:16:48.0260 5232 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7
16:16:48.0270 5232 Akamai ( HiddenFile.Multi.Generic ) - warning
16:16:48.0270 5232 Akamai - detected HiddenFile.Multi.Generic (1)
16:16:48.0440 5232 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
16:16:48.0482 5232 ALG - ok
16:16:48.0540 5232 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
16:16:48.0550 5232 aliide - ok
16:16:48.0636 5232 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
16:16:48.0648 5232 amdagp - ok
16:16:48.0664 5232 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
16:16:48.0675 5232 amdide - ok
16:16:48.0711 5232 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
16:16:48.0772 5232 AmdK7 - ok
16:16:48.0796 5232 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
16:16:48.0856 5232 AmdK8 - ok
16:16:48.0917 5232 AMON (687c3f2e78aeb209ade1cc265a2560bb) C:\Windows\system32\drivers\amon.sys
16:16:48.0961 5232 AMON - ok
16:16:49.0013 5232 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
16:16:49.0078 5232 Appinfo - ok
16:16:49.0232 5232 Apple Mobile Device (a8aa9d47f971570a5162b862b80f87e8) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
16:16:49.0269 5232 Apple Mobile Device - ok
16:16:49.0539 5232 AppMgmt (051e86735b71e8402aebc1d662f26ba2) C:\Windows\System32\appmgmts.dll
16:16:49.0617 5232 AppMgmt - ok
16:16:49.0693 5232 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
16:16:49.0705 5232 arc - ok
16:16:49.0786 5232 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
16:16:49.0797 5232 arcsas - ok
16:16:49.0848 5232 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
16:16:49.0905 5232 AsyncMac - ok
16:16:49.0952 5232 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
16:16:49.0960 5232 atapi - ok
16:16:50.0033 5232 Ati External Event Utility (4604db6d5eca6362873cc3a76d2204ba) C:\Windows\system32\Ati2evxx.exe
16:16:50.0134 5232 Ati External Event Utility - ok
16:16:50.0305 5232 atikmdag (47dcf5d78c395159d72c65c25129fc44) C:\Windows\system32\DRIVERS\atikmdag.sys
16:16:50.0604 5232 atikmdag - ok
16:16:50.0800 5232 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
16:16:50.0891 5232 AudioEndpointBuilder - ok
16:16:50.0932 5232 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
16:16:50.0976 5232 Audiosrv - ok
16:16:51.0047 5232 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
16:16:51.0117 5232 Beep - ok
16:16:51.0203 5232 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\System32\qmgr.dll
16:16:51.0464 5232 BITS - ok
16:16:51.0561 5232 blbdrive - ok
16:16:51.0640 5232 Bonjour Service (9efe4236f8670846b6e7c5b0eff6e715) C:\Program Files\Bonjour\mDNSResponder.exe
16:16:51.0655 5232 Bonjour Service - ok
16:16:51.0721 5232 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
16:16:51.0783 5232 bowser - ok
16:16:51.0825 5232 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
16:16:51.0884 5232 BrFiltLo - ok
16:16:51.0908 5232 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
16:16:51.0980 5232 BrFiltUp - ok
16:16:52.0047 5232 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
16:16:52.0108 5232 Browser - ok
16:16:52.0155 5232 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
16:16:52.0226 5232 Brserid - ok
16:16:52.0255 5232 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
16:16:52.0325 5232 BrSerWdm - ok
16:16:52.0360 5232 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
16:16:52.0411 5232 BrUsbMdm - ok
16:16:52.0438 5232 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
16:16:52.0515 5232 BrUsbSer - ok
16:16:52.0600 5232 BTCFilterService (4813df77ede536a52e3737971f910baa) C:\Windows\system32\DRIVERS\motfilt.sys
16:16:52.0704 5232 BTCFilterService - ok
16:16:52.0885 5232 BthEnum (cf97c2d6a011ee9403b42191b5f95ba8) C:\Windows\system32\DRIVERS\BthEnum.sys
16:16:52.0960 5232 BthEnum - ok
16:16:53.0077 5232 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\DRIVERS\bthmodem.sys
16:16:53.0134 5232 BTHMODEM - ok
16:16:53.0174 5232 BthPan (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
16:16:53.0266 5232 BthPan - ok
16:16:53.0320 5232 BTHPORT (b4ce8000aab30a9ab16cd0fb3db4d7cf) C:\Windows\system32\Drivers\BTHport.sys
16:16:53.0351 5232 BTHPORT - ok
16:16:53.0389 5232 BthServ (58ee7f5e68310bc8d4e7cebd8358c12e) C:\Windows\System32\bthserv.dll
16:16:53.0479 5232 BthServ - ok
16:16:53.0522 5232 BTHUSB (9a4ddc8544c1459aa2a118a8858dade3) C:\Windows\system32\Drivers\BTHUSB.sys
16:16:53.0548 5232 BTHUSB - ok
16:16:53.0597 5232 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
16:16:53.0658 5232 cdfs - ok
16:16:53.0691 5232 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
16:16:53.0736 5232 cdrom - ok
16:16:53.0792 5232 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
16:16:53.0851 5232 CertPropSvc - ok
16:16:53.0876 5232 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
16:16:53.0958 5232 circlass - ok
16:16:54.0002 5232 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
16:16:54.0020 5232 CLFS - ok
16:16:54.0097 5232 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:16:54.0112 5232 clr_optimization_v2.0.50727_32 - ok
16:16:54.0149 5232 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
16:16:54.0207 5232 CmBatt - ok
16:16:54.0250 5232 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
16:16:54.0261 5232 cmdide - ok
16:16:54.0288 5232 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
16:16:54.0298 5232 Compbatt - ok
16:16:54.0312 5232 COMSysApp - ok
16:16:54.0329 5232 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
16:16:54.0341 5232 crcdisk - ok
16:16:54.0369 5232 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
16:16:54.0424 5232 Crusoe - ok
16:16:54.0474 5232 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
16:16:54.0530 5232 CryptSvc - ok
16:16:54.0575 5232 CSC (ee95a5f89766f199557e5900ce6b2d7d) C:\Windows\system32\drivers\csc.sys
16:16:54.0629 5232 CSC - ok
16:16:54.0697 5232 CscService (68131a9a8e3f0ab5136bf386f02a3fc7) C:\Windows\System32\cscsvc.dll
16:16:54.0781 5232 CscService - ok
16:16:54.0844 5232 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
16:16:54.0960 5232 DcomLaunch - ok
16:16:55.0035 5232 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
16:16:55.0098 5232 DfsC - ok
16:16:55.0211 5232 DFSR (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
16:16:55.0416 5232 DFSR - ok
16:16:55.0520 5232 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
16:16:55.0577 5232 Dhcp - ok
16:16:55.0638 5232 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
16:16:55.0650 5232 disk - ok
16:16:55.0693 5232 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
16:16:55.0779 5232 Dnscache - ok
16:16:55.0823 5232 dot3svc (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
16:16:55.0880 5232 dot3svc - ok
16:16:55.0949 5232 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
16:16:56.0009 5232 DPS - ok
16:16:56.0070 5232 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
16:16:56.0127 5232 drmkaud - ok
16:16:56.0169 5232 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
16:16:56.0238 5232 DXGKrnl - ok
16:16:56.0289 5232 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
16:16:56.0347 5232 E1G60 - ok
16:16:56.0387 5232 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
16:16:56.0447 5232 EapHost - ok
16:16:56.0487 5232 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
16:16:56.0501 5232 Ecache - ok
16:16:56.0607 5232 ehRecvr (b4580122b0a7b263b6ee9acba69c8013) C:\Windows\ehome\ehRecvr.exe
16:16:56.0672 5232 ehRecvr - ok
16:16:56.0693 5232 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
16:16:56.0719 5232 ehSched - ok
16:16:56.0751 5232 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
16:16:56.0776 5232 ehstart - ok
16:16:56.0852 5232 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
16:16:56.0879 5232 ElbyCDFL - ok
16:16:56.0925 5232 ElbyCDIO (44996a2addd2db7454f2ca40b67d8941) C:\Windows\system32\Drivers\ElbyCDIO.sys
16:16:56.0935 5232 ElbyCDIO - ok
16:16:56.0995 5232 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
16:16:57.0015 5232 elxstor - ok
16:16:57.0101 5232 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
16:16:57.0231 5232 EMDMgmt - ok
16:16:57.0310 5232 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
16:16:57.0345 5232 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
16:16:57.0345 5232 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
16:16:57.0568 5232 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
16:16:57.0620 5232 EventSystem - ok
16:16:57.0713 5232 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
16:16:57.0806 5232 fastfat - ok
16:16:57.0888 5232 Fax (93f75490b02033df8edf4d7089c7e1d8) C:\Windows\system32\fxssvc.exe
16:16:57.0954 5232 Fax - ok
16:16:58.0023 5232 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
16:16:58.0086 5232 fdc - ok
16:16:58.0141 5232 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
16:16:58.0193 5232 fdPHost - ok
16:16:58.0229 5232 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
16:16:58.0285 5232 FDResPub - ok
16:16:58.0338 5232 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
16:16:58.0349 5232 FileInfo - ok
16:16:58.0372 5232 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
16:16:58.0415 5232 Filetrace - ok
16:16:58.0570 5232 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MSI\MAGIX\Common\Database\bin\fbserver.exe
16:16:58.0725 5232 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
16:16:58.0726 5232 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
16:16:58.0808 5232 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:16:58.0870 5232 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
16:16:58.0870 5232 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
16:16:59.0040 5232 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
16:16:59.0112 5232 flpydisk - ok
16:16:59.0159 5232 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
16:16:59.0175 5232 FltMgr - ok
16:16:59.0250 5232 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:16:59.0261 5232 FontCache3.0.0.0 - ok
16:16:59.0302 5232 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
16:16:59.0346 5232 Fs_Rec - ok
16:16:59.0371 5232 fvevol (06a1cf72fbe3b50035fbff428c8d84b4) C:\Windows\system32\DRIVERS\fvevol.sys
16:16:59.0384 5232 fvevol - ok
16:16:59.0417 5232 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
16:16:59.0429 5232 gagp30kx - ok
16:16:59.0511 5232 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\Windows\system32\Drivers\GEARAspiWDM.sys
16:16:59.0520 5232 GEARAspiWDM - ok
16:16:59.0585 5232 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
16:16:59.0594 5232 ggflt - ok
16:16:59.0611 5232 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
16:16:59.0620 5232 ggsemc - ok
16:16:59.0675 5232 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
16:16:59.0826 5232 gpsvc - ok
16:16:59.0963 5232 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
16:16:59.0973 5232 gupdate - ok
16:16:59.0995 5232 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
16:17:00.0003 5232 gupdatem - ok
16:17:00.0069 5232 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:17:00.0084 5232 gusvc - ok
16:17:00.0280 5232 hamachi (7929a161f9951d173ca9900fe7067391) C:\Windows\system32\DRIVERS\hamachi.sys
16:17:00.0289 5232 hamachi - ok
16:17:00.0345 5232 HdAudAddService (743e5199a34101a3ee444df5f74d0311) C:\Windows\system32\drivers\CHDART.sys
16:17:00.0423 5232 HdAudAddService - ok
16:17:00.0466 5232 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:17:00.0511 5232 HDAudBus - ok
16:17:00.0559 5232 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\DRIVERS\hidbth.sys
16:17:00.0618 5232 HidBth - ok
16:17:00.0655 5232 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
16:17:00.0733 5232 HidIr - ok
16:17:00.0789 5232 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
16:17:00.0845 5232 hidserv - ok
16:17:00.0883 5232 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
16:17:00.0940 5232 HidUsb - ok
16:17:00.0980 5232 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
16:17:01.0059 5232 hkmsvc - ok
16:17:01.0106 5232 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
16:17:01.0117 5232 HpCISSs - ok
16:17:01.0196 5232 HssDrv (30858b2d6dc0d8ed044dc28011ade6a2) C:\Windows\system32\DRIVERS\HssDrv.sys
16:17:01.0206 5232 HssDrv - ok
16:17:01.0337 5232 HssSrv (d5687c8c02df0eb4687b044a10df5cb4) C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
16:17:01.0387 5232 HssSrv ( UnsignedFile.Multi.Generic ) - warning
16:17:01.0388 5232 HssSrv - detected UnsignedFile.Multi.Generic (1)
16:17:01.0443 5232 HssTrayService (e77759a567c903fa719a4396135c7373) C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
16:17:01.0479 5232 HssTrayService ( UnsignedFile.Multi.Generic ) - warning
16:17:01.0479 5232 HssTrayService - detected UnsignedFile.Multi.Generic (1)
16:17:01.0662 5232 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
16:17:01.0758 5232 HTTP - ok
16:17:01.0825 5232 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
16:17:01.0836 5232 i2omp - ok
16:17:01.0964 5232 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
16:17:02.0024 5232 i8042prt - ok
16:17:02.0059 5232 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
16:17:02.0076 5232 iaStorV - ok
16:17:02.0202 5232 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
16:17:02.0237 5232 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:17:02.0237 5232 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:17:02.0331 5232 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:17:02.0415 5232 idsvc - ok
16:17:02.0500 5232 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
16:17:02.0511 5232 iirsp - ok
16:17:02.0574 5232 IKEEXT (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
16:17:02.0639 5232 IKEEXT - ok
16:17:02.0683 5232 intelide (988981c840084f480ba9e3319cebde1b) C:\Windows\system32\drivers\intelide.sys
16:17:02.0694 5232 intelide - ok
16:17:02.0730 5232 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
16:17:02.0786 5232 intelppm - ok
16:17:02.0825 5232 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
16:17:02.0885 5232 IPBusEnum - ok
16:17:02.0913 5232 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:17:02.0998 5232 IpFilterDriver - ok
16:17:03.0012 5232 IpInIp - ok
16:17:03.0042 5232 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
16:17:03.0087 5232 IPMIDRV - ok
16:17:03.0117 5232 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
16:17:03.0177 5232 IPNAT - ok
16:17:03.0293 5232 iPod Service (62937a89470af8ff172f0980ca8aefc9) C:\Program Files\iPod\bin\iPodService.exe
16:17:03.0327 5232 iPod Service - ok
16:17:03.0363 5232 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
16:17:03.0406 5232 IRENUM - ok
16:17:03.0437 5232 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
16:17:03.0448 5232 isapnp - ok
16:17:03.0475 5232 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
16:17:03.0505 5232 iScsiPrt - ok
16:17:03.0544 5232 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
16:17:03.0555 5232 iteatapi - ok
16:17:03.0581 5232 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
16:17:03.0593 5232 iteraid - ok
16:17:03.0652 5232 k750bus (fe8300320281d658a7854d5cfc02a63f) C:\Windows\system32\DRIVERS\k750bus.sys
16:17:03.0707 5232 k750bus - ok
16:17:03.0746 5232 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
16:17:03.0776 5232 kbdclass - ok
16:17:03.0814 5232 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
16:17:03.0855 5232 kbdhid - ok
16:17:03.0880 5232 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
16:17:03.0952 5232 KeyIso - ok
16:17:04.0014 5232 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
16:17:04.0064 5232 KSecDD - ok
16:17:04.0118 5232 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
16:17:04.0205 5232 KtmRm - ok
16:17:04.0254 5232 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\system32\srvsvc.dll
16:17:04.0349 5232 LanmanServer - ok
16:17:04.0407 5232 LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
16:17:04.0494 5232 LanmanWorkstation - ok
16:17:04.0547 5232 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
16:17:04.0602 5232 lltdio - ok
16:17:04.0643 5232 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
16:17:04.0692 5232 lltdsvc - ok
16:17:04.0725 5232 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
16:17:04.0778 5232 lmhosts - ok
16:17:04.0805 5232 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
16:17:04.0817 5232 LSI_FC - ok
16:17:04.0837 5232 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
16:17:04.0849 5232 LSI_SAS - ok
16:17:04.0886 5232 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
16:17:04.0898 5232 LSI_SCSI - ok
16:17:04.0919 5232 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
16:17:04.0982 5232 luafv - ok
16:17:05.0039 5232 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
16:17:05.0074 5232 MarvinBus - ok
16:17:05.0114 5232 Mcx2Svc (e93c1ad58e88a0846eaee10671c2a8f3) C:\Windows\system32\Mcx2Svc.dll
16:17:05.0179 5232 Mcx2Svc - ok
16:17:05.0274 5232 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
16:17:05.0330 5232 MDM ( UnsignedFile.Multi.Generic ) - warning
16:17:05.0330 5232 MDM - detected UnsignedFile.Multi.Generic (1)
16:17:05.0483 5232 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
16:17:05.0493 5232 megasas - ok
16:17:05.0580 5232 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
16:17:05.0632 5232 MMCSS - ok
16:17:05.0680 5232 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
16:17:05.0722 5232 Modem - ok
16:17:05.0768 5232 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
16:17:05.0818 5232 monitor - ok
16:17:05.0877 5232 motccgp (f4ea1193a52c8fe4b8a135e210abe546) C:\Windows\system32\DRIVERS\motccgp.sys
16:17:05.0980 5232 motccgp - ok
16:17:06.0014 5232 motccgpfl (b812da6605caf02641312f1f65c75419) C:\Windows\system32\DRIVERS\motccgpfl.sys
16:17:06.0033 5232 motccgpfl - ok
16:17:06.0059 5232 MotDev (e190ed75bcc7928143f8f2af4c34d91d) C:\Windows\system32\DRIVERS\motodrv.sys
16:17:06.0113 5232 MotDev - ok
16:17:06.0187 5232 motmodem (69814acd50a9d6d28296050ef6215d46) C:\Windows\system32\DRIVERS\motmodem.sys
16:17:06.0262 5232 motmodem - ok
16:17:06.0349 5232 MotoHelper (3bbc6c2402242401f791548aaebf3d39) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
16:17:06.0362 5232 MotoHelper - ok
16:17:06.0553 5232 MotoSwitchService (fd8c2cef7ad8b23c6714103d621fac1f) C:\Windows\system32\DRIVERS\motswch.sys
16:17:06.0609 5232 MotoSwitchService - ok
16:17:06.0642 5232 Motousbnet (ddc489d40b49f443787e7ffa75373522) C:\Windows\system32\DRIVERS\Motousbnet.sys
16:17:06.0687 5232 Motousbnet - ok
16:17:06.0751 5232 motusbdevice (f18898d418f43e74a93edc57e1f28bc9) C:\Windows\system32\DRIVERS\motusbdevice.sys
16:17:06.0796 5232 motusbdevice - ok
16:17:06.0845 5232 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
16:17:06.0856 5232 mouclass - ok
16:17:06.0881 5232 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
16:17:06.0905 5232 mouhid - ok
16:17:06.0942 5232 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
16:17:06.0953 5232 MountMgr - ok
16:17:06.0986 5232 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
16:17:06.0998 5232 mpio - ok
16:17:07.0081 5232 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
16:17:07.0120 5232 mpsdrv - ok
16:17:07.0149 5232 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
16:17:07.0160 5232 Mraid35x - ok
16:17:07.0222 5232 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
16:17:07.0311 5232 MRxDAV - ok
16:17:07.0390 5232 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:17:07.0430 5232 mrxsmb - ok
16:17:07.0468 5232 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:17:07.0522 5232 mrxsmb10 - ok
16:17:07.0569 5232 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:17:07.0592 5232 mrxsmb20 - ok
16:17:07.0645 5232 msahci (b2efb263600314babcf9dadb1cbba994) C:\Windows\system32\drivers\msahci.sys
16:17:07.0656 5232 msahci - ok
16:17:07.0694 5232 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
16:17:07.0706 5232 msdsm - ok
16:17:07.0752 5232 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
16:17:07.0784 5232 MSDTC - ok
16:17:07.0820 5232 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
16:17:07.0864 5232 Msfs - ok
16:17:07.0908 5232 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
16:17:07.0918 5232 msisadrv - ok
16:17:07.0980 5232 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
16:17:08.0041 5232 MSiSCSI - ok
16:17:08.0057 5232 msiserver - ok
16:17:08.0087 5232 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
16:17:08.0147 5232 MSKSSRV - ok
16:17:08.0163 5232 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
16:17:08.0237 5232 MSPCLOCK - ok
16:17:08.0253 5232 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
16:17:08.0327 5232 MSPQM - ok
16:17:08.0359 5232 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
16:17:08.0374 5232 MsRPC - ok
16:17:08.0401 5232 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
16:17:08.0434 5232 mssmbios - ok
16:17:08.0472 5232 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
16:17:08.0525 5232 MSTEE - ok
16:17:08.0566 5232 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
16:17:08.0577 5232 Mup - ok
16:17:08.0628 5232 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
16:17:08.0677 5232 napagent - ok
16:17:08.0757 5232 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
16:17:08.0806 5232 NativeWifiP - ok
16:17:08.0867 5232 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
16:17:08.0892 5232 NDIS - ok
16:17:08.0960 5232 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
16:17:08.0991 5232 NdisTapi - ok
16:17:09.0021 5232 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
16:17:09.0066 5232 Ndisuio - ok
16:17:09.0093 5232 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
16:17:09.0154 5232 NdisWan - ok
16:17:09.0213 5232 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
16:17:09.0235 5232 NDProxy - ok
16:17:09.0268 5232 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
16:17:09.0312 5232 NetBIOS - ok
16:17:09.0337 5232 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
16:17:09.0387 5232 netbt - ok
16:17:09.0429 5232 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
16:17:09.0461 5232 Netlogon - ok
16:17:09.0530 5232 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
16:17:09.0597 5232 Netman - ok
16:17:09.0637 5232 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
16:17:09.0685 5232 netprofm - ok
16:17:09.0766 5232 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:17:09.0778 5232 NetTcpPortSharing - ok
16:17:09.0910 5232 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
16:17:10.0085 5232 NETw4v32 - ok
16:17:10.0127 5232 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
16:17:10.0161 5232 nfrd960 - ok
16:17:10.0206 5232 nipsvc (11028c6a84a967070cb1286550f2058f) C:\Windows\system32\remoteregistry.dll
16:17:10.0209 5232 nipsvc ( Backdoor.Multi.ZAccess.gen ) - infected
16:17:10.0209 5232 nipsvc - detected Backdoor.Multi.ZAccess.gen (0)
16:17:10.0245 5232 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
16:17:10.0300 5232 NlaSvc - ok
16:17:10.0362 5232 NMIndexingService - ok
16:17:10.0558 5232 nod32drv (b4ea8cba9a69d0921b7bd89c8cf9e032) C:\Windows\system32\drivers\nod32drv.sys
16:17:10.0567 5232 nod32drv - ok
16:17:10.0618 5232 NOD32krn (7da9d9593081cb76fccdab3f14438370) C:\Program Files\Eset\nod32krn.exe
16:17:10.0644 5232 NOD32krn ( UnsignedFile.Multi.Generic ) - warning
16:17:10.0644 5232 NOD32krn - detected UnsignedFile.Multi.Generic (1)
16:17:10.0861 5232 NPF (b15e0180c43d8b5219196d76878cc2dd) C:\Windows\system32\drivers\npf.sys
16:17:10.0871 5232 NPF - ok
16:17:10.0934 5232 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
16:17:10.0994 5232 Npfs - ok
16:17:11.0051 5232 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
16:17:11.0111 5232 nsi - ok
16:17:11.0145 5232 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
16:17:11.0215 5232 nsiproxy - ok
16:17:11.0307 5232 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
16:17:11.0405 5232 Ntfs - ok
16:17:11.0455 5232 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
16:17:11.0511 5232 ntrigdigi - ok
16:17:11.0547 5232 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
16:17:11.0606 5232 Null - ok
16:17:11.0636 5232 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
16:17:11.0661 5232 nvraid - ok
16:17:11.0709 5232 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
16:17:11.0778 5232 nvstor - ok
16:17:11.0905 5232 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
16:17:11.0921 5232 nv_agp - ok
16:17:11.0945 5232 NwlnkFlt - ok
16:17:11.0960 5232 NwlnkFwd - ok
16:17:12.0095 5232 odserv (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:17:12.0123 5232 odserv - ok
16:17:12.0177 5232 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
16:17:12.0226 5232 ohci1394 - ok
16:17:12.0288 5232 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:17:12.0303 5232 ose - ok
16:17:12.0399 5232 p2pimsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
16:17:12.0477 5232 p2pimsvc - ok
16:17:12.0493 5232 p2psvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
16:17:12.0517 5232 p2psvc - ok
16:17:12.0599 5232 PAC207 (dca942c0a19a0ad2abcd9acf94eb4b10) C:\Windows\system32\DRIVERS\PFC027.SYS
16:17:12.0658 5232 PAC207 - ok
16:17:12.0703 5232 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
16:17:12.0755 5232 Parport - ok
16:17:12.0789 5232 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
16:17:12.0800 5232 partmgr - ok
16:17:12.0821 5232 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
16:17:12.0877 5232 Parvdm - ok
16:17:12.0909 5232 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
16:17:12.0974 5232 PcaSvc - ok
16:17:13.0013 5232 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
16:17:13.0023 5232 pci - ok
16:17:13.0046 5232 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
16:17:13.0057 5232 pciide - ok
16:17:13.0090 5232 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
16:17:13.0106 5232 pcmcia - ok
16:17:13.0164 5232 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
16:17:13.0265 5232 PEAUTH - ok
16:17:13.0331 5232 pfc (957b82ec80ad7ead64e5e47df6b0dc40) C:\Windows\system32\drivers\pfc.sys
16:17:13.0337 5232 pfc ( UnsignedFile.Multi.Generic ) - warning
16:17:13.0337 5232 pfc - detected UnsignedFile.Multi.Generic (1)
16:17:13.0420 5232 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
16:17:13.0614 5232 pla - ok
16:17:13.0649 5232 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
16:17:13.0675 5232 PlugPlay - ok
16:17:13.0721 5232 PNRPAutoReg (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
16:17:13.0789 5232 PNRPAutoReg - ok
16:17:13.0833 5232 PNRPsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
16:17:13.0872 5232 PNRPsvc - ok
16:17:13.0940 5232 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
16:17:14.0012 5232 PolicyAgent - ok
16:17:14.0092 5232 PptpMiniport (6c359ac71d7b550a0d41f9db4563ce05) C:\Windows\system32\DRIVERS\raspptp.sys
16:17:14.0136 5232 PptpMiniport - ok
16:17:14.0206 5232 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
16:17:14.0250 5232 Processor - ok
16:17:14.0298 5232 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
16:17:14.0375 5232 ProfSvc - ok
16:17:14.0415 5232 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
16:17:14.0428 5232 ProtectedStorage - ok
16:17:14.0481 5232 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
16:17:14.0513 5232 PSched - ok
16:17:14.0582 5232 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
16:17:14.0592 5232 PxHelp20 - ok
16:17:14.0658 5232 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
16:17:14.0742 5232 ql2300 - ok
16:17:14.0779 5232 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
16:17:14.0791 5232 ql40xx - ok
16:17:14.0834 5232 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
16:17:14.0870 5232 QWAVE - ok
16:17:14.0896 5232 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
16:17:14.0920 5232 QWAVEdrv - ok
16:17:14.0967 5232 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
16:17:15.0017 5232 RasAcd - ok
16:17:15.0101 5232 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
16:17:15.0147 5232 RasAuto - ok
16:17:15.0198 5232 Rasl2tp (88587dd843e2059848995b407b67f6cf) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:17:15.0257 5232 Rasl2tp - ok
16:17:15.0301 5232 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
16:17:15.0367 5232 RasMan - ok
16:17:15.0394 5232 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
16:17:15.0464 5232 RasPppoe - ok
16:17:15.0507 5232 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
16:17:15.0572 5232 rdbss - ok
16:17:15.0607 5232 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:17:15.0661 5232 RDPCDD - ok
16:17:15.0698 5232 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\DRIVERS\rdpdr.sys
16:17:15.0788 5232 rdpdr - ok
16:17:15.0816 5232 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
16:17:15.0870 5232 RDPENCDD - ok
16:17:15.0905 5232 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
16:17:15.0952 5232 RDPWD - ok
16:17:16.0025 5232 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
16:17:16.0081 5232 RemoteAccess - ok
16:17:16.0126 5232 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
16:17:16.0185 5232 RemoteRegistry - ok
16:17:16.0257 5232 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys
16:17:16.0266 5232 Revoflt - ok
16:17:16.0309 5232 RFCOMM (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
16:17:16.0371 5232 RFCOMM - ok
16:17:16.0436 5232 RMCAST (8804bcb4383859f66ffd51f049a1d744) C:\Windows\system32\DRIVERS\RMCAST.sys
16:17:16.0481 5232 RMCAST - ok
16:17:16.0544 5232 rpcapd (9ed13880478f14900a5840ff048d174c) C:\Program Files\WinPcap\rpcapd.exe
16:17:16.0556 5232 rpcapd - ok
16:17:16.0593 5232 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
16:17:16.0622 5232 RpcLocator - ok
16:17:16.0681 5232 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
16:17:16.0752 5232 RpcSs - ok
16:17:16.0817 5232 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
16:17:16.0864 5232 rspndr - ok
16:17:16.0913 5232 RTL8169 (71b7026d61293c1e91145bdad11c53bf) C:\Windows\system32\DRIVERS\Rtlh86.sys
16:17:16.0966 5232 RTL8169 - ok
16:17:17.0030 5232 RTSTOR (e845f4d709c456992f11d2acf321bced) C:\Windows\system32\drivers\RTSTOR.SYS
16:17:17.0076 5232 RTSTOR - ok
16:17:17.0115 5232 s115bus (e1ab463b36a7ef31d8a73a97a9b57afa) C:\Windows\system32\DRIVERS\s115bus.sys
16:17:17.0126 5232 s115bus - ok
16:17:17.0190 5232 s115mdfl (e24113fc13b8737c94cf4e3415488c76) C:\Windows\system32\DRIVERS\s115mdfl.sys
16:17:17.0199 5232 s115mdfl - ok
16:17:17.0267 5232 s115mdm (4029e49e7c673aa0670bd206b0af1b5b) C:\Windows\system32\DRIVERS\s115mdm.sys
16:17:17.0278 5232 s115mdm - ok
16:17:17.0308 5232 s115mgmt (eb02ab4ca8bccecfde236cad8fc6e135) C:\Windows\system32\DRIVERS\s115mgmt.sys
16:17:17.0319 5232 s115mgmt - ok
16:17:17.0376 5232 s115obex (089869db9ffd2ac807fa87fe82ac7761) C:\Windows\system32\DRIVERS\s115obex.sys
16:17:17.0388 5232 s115obex - ok
16:17:17.0425 5232 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
16:17:17.0458 5232 SamSs - ok
16:17:17.0504 5232 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
16:17:17.0541 5232 sbp2port - ok
16:17:17.0593 5232 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
16:17:17.0656 5232 SCardSvr - ok
16:17:17.0723 5232 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
16:17:17.0782 5232 Schedule - ok
16:17:17.0862 5232 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
16:17:17.0902 5232 SCPolicySvc - ok
16:17:17.0942 5232 SDRSVC (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
16:17:18.0023 5232 SDRSVC - ok
16:17:18.0077 5232 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:17:18.0120 5232 secdrv - ok
16:17:18.0140 5232 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
16:17:18.0187 5232 seclogon - ok
16:17:18.0232 5232 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
16:17:18.0270 5232 seehcri - ok
16:17:18.0310 5232 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\System32\sens.dll
16:17:18.0369 5232 SENS - ok
16:17:18.0520 5232 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
16:17:18.0571 5232 Serenum - ok
16:17:18.0604 5232 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
16:17:18.0680 5232 Serial - ok
16:17:18.0736 5232 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
16:17:18.0760 5232 sermouse - ok
16:17:18.0804 5232 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
16:17:18.0859 5232 SessionEnv - ok
16:17:18.0883 5232 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
16:17:18.0926 5232 sffdisk - ok
16:17:18.0943 5232 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
16:17:18.0987 5232 sffp_mmc - ok
16:17:19.0008 5232 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
16:17:19.0065 5232 sffp_sd - ok
16:17:19.0082 5232 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
16:17:19.0143 5232 sfloppy - ok
16:17:19.0187 5232 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
16:17:19.0221 5232 SharedAccess - ok
16:17:19.0253 5232 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
16:17:19.0337 5232 ShellHWDetection - ok
16:17:19.0366 5232 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
16:17:19.0378 5232 sisagp - ok
16:17:19.0397 5232 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
16:17:19.0409 5232 SiSRaid2 - ok
16:17:19.0436 5232 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
16:17:19.0448 5232 SiSRaid4 - ok
16:17:19.0541 5232 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files\Skype\Updater\Updater.exe
16:17:19.0569 5232 SkypeUpdate - ok
16:17:19.0672 5232 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
16:17:20.0094 5232 slsvc - ok
16:17:20.0249 5232 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
16:17:20.0276 5232 SLUINotify - ok
16:17:20.0345 5232 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
16:17:20.0415 5232 Smb - ok
16:17:20.0493 5232 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
16:17:20.0508 5232 SNMPTRAP - ok
16:17:20.0529 5232 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
16:17:20.0539 5232 spldr - ok
16:17:20.0573 5232 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
16:17:20.0590 5232 Spooler - ok
16:17:20.0643 5232 sptd (d390675b8ce45e5fb359338e5e649329) C:\Windows\system32\Drivers\sptd.sys
16:17:20.0643 5232 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329
16:17:20.0645 5232 sptd ( LockedFile.Multi.Generic ) - warning
16:17:20.0646 5232 sptd - detected LockedFile.Multi.Generic (1)
16:17:20.0707 5232 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
16:17:20.0770 5232 srv - ok
16:17:20.0828 5232 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
16:17:20.0887 5232 srv2 - ok
16:17:20.0935 5232 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
16:17:20.0950 5232 srvnet - ok
16:17:20.0991 5232 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
16:17:21.0039 5232 SSDPSRV - ok
16:17:21.0079 5232 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
16:17:21.0111 5232 stisvc - ok
16:17:21.0161 5232 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
16:17:21.0172 5232 swenum - ok
16:17:21.0215 5232 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
16:17:21.0282 5232 swprv - ok
16:17:21.0309 5232 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
16:17:21.0321 5232 Symc8xx - ok
16:17:21.0351 5232 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
16:17:21.0363 5232 Sym_hi - ok
16:17:21.0392 5232 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
16:17:21.0403 5232 Sym_u3 - ok
16:17:21.0466 5232 SysMain (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
16:17:21.0559 5232 SysMain - ok
16:17:21.0641 5232 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
16:17:21.0658 5232 TabletInputService - ok
16:17:21.0712 5232 tap0901 (34f1bcb847a924a161422f106a79b9ff) C:\Windows\system32\DRIVERS\tap0901.sys
16:17:21.0769 5232 tap0901 ( UnsignedFile.Multi.Generic ) - warning
16:17:21.0769 5232 tap0901 - detected UnsignedFile.Multi.Generic (1)
16:17:21.0833 5232 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
16:17:21.0841 5232 taphss - ok
16:17:21.0870 5232 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
16:17:21.0917 5232 TapiSrv - ok
16:17:21.0939 5232 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
16:17:21.0999 5232 TBS - ok
16:17:22.0053 5232 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
16:17:22.0137 5232 Tcpip - ok
16:17:22.0168 5232 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
16:17:22.0195 5232 Tcpip6 - ok
16:17:22.0256 5232 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
16:17:22.0315 5232 tcpipreg - ok
16:17:22.0342 5232 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
16:17:22.0398 5232 TDPIPE - ok
16:17:22.0425 5232 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
16:17:22.0470 5232 TDTCP - ok
16:17:22.0498 5232 tdx (f330bfc88cc2d714ea317590b9445723) C:\Windows\system32\DRIVERS\tdx.sys
16:17:22.0503 5232 tdx ( Virus.Win32.ZAccess.k ) - infected
16:17:22.0503 5232 tdx - detected Virus.Win32.ZAccess.k (0)
16:17:22.0528 5232 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
16:17:22.0541 5232 TermDD - ok
16:17:22.0600 5232 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
16:17:22.0658 5232 TermService - ok
16:17:22.0697 5232 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
16:17:22.0714 5232 Themes - ok
16:17:22.0752 5232 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
16:17:22.0796 5232 THREADORDER - ok
16:17:22.0878 5232 TimerStop (6a4e028caa0723b293b26cd3a55a888b) C:\Windows\system32\timerstop.sys
16:17:22.0885 5232 TimerStop ( UnsignedFile.Multi.Generic ) - warning
16:17:22.0885 5232 TimerStop - detected UnsignedFile.Multi.Generic (1)
16:17:22.0915 5232 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
16:17:22.0967 5232 TrkWks - ok
16:17:23.0024 5232 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
16:17:23.0051 5232 TrustedInstaller - ok
16:17:23.0131 5232 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:17:23.0193 5232 tssecsrv - ok
16:17:23.0245 5232 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
16:17:23.0259 5232 tunmp - ok
16:17:23.0290 5232 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
16:17:23.0321 5232 tunnel - ok
16:17:23.0356 5232 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
16:17:23.0369 5232 uagp35 - ok
16:17:23.0396 5232 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
16:17:23.0445 5232 udfs - ok
16:17:23.0489 5232 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
16:17:23.0505 5232 UI0Detect - ok
16:17:23.0527 5232 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
16:17:23.0539 5232 uliagpkx - ok
16:17:23.0567 5232 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
16:17:23.0586 5232 uliahci - ok
16:17:23.0620 5232 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
16:17:23.0632 5232 UlSata - ok
16:17:23.0656 5232 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
16:17:23.0669 5232 ulsata2 - ok
16:17:23.0692 5232 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
16:17:23.0736 5232 umbus - ok
16:17:23.0768 5232 UmRdpService (cfbb746c889b9223d2ac268cf283a93e) C:\Windows\System32\umrdp.dll
16:17:23.0827 5232 UmRdpService - ok
16:17:23.0864 5232 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
16:17:23.0931 5232 upnphost - ok
16:17:24.0000 5232 USBAAPL (c1ca131f4e3ed63d6bc89a35ffad4cda) C:\Windows\system32\Drivers\usbaapl.sys
16:17:24.0051 5232 USBAAPL - ok
16:17:24.0118 5232 usbaudio (f6bf998ae33e3fb6c7d27f0560f1173f) C:\Windows\system32\drivers\usbaudio.sys
16:17:24.0176 5232 usbaudio - ok
16:17:24.0225 5232 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
16:17:24.0301 5232 usbccgp - ok
16:17:24.0392 5232 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
16:17:24.0446 5232 usbcir - ok
16:17:24.0498 5232 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
16:17:24.0527 5232 usbehci - ok
16:17:24.0573 5232 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
16:17:24.0591 5232 usbhub - ok
16:17:24.0621 5232 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
16:17:24.0665 5232 usbohci - ok
16:17:24.0688 5232 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
16:17:24.0746 5232 usbprint - ok
16:17:24.0781 5232 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:17:24.0828 5232 USBSTOR - ok
16:17:24.0863 5232 usbuhci (d864735b0bfcb65440960a0b7cc1a38d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:17:24.0886 5232 usbuhci - ok
16:17:24.0932 5232 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
16:17:24.0979 5232 usbvideo - ok
16:17:25.0033 5232 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
16:17:25.0087 5232 UxSms - ok
16:17:25.0126 5232 UxTuneUp (d3986793dedc6bb93db4da5a793e42ce) C:\Windows\System32\uxtuneup.dll
16:17:25.0137 5232 UxTuneUp - ok
16:17:25.0201 5232 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
16:17:25.0229 5232 vds - ok
16:17:25.0312 5232 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
16:17:25.0370 5232 vga - ok
16:17:25.0410 5232 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
16:17:25.0455 5232 VgaSave - ok
16:17:25.0489 5232 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
16:17:25.0500 5232 viaagp - ok
16:17:25.0527 5232 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
16:17:25.0584 5232 ViaC7 - ok
16:17:25.0613 5232 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
16:17:25.0624 5232 viaide - ok
16:17:25.0648 5232 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
16:17:25.0659 5232 volmgr - ok
16:17:25.0695 5232 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
16:17:25.0713 5232 volmgrx - ok
16:17:25.0753 5232 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
16:17:25.0771 5232 volsnap - ok
16:17:25.0802 5232 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
16:17:25.0815 5232 vsmraid - ok
16:17:25.0881 5232 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
16:17:25.0934 5232 VSS - ok
16:17:26.0056 5232 vvdsvc (9e8c7a7b8a98e4f6ccbbf9f88a1c111f) C:\Windows\system32\nagasoft\vjocx.dll
16:17:26.0315 5232 vvdsvc - ok
16:17:26.0378 5232 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
16:17:26.0428 5232 W32Time - ok
16:17:26.0475 5232 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
16:17:26.0520 5232 WacomPen - ok
16:17:26.0646 5232 wampapache (375640f39f2d613b6fdcf8c2f956205a) c:\programs\wamp\bin\apache\apache2.2.11\bin\httpd.exe
16:17:26.0681 5232 wampapache ( UnsignedFile.Multi.Generic ) - warning
16:17:26.0681 5232 wampapache - detected UnsignedFile.Multi.Generic (1)
16:17:26.0723 5232 wampmysqld - ok
16:17:26.0898 5232 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
16:17:26.0928 5232 Wanarp - ok
16:17:26.0933 5232 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
16:17:26.0944 5232 Wanarpv6 - ok
16:17:27.0018 5232 wbengine (6d2f099d4ce88777e46cb1808c87b132) C:\Windows\system32\wbengine.exe
16:17:27.0133 5232 wbengine - ok
16:17:27.0195 5232 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
16:17:27.0216 5232 wcncsvc - ok
16:17:27.0242 5232 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
16:17:27.0290 5232 WcsPlugInService - ok
16:17:27.0341 5232 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
16:17:27.0352 5232 Wd - ok
16:17:27.0406 5232 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
16:17:27.0435 5232 Wdf01000 - ok
16:17:27.0482 5232 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
16:17:27.0524 5232 WdiServiceHost - ok
16:17:27.0529 5232 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
16:17:27.0544 5232 WdiSystemHost - ok
16:17:27.0598 5232 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
16:17:27.0626 5232 WebClient - ok
16:17:27.0661 5232 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
16:17:27.0709 5232 Wecsvc - ok
16:17:27.0730 5232 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
16:17:27.0804 5232 wercplsupport - ok
16:17:27.0856 5232 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
16:17:27.0903 5232 WerSvc - ok
16:17:27.0911 5232 WinHttpAutoProxySvc - ok
16:17:27.0986 5232 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
16:17:28.0032 5232 Winmgmt - ok
16:17:28.0080 5232 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
16:17:28.0192 5232 WinRM - ok
16:17:28.0265 5232 Wlansvc (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
16:17:28.0407 5232 Wlansvc - ok
16:17:28.0470 5232 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:17:28.0497 5232 WmiAcpi - ok
16:17:28.0570 5232 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
16:17:28.0584 5232 wmiApSrv - ok
16:17:28.0671 5232 WMPNetworkSvc (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
16:17:28.0824 5232 WMPNetworkSvc - ok
16:17:28.0996 5232 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
16:17:29.0069 5232 WPCSvc - ok
16:17:29.0133 5232 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
16:17:29.0186 5232 WPDBusEnum - ok
16:17:29.0287 5232 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
16:17:29.0347 5232 WpdUsb - ok
16:17:29.0387 5232 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
16:17:29.0446 5232 ws2ifsl - ok
16:17:29.0520 5232 WSDPrintDevice (f01f25b4227ad8d717c21f25f62b43c8) C:\Windows\system32\DRIVERS\WSDPrint.sys
16:17:29.0564 5232 WSDPrintDevice - ok
16:17:29.0620 5232 WSDScan (ff6e0448dc0d2b588e9300fc474558fd) C:\Windows\system32\DRIVERS\WSDScan.sys
16:17:29.0667 5232 WSDScan - ok
16:17:29.0683 5232 WSearch - ok
16:17:29.0774 5232 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
16:17:29.0926 5232 wuauserv - ok
16:17:29.0988 5232 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:17:30.0043 5232 WUDFRd - ok
16:17:30.0085 5232 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
16:17:30.0146 5232 wudfsvc - ok
16:17:30.0176 5232 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
16:17:30.0355 5232 \Device\Harddisk0\DR0 - ok
16:17:30.0359 5232 Boot (0x1200) (74616604de750d65da10dd5ec44b0e52) \Device\Harddisk0\DR0\Partition0
16:17:30.0361 5232 \Device\Harddisk0\DR0\Partition0 - ok
16:17:30.0361 5232 ============================================================
16:17:30.0361 5232 Scan finished
16:17:30.0361 5232 ============================================================
16:17:30.0372 6108 Detected object count: 17
16:17:30.0372 6108 Actual detected object count: 17
16:18:40.0231 6108 Afc ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0231 6108 Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:18:40.0231 6108 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
16:18:40.0232 6108 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
16:18:40.0233 6108 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0233 6108 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:18:40.0234 6108 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0234 6108 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:18:40.0236 6108 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0236 6108 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:18:40.0237 6108 HssSrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0237 6108 HssSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:18:40.0238 6108 HssTrayService ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0238 6108 HssTrayService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:18:40.0240 6108 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0240 6108 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:18:40.0241 6108 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0241 6108 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:18:40.0242 6108 nipsvc ( Backdoor.Multi.ZAccess.gen ) - skipped by user
16:18:40.0243 6108 nipsvc ( Backdoor.Multi.ZAccess.gen ) - User select action: Skip
16:18:40.0244 6108 NOD32krn ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0244 6108 NOD32krn ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:18:40.0245 6108 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0245 6108 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:18:40.0247 6108 sptd ( LockedFile.Multi.Generic ) - skipped by user
16:18:40.0247 6108 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
16:18:40.0248 6108 tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0248 6108 tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:18:40.0249 6108 tdx ( Virus.Win32.ZAccess.k ) - skipped by user
16:18:40.0250 6108 tdx ( Virus.Win32.ZAccess.k ) - User select action: Skip
16:18:40.0251 6108 TimerStop ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0251 6108 TimerStop ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:18:40.0252 6108 wampapache ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0253 6108 wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip
Re: Prosím o kontrolu logu - vypínání PC
U nipsvc ( Backdoor.Multi.ZAccess.gen ) mám na výběr jenom Delete, Cure tam není. Mám to vymazat?
Kde jsem chytl parazita vůbec netuším, víš, kde orientačně většinou bývá? A dá se z logů vyčíst, kdy asi jsem ho chytl?
Kde jsem chytl parazita vůbec netuším, víš, kde orientačně většinou bývá? A dá se z logů vyčíst, kdy asi jsem ho chytl?
Re: Prosím o kontrolu logu - vypínání PC
Provedeno, zde log po restartu:
19:51:54.0357 5628 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
19:51:54.0502 5628 ============================================================
19:51:54.0502 5628 Current date / time: 2012/04/11 19:51:54.0502
19:51:54.0502 5628 SystemInfo:
19:51:54.0502 5628
19:51:54.0502 5628 OS Version: 6.0.6000 ServicePack: 0.0
19:51:54.0502 5628 Product type: Workstation
19:51:54.0502 5628 ComputerName: SALAT-V5545
19:51:54.0502 5628 UserName: radek
19:51:54.0502 5628 Windows directory: C:\Windows
19:51:54.0502 5628 System windows directory: C:\Windows
19:51:54.0502 5628 Processor architecture: Intel x86
19:51:54.0502 5628 Number of processors: 2
19:51:54.0502 5628 Page size: 0x1000
19:51:54.0502 5628 Boot type: Normal boot
19:51:54.0502 5628 ============================================================
19:51:55.0614 5628 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:51:55.0616 5628 \Device\Harddisk0\DR0:
19:51:55.0616 5628 MBR used
19:51:55.0616 5628 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
19:51:55.0650 5628 Initialize success
19:51:55.0650 5628 ============================================================
19:52:04.0183 6064 ============================================================
19:52:04.0183 6064 Scan started
19:52:04.0183 6064 Mode: Manual; SigCheck; TDLFS;
19:52:04.0183 6064 ============================================================
19:52:06.0304 6064 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
19:52:06.0426 6064 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
19:52:06.0594 6064 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
19:52:06.0629 6064 ACPI - ok
19:52:06.0714 6064 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:52:06.0726 6064 AdobeFlashPlayerUpdateSvc - ok
19:52:06.0804 6064 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
19:52:06.0828 6064 adp94xx - ok
19:52:06.0897 6064 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
19:52:06.0912 6064 adpahci - ok
19:52:06.0936 6064 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
19:52:06.0946 6064 adpu160m - ok
19:52:06.0975 6064 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
19:52:06.0986 6064 adpu320 - ok
19:52:07.0028 6064 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
19:52:07.0136 6064 AeLookupSvc - ok
19:52:07.0208 6064 AF15BDA (639a9c2dab390769be8fa23854435876) C:\Windows\system32\Drivers\AF15BDA.sys
19:52:07.0287 6064 AF15BDA - ok
19:52:07.0351 6064 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\Windows\system32\drivers\Afc.sys
19:52:07.0377 6064 Afc ( UnsignedFile.Multi.Generic ) - warning
19:52:07.0377 6064 Afc - detected UnsignedFile.Multi.Generic (1)
19:52:07.0441 6064 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
19:52:07.0516 6064 AFD - ok
19:52:07.0563 6064 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
19:52:07.0574 6064 agp440 - ok
19:52:07.0616 6064 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:52:07.0627 6064 aic78xx - ok
19:52:07.0827 6064 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common files\akamai/netsession_win_6c825ce.dll
19:52:07.0827 6064 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7
19:52:07.0834 6064 Akamai ( HiddenFile.Multi.Generic ) - warning
19:52:07.0834 6064 Akamai - detected HiddenFile.Multi.Generic (1)
19:52:08.0163 6064 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
19:52:08.0216 6064 ALG - ok
19:52:08.0274 6064 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
19:52:08.0281 6064 aliide - ok
19:52:08.0315 6064 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
19:52:08.0326 6064 amdagp - ok
19:52:08.0342 6064 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
19:52:08.0352 6064 amdide - ok
19:52:08.0379 6064 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
19:52:08.0426 6064 AmdK7 - ok
19:52:08.0452 6064 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
19:52:08.0510 6064 AmdK8 - ok
19:52:08.0585 6064 AMON (687c3f2e78aeb209ade1cc265a2560bb) C:\Windows\system32\drivers\amon.sys
19:52:08.0627 6064 AMON - ok
19:52:08.0719 6064 AMService - ok
19:52:08.0803 6064 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
19:52:08.0866 6064 Appinfo - ok
19:52:09.0022 6064 Apple Mobile Device (a8aa9d47f971570a5162b862b80f87e8) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
19:52:09.0047 6064 Apple Mobile Device - ok
19:52:09.0237 6064 AppMgmt (051e86735b71e8402aebc1d662f26ba2) C:\Windows\System32\appmgmts.dll
19:52:09.0285 6064 AppMgmt - ok
19:52:09.0361 6064 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
19:52:09.0371 6064 arc - ok
19:52:09.0409 6064 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
19:52:09.0419 6064 arcsas - ok
19:52:09.0471 6064 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
19:52:09.0528 6064 AsyncMac - ok
19:52:09.0575 6064 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
19:52:09.0583 6064 atapi - ok
19:52:09.0655 6064 Ati External Event Utility (4604db6d5eca6362873cc3a76d2204ba) C:\Windows\system32\Ati2evxx.exe
19:52:09.0768 6064 Ati External Event Utility - ok
19:52:09.0927 6064 atikmdag (47dcf5d78c395159d72c65c25129fc44) C:\Windows\system32\DRIVERS\atikmdag.sys
19:52:10.0249 6064 atikmdag - ok
19:52:10.0323 6064 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
19:52:10.0403 6064 AudioEndpointBuilder - ok
19:52:10.0444 6064 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
19:52:10.0486 6064 Audiosrv - ok
19:52:10.0548 6064 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
19:52:10.0605 6064 Beep - ok
19:52:10.0693 6064 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\System32\qmgr.dll
19:52:10.0776 6064 BITS - ok
19:52:10.0806 6064 blbdrive - ok
19:52:10.0896 6064 Bonjour Service (9efe4236f8670846b6e7c5b0eff6e715) C:\Program Files\Bonjour\mDNSResponder.exe
19:52:10.0910 6064 Bonjour Service - ok
19:52:10.0967 6064 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
19:52:11.0025 6064 bowser - ok
19:52:11.0071 6064 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:52:11.0129 6064 BrFiltLo - ok
19:52:11.0154 6064 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:52:11.0223 6064 BrFiltUp - ok
19:52:11.0271 6064 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
19:52:11.0330 6064 Browser - ok
19:52:11.0378 6064 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:52:11.0437 6064 Brserid - ok
19:52:11.0478 6064 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:52:11.0546 6064 BrSerWdm - ok
19:52:11.0583 6064 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:52:11.0632 6064 BrUsbMdm - ok
19:52:11.0661 6064 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:52:11.0735 6064 BrUsbSer - ok
19:52:11.0801 6064 BTCFilterService (4813df77ede536a52e3737971f910baa) C:\Windows\system32\DRIVERS\motfilt.sys
19:52:11.0871 6064 BTCFilterService - ok
19:52:11.0942 6064 BthEnum (cf97c2d6a011ee9403b42191b5f95ba8) C:\Windows\system32\DRIVERS\BthEnum.sys
19:52:11.0982 6064 BthEnum - ok
19:52:12.0034 6064 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\DRIVERS\bthmodem.sys
19:52:12.0089 6064 BTHMODEM - ok
19:52:12.0130 6064 BthPan (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
19:52:12.0188 6064 BthPan - ok
19:52:12.0254 6064 BTHPORT (b4ce8000aab30a9ab16cd0fb3db4d7cf) C:\Windows\system32\Drivers\BTHport.sys
19:52:12.0285 6064 BTHPORT - ok
19:52:12.0346 6064 BthServ (58ee7f5e68310bc8d4e7cebd8358c12e) C:\Windows\System32\bthserv.dll
19:52:12.0423 6064 BthServ - ok
19:52:12.0468 6064 BTHUSB (9a4ddc8544c1459aa2a118a8858dade3) C:\Windows\system32\Drivers\BTHUSB.sys
19:52:12.0493 6064 BTHUSB - ok
19:52:12.0542 6064 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
19:52:12.0591 6064 cdfs - ok
19:52:12.0629 6064 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
19:52:12.0672 6064 cdrom - ok
19:52:12.0704 6064 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
19:52:12.0762 6064 CertPropSvc - ok
19:52:12.0788 6064 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
19:52:12.0837 6064 circlass - ok
19:52:12.0881 6064 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
19:52:12.0895 6064 CLFS - ok
19:52:12.0987 6064 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:52:12.0998 6064 clr_optimization_v2.0.50727_32 - ok
19:52:13.0039 6064 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
19:52:13.0064 6064 CmBatt - ok
19:52:13.0107 6064 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
19:52:13.0115 6064 cmdide - ok
19:52:13.0269 6064 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
19:52:13.0278 6064 Compbatt - ok
19:52:13.0290 6064 COMSysApp - ok
19:52:13.0308 6064 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
19:52:13.0318 6064 crcdisk - ok
19:52:13.0348 6064 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
19:52:13.0401 6064 Crusoe - ok
19:52:13.0453 6064 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
19:52:13.0505 6064 CryptSvc - ok
19:52:13.0553 6064 CSC (ee95a5f89766f199557e5900ce6b2d7d) C:\Windows\system32\drivers\csc.sys
19:52:13.0586 6064 CSC - ok
19:52:13.0654 6064 CscService (68131a9a8e3f0ab5136bf386f02a3fc7) C:\Windows\System32\cscsvc.dll
19:52:13.0704 6064 CscService - ok
19:52:13.0778 6064 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
19:52:13.0884 6064 DcomLaunch - ok
19:52:14.0002 6064 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
19:52:14.0047 6064 DfsC - ok
19:52:14.0167 6064 DFSR (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
19:52:14.0328 6064 DFSR - ok
19:52:14.0399 6064 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
19:52:14.0458 6064 Dhcp - ok
19:52:14.0517 6064 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
19:52:14.0528 6064 disk - ok
19:52:14.0572 6064 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
19:52:14.0603 6064 Dnscache - ok
19:52:14.0627 6064 dot3svc (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
19:52:14.0679 6064 dot3svc - ok
19:52:14.0728 6064 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
19:52:14.0754 6064 DPS - ok
19:52:14.0816 6064 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
19:52:14.0871 6064 drmkaud - ok
19:52:14.0914 6064 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
19:52:14.0983 6064 DXGKrnl - ok
19:52:15.0045 6064 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:52:15.0104 6064 E1G60 - ok
19:52:15.0155 6064 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
19:52:15.0212 6064 EapHost - ok
19:52:15.0266 6064 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
19:52:15.0278 6064 Ecache - ok
19:52:15.0344 6064 ehRecvr (b4580122b0a7b263b6ee9acba69c8013) C:\Windows\ehome\ehRecvr.exe
19:52:15.0395 6064 ehRecvr - ok
19:52:15.0417 6064 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
19:52:15.0442 6064 ehSched - ok
19:52:15.0475 6064 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
19:52:15.0499 6064 ehstart - ok
19:52:15.0587 6064 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
19:52:15.0597 6064 ElbyCDFL - ok
19:52:15.0637 6064 ElbyCDIO (44996a2addd2db7454f2ca40b67d8941) C:\Windows\system32\Drivers\ElbyCDIO.sys
19:52:15.0647 6064 ElbyCDIO - ok
19:52:15.0696 6064 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
19:52:15.0716 6064 elxstor - ok
19:52:15.0780 6064 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
19:52:15.0866 6064 EMDMgmt - ok
19:52:15.0956 6064 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
19:52:15.0979 6064 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
19:52:15.0980 6064 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
19:52:16.0136 6064 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
19:52:16.0166 6064 EventSystem - ok
19:52:16.0226 6064 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
19:52:16.0317 6064 fastfat - ok
19:52:16.0390 6064 Fax (93f75490b02033df8edf4d7089c7e1d8) C:\Windows\system32\fxssvc.exe
19:52:16.0466 6064 Fax - ok
19:52:16.0535 6064 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
19:52:16.0585 6064 fdc - ok
19:52:16.0653 6064 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
19:52:16.0707 6064 fdPHost - ok
19:52:16.0730 6064 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
19:52:16.0784 6064 FDResPub - ok
19:52:16.0828 6064 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
19:52:16.0837 6064 FileInfo - ok
19:52:16.0862 6064 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
19:52:16.0901 6064 Filetrace - ok
19:52:17.0058 6064 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MSI\MAGIX\Common\Database\bin\fbserver.exe
19:52:17.0291 6064 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
19:52:17.0291 6064 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
19:52:17.0374 6064 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:52:17.0448 6064 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
19:52:17.0448 6064 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
19:52:17.0618 6064 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
19:52:17.0778 6064 flpydisk - ok
19:52:17.0837 6064 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
19:52:17.0849 6064 FltMgr - ok
19:52:17.0928 6064 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:52:17.0938 6064 FontCache3.0.0.0 - ok
19:52:17.0980 6064 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
19:52:18.0001 6064 Fs_Rec - ok
19:52:18.0026 6064 fvevol (06a1cf72fbe3b50035fbff428c8d84b4) C:\Windows\system32\DRIVERS\fvevol.sys
19:52:18.0036 6064 fvevol - ok
19:52:18.0062 6064 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
19:52:18.0070 6064 gagp30kx - ok
19:52:18.0144 6064 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\Windows\system32\Drivers\GEARAspiWDM.sys
19:52:18.0152 6064 GEARAspiWDM - ok
19:52:18.0219 6064 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
19:52:18.0225 6064 ggflt - ok
19:52:18.0245 6064 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
19:52:18.0251 6064 ggsemc - ok
19:52:18.0375 6064 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
19:52:18.0515 6064 gpsvc - ok
19:52:18.0641 6064 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:18.0651 6064 gupdate - ok
19:52:18.0672 6064 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:18.0679 6064 gupdatem - ok
19:52:18.0736 6064 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:52:18.0746 6064 gusvc - ok
19:52:18.0914 6064 hamachi (7929a161f9951d173ca9900fe7067391) C:\Windows\system32\DRIVERS\hamachi.sys
19:52:18.0920 6064 hamachi - ok
19:52:18.0979 6064 HdAudAddService (743e5199a34101a3ee444df5f74d0311) C:\Windows\system32\drivers\CHDART.sys
19:52:19.0023 6064 HdAudAddService - ok
19:52:19.0066 6064 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:52:19.0089 6064 HDAudBus - ok
19:52:19.0126 6064 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\DRIVERS\hidbth.sys
19:52:19.0184 6064 HidBth - ok
19:52:19.0211 6064 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:52:19.0277 6064 HidIr - ok
19:52:19.0333 6064 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
19:52:19.0385 6064 hidserv - ok
19:52:19.0417 6064 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
19:52:19.0470 6064 HidUsb - ok
19:52:19.0492 6064 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
19:52:19.0565 6064 hkmsvc - ok
19:52:19.0606 6064 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
19:52:19.0614 6064 HpCISSs - ok
19:52:19.0663 6064 HssDrv (30858b2d6dc0d8ed044dc28011ade6a2) C:\Windows\system32\DRIVERS\HssDrv.sys
19:52:19.0670 6064 HssDrv - ok
19:52:19.0792 6064 HssSrv (d5687c8c02df0eb4687b044a10df5cb4) C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
19:52:19.0832 6064 HssSrv ( UnsignedFile.Multi.Generic ) - warning
19:52:19.0832 6064 HssSrv - detected UnsignedFile.Multi.Generic (1)
19:52:19.0888 6064 HssTrayService (e77759a567c903fa719a4396135c7373) C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
19:52:19.0913 6064 HssTrayService ( UnsignedFile.Multi.Generic ) - warning
19:52:19.0913 6064 HssTrayService - detected UnsignedFile.Multi.Generic (1)
19:52:20.0095 6064 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
19:52:20.0136 6064 HTTP - ok
19:52:20.0226 6064 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
19:52:20.0236 6064 i2omp - ok
19:52:20.0309 6064 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
19:52:20.0347 6064 i8042prt - ok
19:52:20.0382 6064 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
19:52:20.0398 6064 iaStorV - ok
19:52:20.0514 6064 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:52:20.0537 6064 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:52:20.0537 6064 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:52:20.0631 6064 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:52:20.0699 6064 idsvc - ok
19:52:20.0778 6064 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:52:20.0789 6064 iirsp - ok
19:52:20.0852 6064 IKEEXT (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
19:52:20.0916 6064 IKEEXT - ok
19:52:20.0961 6064 intelide (988981c840084f480ba9e3319cebde1b) C:\Windows\system32\drivers\intelide.sys
19:52:20.0972 6064 intelide - ok
19:52:21.0019 6064 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
19:52:21.0073 6064 intelppm - ok
19:52:21.0114 6064 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
19:52:21.0174 6064 IPBusEnum - ok
19:52:21.0202 6064 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:52:21.0253 6064 IpFilterDriver - ok
19:52:21.0267 6064 IpInIp - ok
19:52:21.0298 6064 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
19:52:21.0341 6064 IPMIDRV - ok
19:52:21.0383 6064 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
19:52:21.0433 6064 IPNAT - ok
19:52:21.0526 6064 iPod Service (62937a89470af8ff172f0980ca8aefc9) C:\Program Files\iPod\bin\iPodService.exe
19:52:21.0545 6064 iPod Service - ok
19:52:21.0585 6064 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
19:52:21.0626 6064 IRENUM - ok
19:52:21.0649 6064 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
19:52:21.0656 6064 isapnp - ok
19:52:21.0686 6064 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
19:52:21.0698 6064 iScsiPrt - ok
19:52:21.0722 6064 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:52:21.0732 6064 iteatapi - ok
19:52:21.0771 6064 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:52:21.0778 6064 iteraid - ok
19:52:21.0830 6064 k750bus (fe8300320281d658a7854d5cfc02a63f) C:\Windows\system32\DRIVERS\k750bus.sys
19:52:21.0862 6064 k750bus - ok
19:52:21.0902 6064 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
19:52:21.0912 6064 kbdclass - ok
19:52:21.0936 6064 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
19:52:21.0956 6064 kbdhid - ok
19:52:21.0997 6064 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:52:22.0031 6064 KeyIso - ok
19:52:22.0078 6064 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
19:52:22.0102 6064 KSecDD - ok
19:52:22.0174 6064 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
19:52:22.0239 6064 KtmRm - ok
19:52:22.0276 6064 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\system32\srvsvc.dll
19:52:22.0346 6064 LanmanServer - ok
19:52:22.0407 6064 LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
19:52:22.0450 6064 LanmanWorkstation - ok
19:52:22.0526 6064 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
19:52:22.0580 6064 lltdio - ok
19:52:22.0621 6064 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
19:52:22.0668 6064 lltdsvc - ok
19:52:22.0692 6064 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
19:52:22.0744 6064 lmhosts - ok
19:52:22.0772 6064 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
19:52:22.0783 6064 LSI_FC - ok
19:52:22.0805 6064 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
19:52:22.0815 6064 LSI_SAS - ok
19:52:22.0853 6064 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
19:52:22.0865 6064 LSI_SCSI - ok
19:52:22.0886 6064 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
19:52:22.0936 6064 luafv - ok
19:52:22.0995 6064 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
19:52:23.0029 6064 MarvinBus - ok
19:52:23.0070 6064 Mcx2Svc (e93c1ad58e88a0846eaee10671c2a8f3) C:\Windows\system32\Mcx2Svc.dll
19:52:23.0104 6064 Mcx2Svc - ok
19:52:23.0208 6064 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
19:52:23.0242 6064 MDM ( UnsignedFile.Multi.Generic ) - warning
19:52:23.0242 6064 MDM - detected UnsignedFile.Multi.Generic (1)
19:52:23.0305 6064 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
19:52:23.0314 6064 megasas - ok
19:52:23.0369 6064 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
19:52:23.0420 6064 MMCSS - ok
19:52:23.0447 6064 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
19:52:23.0493 6064 Modem - ok
19:52:23.0746 6064 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
19:52:23.0818 6064 monitor - ok
19:52:23.0889 6064 motccgp (f4ea1193a52c8fe4b8a135e210abe546) C:\Windows\system32\DRIVERS\motccgp.sys
19:52:23.0969 6064 motccgp - ok
19:52:24.0004 6064 motccgpfl (b812da6605caf02641312f1f65c75419) C:\Windows\system32\DRIVERS\motccgpfl.sys
19:52:24.0021 6064 motccgpfl - ok
19:52:24.0049 6064 MotDev (e190ed75bcc7928143f8f2af4c34d91d) C:\Windows\system32\DRIVERS\motodrv.sys
19:52:24.0102 6064 MotDev - ok
19:52:24.0143 6064 motmodem (69814acd50a9d6d28296050ef6215d46) C:\Windows\system32\DRIVERS\motmodem.sys
19:52:24.0218 6064 motmodem - ok
19:52:24.0304 6064 MotoHelper (3bbc6c2402242401f791548aaebf3d39) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
19:52:24.0318 6064 MotoHelper - ok
19:52:24.0464 6064 MotoSwitchService (fd8c2cef7ad8b23c6714103d621fac1f) C:\Windows\system32\DRIVERS\motswch.sys
19:52:24.0499 6064 MotoSwitchService - ok
19:52:24.0532 6064 Motousbnet (ddc489d40b49f443787e7ffa75373522) C:\Windows\system32\DRIVERS\Motousbnet.sys
19:52:24.0558 6064 Motousbnet - ok
19:52:24.0630 6064 motusbdevice (f18898d418f43e74a93edc57e1f28bc9) C:\Windows\system32\DRIVERS\motusbdevice.sys
19:52:24.0673 6064 motusbdevice - ok
19:52:24.0800 6064 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
19:52:24.0809 6064 mouclass - ok
19:52:24.0882 6064 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
19:52:24.0905 6064 mouhid - ok
19:52:24.0942 6064 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
19:52:24.0952 6064 MountMgr - ok
19:52:24.0987 6064 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
19:52:24.0998 6064 mpio - ok
19:52:25.0037 6064 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
19:52:25.0076 6064 mpsdrv - ok
19:52:25.0116 6064 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:52:25.0126 6064 Mraid35x - ok
19:52:25.0178 6064 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
19:52:25.0233 6064 MRxDAV - ok
19:52:25.0290 6064 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:52:25.0320 6064 mrxsmb - ok
19:52:25.0361 6064 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:52:25.0390 6064 mrxsmb10 - ok
19:52:25.0458 6064 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:52:25.0488 6064 mrxsmb20 - ok
19:52:25.0545 6064 msahci (b2efb263600314babcf9dadb1cbba994) C:\Windows\system32\drivers\msahci.sys
19:52:25.0554 6064 msahci - ok
19:52:25.0605 6064 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
19:52:25.0615 6064 msdsm - ok
19:52:25.0652 6064 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
19:52:25.0685 6064 MSDTC - ok
19:52:25.0721 6064 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
19:52:25.0764 6064 Msfs - ok
19:52:25.0808 6064 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
19:52:25.0817 6064 msisadrv - ok
19:52:25.0858 6064 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
19:52:25.0921 6064 MSiSCSI - ok
19:52:25.0938 6064 msiserver - ok
19:52:25.0965 6064 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
19:52:26.0017 6064 MSKSSRV - ok
19:52:26.0059 6064 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
19:52:26.0126 6064 MSPCLOCK - ok
19:52:26.0143 6064 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
19:52:26.0217 6064 MSPQM - ok
19:52:26.0249 6064 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
19:52:26.0261 6064 MsRPC - ok
19:52:26.0290 6064 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
19:52:26.0300 6064 mssmbios - ok
19:52:26.0314 6064 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
19:52:26.0394 6064 MSTEE - ok
19:52:26.0433 6064 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
19:52:26.0441 6064 Mup - ok
19:52:26.0483 6064 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
19:52:26.0539 6064 napagent - ok
19:52:26.0590 6064 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
19:52:26.0628 6064 NativeWifiP - ok
19:52:26.0690 6064 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
19:52:26.0710 6064 NDIS - ok
19:52:26.0760 6064 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
19:52:26.0790 6064 NdisTapi - ok
19:52:26.0832 6064 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
19:52:26.0871 6064 Ndisuio - ok
19:52:26.0893 6064 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
19:52:26.0952 6064 NdisWan - ok
19:52:26.0992 6064 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
19:52:27.0013 6064 NDProxy - ok
19:52:27.0046 6064 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
19:52:27.0086 6064 NetBIOS - ok
19:52:27.0115 6064 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
19:52:27.0161 6064 netbt - ok
19:52:27.0207 6064 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:52:27.0219 6064 Netlogon - ok
19:52:27.0264 6064 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
19:52:27.0330 6064 Netman - ok
19:52:27.0360 6064 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
19:52:27.0406 6064 netprofm - ok
19:52:27.0477 6064 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:52:27.0486 6064 NetTcpPortSharing - ok
19:52:27.0610 6064 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
19:52:27.0774 6064 NETw4v32 - ok
19:52:27.0816 6064 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:52:27.0824 6064 nfrd960 - ok
19:52:27.0868 6064 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
19:52:27.0921 6064 NlaSvc - ok
19:52:27.0973 6064 NMIndexingService - ok
19:52:28.0036 6064 nod32drv (b4ea8cba9a69d0921b7bd89c8cf9e032) C:\Windows\system32\drivers\nod32drv.sys
19:52:28.0044 6064 nod32drv - ok
19:52:28.0096 6064 NOD32krn (7da9d9593081cb76fccdab3f14438370) C:\Program Files\Eset\nod32krn.exe
19:52:28.0126 6064 NOD32krn ( UnsignedFile.Multi.Generic ) - warning
19:52:28.0126 6064 NOD32krn - detected UnsignedFile.Multi.Generic (1)
19:52:28.0173 6064 NPF (b15e0180c43d8b5219196d76878cc2dd) C:\Windows\system32\drivers\npf.sys
19:52:28.0182 6064 NPF - ok
19:52:28.0214 6064 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
19:52:28.0268 6064 Npfs - ok
19:52:28.0297 6064 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
19:52:28.0352 6064 nsi - ok
19:52:28.0380 6064 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
19:52:28.0446 6064 nsiproxy - ok
19:52:28.0552 6064 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
19:52:28.0618 6064 Ntfs - ok
19:52:28.0645 6064 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:52:28.0695 6064 ntrigdigi - ok
19:52:28.0726 6064 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
19:52:28.0782 6064 Null - ok
19:52:28.0993 6064 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
19:52:29.0003 6064 nvraid - ok
19:52:29.0032 6064 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
19:52:29.0040 6064 nvstor - ok
19:52:29.0062 6064 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
19:52:29.0073 6064 nv_agp - ok
19:52:29.0087 6064 NwlnkFlt - ok
19:52:29.0105 6064 NwlnkFwd - ok
19:52:29.0241 6064 odserv (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:52:29.0265 6064 odserv - ok
19:52:29.0323 6064 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
19:52:29.0365 6064 ohci1394 - ok
19:52:29.0523 6064 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:29.0533 6064 ose - ok
19:52:29.0678 6064 p2pimsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:52:29.0768 6064 p2pimsvc - ok
19:52:29.0781 6064 p2psvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:52:29.0804 6064 p2psvc - ok
19:52:29.0901 6064 PAC207 (dca942c0a19a0ad2abcd9acf94eb4b10) C:\Windows\system32\DRIVERS\PFC027.SYS
19:52:29.0949 6064 PAC207 - ok
19:52:30.0016 6064 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:52:30.0071 6064 Parport - ok
19:52:30.0102 6064 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
19:52:30.0110 6064 partmgr - ok
19:52:30.0133 6064 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:52:30.0186 6064 Parvdm - ok
19:52:30.0222 6064 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
19:52:30.0277 6064 PcaSvc - ok
19:52:30.0304 6064 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
19:52:30.0314 6064 pci - ok
19:52:30.0337 6064 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
19:52:30.0346 6064 pciide - ok
19:52:30.0380 6064 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:52:30.0395 6064 pcmcia - ok
19:52:30.0444 6064 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:52:30.0558 6064 PEAUTH - ok
19:52:30.0622 6064 pfc (957b82ec80ad7ead64e5e47df6b0dc40) C:\Windows\system32\drivers\pfc.sys
19:52:30.0627 6064 pfc ( UnsignedFile.Multi.Generic ) - warning
19:52:30.0627 6064 pfc - detected UnsignedFile.Multi.Generic (1)
19:52:30.0710 6064 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
19:52:30.0868 6064 pla - ok
19:52:30.0906 6064 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
19:52:30.0932 6064 PlugPlay - ok
19:52:30.0978 6064 PNRPAutoReg (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:52:31.0001 6064 PNRPAutoReg - ok
19:52:31.0067 6064 PNRPsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:52:31.0090 6064 PNRPsvc - ok
19:52:31.0164 6064 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
19:52:31.0213 6064 PolicyAgent - ok
19:52:31.0304 6064 PptpMiniport (6c359ac71d7b550a0d41f9db4563ce05) C:\Windows\system32\DRIVERS\raspptp.sys
19:52:31.0344 6064 PptpMiniport - ok
19:52:31.0363 6064 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
19:52:31.0405 6064 Processor - ok
19:52:31.0456 6064 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
19:52:31.0531 6064 ProfSvc - ok
19:52:31.0572 6064 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:52:31.0584 6064 ProtectedStorage - ok
19:52:31.0638 6064 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
19:52:31.0661 6064 PSched - ok
19:52:31.0706 6064 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
19:52:31.0715 6064 PxHelp20 - ok
19:52:31.0782 6064 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
19:52:31.0853 6064 ql2300 - ok
19:52:31.0891 6064 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:52:31.0902 6064 ql40xx - ok
19:52:31.0947 6064 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
19:52:31.0982 6064 QWAVE - ok
19:52:32.0008 6064 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
19:52:32.0033 6064 QWAVEdrv - ok
19:52:32.0057 6064 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
19:52:32.0107 6064 RasAcd - ok
19:52:32.0136 6064 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
19:52:32.0179 6064 RasAuto - ok
19:52:32.0211 6064 Rasl2tp (88587dd843e2059848995b407b67f6cf) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:52:32.0269 6064 Rasl2tp - ok
19:52:32.0303 6064 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
19:52:32.0366 6064 RasMan - ok
19:52:32.0396 6064 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
19:52:32.0465 6064 RasPppoe - ok
19:52:32.0509 6064 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
19:52:32.0555 6064 rdbss - ok
19:52:32.0575 6064 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:52:32.0626 6064 RDPCDD - ok
19:52:32.0666 6064 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\DRIVERS\rdpdr.sys
19:52:32.0720 6064 rdpdr - ok
19:52:32.0736 6064 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
19:52:32.0782 6064 RDPENCDD - ok
19:52:32.0818 6064 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
19:52:32.0864 6064 RDPWD - ok
19:52:32.0938 6064 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
19:52:32.0992 6064 RemoteAccess - ok
19:52:33.0027 6064 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
19:52:33.0084 6064 RemoteRegistry - ok
19:52:33.0147 6064 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys
19:52:33.0154 6064 Revoflt - ok
19:52:33.0200 6064 RFCOMM (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
19:52:33.0247 6064 RFCOMM - ok
19:52:33.0315 6064 RMCAST (8804bcb4383859f66ffd51f049a1d744) C:\Windows\system32\DRIVERS\RMCAST.sys
19:52:33.0338 6064 RMCAST - ok
19:52:33.0401 6064 rpcapd (9ed13880478f14900a5840ff048d174c) C:\Program Files\WinPcap\rpcapd.exe
19:52:33.0409 6064 rpcapd - ok
19:52:33.0450 6064 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
19:52:33.0479 6064 RpcLocator - ok
19:52:33.0538 6064 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
19:52:33.0560 6064 RpcSs - ok
19:52:33.0619 6064 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
19:52:33.0659 6064 rspndr - ok
19:52:33.0715 6064 RTL8169 (71b7026d61293c1e91145bdad11c53bf) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:52:33.0757 6064 RTL8169 - ok
19:52:33.0821 6064 RTSTOR (e845f4d709c456992f11d2acf321bced) C:\Windows\system32\drivers\RTSTOR.SYS
19:52:33.0866 6064 RTSTOR - ok
19:52:33.0906 6064 s115bus (e1ab463b36a7ef31d8a73a97a9b57afa) C:\Windows\system32\DRIVERS\s115bus.sys
19:52:33.0916 6064 s115bus - ok
19:52:33.0980 6064 s115mdfl (e24113fc13b8737c94cf4e3415488c76) C:\Windows\system32\DRIVERS\s115mdfl.sys
19:52:34.0023 6064 s115mdfl - ok
19:52:34.0168 6064 s115mdm (4029e49e7c673aa0670bd206b0af1b5b) C:\Windows\system32\DRIVERS\s115mdm.sys
19:52:34.0179 6064 s115mdm - ok
19:52:34.0209 6064 s115mgmt (eb02ab4ca8bccecfde236cad8fc6e135) C:\Windows\system32\DRIVERS\s115mgmt.sys
19:52:34.0219 6064 s115mgmt - ok
19:52:34.0278 6064 s115obex (089869db9ffd2ac807fa87fe82ac7761) C:\Windows\system32\DRIVERS\s115obex.sys
19:52:34.0289 6064 s115obex - ok
19:52:34.0338 6064 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:52:34.0350 6064 SamSs - ok
19:52:34.0383 6064 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:52:34.0395 6064 sbp2port - ok
19:52:34.0439 6064 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
19:52:34.0492 6064 SCardSvr - ok
19:52:34.0557 6064 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
19:52:34.0593 6064 Schedule - ok
19:52:34.0641 6064 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
19:52:34.0682 6064 SCPolicySvc - ok
19:52:34.0710 6064 SDRSVC (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
19:52:34.0747 6064 SDRSVC - ok
19:52:34.0801 6064 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:52:34.0840 6064 secdrv - ok
19:52:34.0864 6064 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
19:52:34.0905 6064 seclogon - ok
19:52:34.0945 6064 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
19:52:34.0982 6064 seehcri - ok
19:52:35.0012 6064 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\System32\sens.dll
19:52:35.0065 6064 SENS - ok
19:52:35.0089 6064 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:52:35.0139 6064 Serenum - ok
19:52:35.0173 6064 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:52:35.0248 6064 Serial - ok
19:52:35.0304 6064 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
19:52:35.0328 6064 sermouse - ok
19:52:35.0372 6064 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
19:52:35.0437 6064 SessionEnv - ok
19:52:35.0463 6064 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
19:52:35.0504 6064 sffdisk - ok
19:52:35.0519 6064 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
19:52:35.0561 6064 sffp_mmc - ok
19:52:35.0588 6064 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
19:52:35.0642 6064 sffp_sd - ok
19:52:35.0658 6064 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:52:35.0711 6064 sfloppy - ok
19:52:35.0756 6064 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
19:52:35.0789 6064 SharedAccess - ok
19:52:35.0822 6064 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
19:52:35.0854 6064 ShellHWDetection - ok
19:52:35.0879 6064 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
19:52:35.0888 6064 sisagp - ok
19:52:35.0910 6064 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
19:52:35.0919 6064 SiSRaid2 - ok
19:52:35.0949 6064 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
19:52:35.0960 6064 SiSRaid4 - ok
19:52:36.0054 6064 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files\Skype\Updater\Updater.exe
19:52:36.0063 6064 SkypeUpdate - ok
19:52:36.0173 6064 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
19:52:36.0373 6064 slsvc - ok
19:52:36.0428 6064 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
19:52:36.0455 6064 SLUINotify - ok
19:52:36.0513 6064 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
19:52:36.0581 6064 Smb - ok
19:52:36.0639 6064 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
19:52:36.0654 6064 SNMPTRAP - ok
19:52:36.0675 6064 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
19:52:36.0684 6064 spldr - ok
19:52:36.0708 6064 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
19:52:36.0722 6064 Spooler - ok
19:52:36.0778 6064 sptd (d390675b8ce45e5fb359338e5e649329) C:\Windows\system32\Drivers\sptd.sys
19:52:36.0779 6064 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329
19:52:36.0781 6064 sptd ( LockedFile.Multi.Generic ) - warning
19:52:36.0781 6064 sptd - detected LockedFile.Multi.Generic (1)
19:52:36.0842 6064 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
19:52:36.0872 6064 srv - ok
19:52:36.0930 6064 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
19:52:36.0977 6064 srv2 - ok
19:52:37.0026 6064 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
19:52:37.0041 6064 srvnet - ok
19:52:37.0082 6064 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
19:52:37.0127 6064 SSDPSRV - ok
19:52:37.0159 6064 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
19:52:37.0186 6064 stisvc - ok
19:52:37.0241 6064 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
19:52:37.0250 6064 swenum - ok
19:52:37.0283 6064 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
19:52:37.0338 6064 swprv - ok
19:52:37.0367 6064 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:52:37.0375 6064 Symc8xx - ok
19:52:37.0397 6064 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:52:37.0405 6064 Sym_hi - ok
19:52:37.0427 6064 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:52:37.0435 6064 Sym_u3 - ok
19:52:37.0490 6064 SysMain (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
19:52:37.0550 6064 SysMain - ok
19:52:37.0588 6064 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
19:52:37.0605 6064 TabletInputService - ok
19:52:37.0659 6064 tap0901 (34f1bcb847a924a161422f106a79b9ff) C:\Windows\system32\DRIVERS\tap0901.sys
19:52:37.0715 6064 tap0901 ( UnsignedFile.Multi.Generic ) - warning
19:52:37.0715 6064 tap0901 - detected UnsignedFile.Multi.Generic (1)
19:52:37.0757 6064 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
19:52:37.0765 6064 taphss - ok
19:52:37.0794 6064 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
19:52:37.0838 6064 TapiSrv - ok
19:52:37.0863 6064 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
19:52:37.0922 6064 TBS - ok
19:52:37.0977 6064 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
19:52:38.0061 6064 Tcpip - ok
19:52:38.0090 6064 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
19:52:38.0114 6064 Tcpip6 - ok
19:52:38.0180 6064 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
19:52:38.0237 6064 tcpipreg - ok
19:52:38.0266 6064 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
19:52:38.0320 6064 TDPIPE - ok
19:52:38.0349 6064 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
19:52:38.0392 6064 TDTCP - ok
19:52:38.0411 6064 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
19:52:38.0452 6064 tdx - ok
19:52:38.0475 6064 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
19:52:38.0483 6064 TermDD - ok
19:52:38.0535 6064 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
19:52:38.0590 6064 TermService - ok
19:52:38.0632 6064 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
19:52:38.0648 6064 Themes - ok
19:52:38.0688 6064 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
19:52:38.0728 6064 THREADORDER - ok
19:52:38.0791 6064 TimerStop (6a4e028caa0723b293b26cd3a55a888b) C:\Windows\system32\timerstop.sys
19:52:38.0798 6064 TimerStop ( UnsignedFile.Multi.Generic ) - warning
19:52:38.0798 6064 TimerStop - detected UnsignedFile.Multi.Generic (1)
19:52:38.0828 6064 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
19:52:38.0879 6064 TrkWks - ok
19:52:38.0937 6064 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
19:52:38.0964 6064 TrustedInstaller - ok
19:52:39.0022 6064 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:52:39.0075 6064 tssecsrv - ok
19:52:39.0124 6064 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
19:52:39.0136 6064 tunmp - ok
19:52:39.0192 6064 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
19:52:39.0212 6064 tunnel - ok
19:52:39.0236 6064 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
19:52:39.0245 6064 uagp35 - ok
19:52:39.0276 6064 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
19:52:39.0322 6064 udfs - ok
19:52:39.0369 6064 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
19:52:39.0383 6064 UI0Detect - ok
19:52:39.0406 6064 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
19:52:39.0417 6064 uliagpkx - ok
19:52:39.0447 6064 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
19:52:39.0461 6064 uliahci - ok
19:52:39.0489 6064 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:52:39.0500 6064 UlSata - ok
19:52:39.0524 6064 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:52:39.0537 6064 ulsata2 - ok
19:52:39.0560 6064 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
19:52:39.0601 6064 umbus - ok
19:52:39.0636 6064 UmRdpService (cfbb746c889b9223d2ac268cf283a93e) C:\Windows\System32\umrdp.dll
19:52:39.0674 6064 UmRdpService - ok
19:52:39.0710 6064 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
19:52:39.0776 6064 upnphost - ok
19:52:39.0835 6064 USBAAPL (c1ca131f4e3ed63d6bc89a35ffad4cda) C:\Windows\system32\Drivers\usbaapl.sys
19:52:39.0875 6064 USBAAPL - ok
19:52:39.0942 6064 usbaudio (f6bf998ae33e3fb6c7d27f0560f1173f) C:\Windows\system32\drivers\usbaudio.sys
19:52:39.0998 6064 usbaudio - ok
19:52:40.0038 6064 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
19:52:40.0103 6064 usbccgp - ok
19:52:40.0138 6064 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:52:40.0190 6064 usbcir - ok
19:52:40.0245 6064 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
19:52:40.0273 6064 usbehci - ok
19:52:40.0320 6064 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
19:52:40.0337 6064 usbhub - ok
19:52:40.0356 6064 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:52:40.0395 6064 usbohci - ok
19:52:40.0423 6064 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
19:52:40.0490 6064 usbprint - ok
19:52:40.0528 6064 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:52:40.0553 6064 USBSTOR - ok
19:52:40.0586 6064 usbuhci (d864735b0bfcb65440960a0b7cc1a38d) C:\Windows\system32\DRIVERS\usbuhci.sys
19:52:40.0610 6064 usbuhci - ok
19:52:40.0668 6064 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
19:52:40.0710 6064 usbvideo - ok
19:52:40.0746 6064 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
19:52:40.0799 6064 UxSms - ok
19:52:40.0840 6064 UxTuneUp (d3986793dedc6bb93db4da5a793e42ce) C:\Windows\System32\uxtuneup.dll
19:52:40.0848 6064 UxTuneUp - ok
19:52:40.0881 6064 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
19:52:40.0907 6064 vds - ok
19:52:40.0969 6064 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
19:52:41.0024 6064 vga - ok
19:52:41.0057 6064 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
19:52:41.0097 6064 VgaSave - ok
19:52:41.0124 6064 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
19:52:41.0135 6064 viaagp - ok
19:52:41.0162 6064 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
19:52:41.0215 6064 ViaC7 - ok
19:52:41.0249 6064 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
19:52:41.0256 6064 viaide - ok
19:52:41.0283 6064 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
19:52:41.0292 6064 volmgr - ok
19:52:41.0319 6064 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
19:52:41.0336 6064 volmgrx - ok
19:52:41.0377 6064 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
19:52:41.0393 6064 volsnap - ok
19:52:41.0426 6064 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
19:52:41.0436 6064 vsmraid - ok
19:52:41.0505 6064 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
19:52:41.0581 6064 VSS - ok
19:52:41.0680 6064 vvdsvc (9e8c7a7b8a98e4f6ccbbf9f88a1c111f) C:\Windows\system32\nagasoft\vjocx.dll
19:52:41.0840 6064 vvdsvc - ok
19:52:41.0902 6064 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
19:52:41.0950 6064 W32Time - ok
19:52:41.0999 6064 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:52:42.0040 6064 WacomPen - ok
19:52:42.0159 6064 wampapache (375640f39f2d613b6fdcf8c2f956205a) c:\programs\wamp\bin\apache\apache2.2.11\bin\httpd.exe
19:52:42.0183 6064 wampapache ( UnsignedFile.Multi.Generic ) - warning
19:52:42.0183 6064 wampapache - detected UnsignedFile.Multi.Generic (1)
19:52:42.0225 6064 wampmysqld - ok
19:52:42.0266 6064 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
19:52:42.0297 6064 Wanarp - ok
19:52:42.0301 6064 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
19:52:42.0311 6064 Wanarpv6 - ok
19:52:42.0375 6064 wbengine (6d2f099d4ce88777e46cb1808c87b132) C:\Windows\system32\wbengine.exe
19:52:42.0435 6064 wbengine - ok
19:52:42.0475 6064 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
19:52:42.0493 6064 wcncsvc - ok
19:52:42.0511 6064 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
19:52:42.0555 6064 WcsPlugInService - ok
19:52:42.0586 6064 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
19:52:42.0594 6064 Wd - ok
19:52:42.0653 6064 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:52:42.0680 6064 Wdf01000 - ok
19:52:42.0706 6064 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
19:52:42.0746 6064 WdiServiceHost - ok
19:52:42.0751 6064 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
19:52:42.0765 6064 WdiSystemHost - ok
19:52:42.0822 6064 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
19:52:42.0851 6064 WebClient - ok
19:52:42.0885 6064 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
19:52:42.0930 6064 Wecsvc - ok
19:52:42.0954 6064 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
19:52:43.0026 6064 wercplsupport - ok
19:52:43.0070 6064 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
19:52:43.0114 6064 WerSvc - ok
19:52:43.0119 6064 WinHttpAutoProxySvc - ok
19:52:43.0188 6064 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
19:52:43.0231 6064 Winmgmt - ok
19:52:43.0282 6064 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
19:52:43.0383 6064 WinRM - ok
19:52:43.0456 6064 Wlansvc (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
19:52:43.0553 6064 Wlansvc - ok
19:52:43.0616 6064 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:52:43.0627 6064 WmiAcpi - ok
19:52:43.0694 6064 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
19:52:43.0707 6064 wmiApSrv - ok
19:52:43.0795 6064 WMPNetworkSvc (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:52:43.0904 6064 WMPNetworkSvc - ok
19:52:44.0076 6064 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
19:52:44.0105 6064 WPCSvc - ok
19:52:44.0168 6064 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
19:52:44.0322 6064 WPDBusEnum - ok
19:52:44.0456 6064 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
19:52:44.0503 6064 WpdUsb - ok
19:52:44.0545 6064 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
19:52:44.0602 6064 ws2ifsl - ok
19:52:44.0678 6064 WSDPrintDevice (f01f25b4227ad8d717c21f25f62b43c8) C:\Windows\system32\DRIVERS\WSDPrint.sys
19:52:44.0717 6064 WSDPrintDevice - ok
19:52:44.0766 6064 WSDScan (ff6e0448dc0d2b588e9300fc474558fd) C:\Windows\system32\DRIVERS\WSDScan.sys
19:52:44.0806 6064 WSDScan - ok
19:52:44.0820 6064 WSearch - ok
19:52:44.0920 6064 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
19:52:45.0061 6064 wuauserv - ok
19:52:45.0123 6064 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:52:45.0178 6064 WUDFRd - ok
19:52:45.0221 6064 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
19:52:45.0280 6064 wudfsvc - ok
19:52:45.0311 6064 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:52:45.0480 6064 \Device\Harddisk0\DR0 - ok
19:52:45.0483 6064 Boot (0x1200) (74616604de750d65da10dd5ec44b0e52) \Device\Harddisk0\DR0\Partition0
19:52:45.0485 6064 \Device\Harddisk0\DR0\Partition0 - ok
19:52:45.0485 6064 ============================================================
19:52:45.0485 6064 Scan finished
19:52:45.0485 6064 ============================================================
19:52:45.0494 5640 Detected object count: 15
19:52:45.0494 5640 Actual detected object count: 15
19:52:59.0089 5640 Afc ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0090 5640 Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0090 5640 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
19:52:59.0090 5640 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
19:52:59.0091 5640 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0091 5640 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0093 5640 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0093 5640 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0094 5640 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0095 5640 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0096 5640 HssSrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0096 5640 HssSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0097 5640 HssTrayService ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0097 5640 HssTrayService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0098 5640 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0098 5640 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0100 5640 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0100 5640 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0101 5640 NOD32krn ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0101 5640 NOD32krn ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0102 5640 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0102 5640 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0104 5640 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:52:59.0104 5640 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:52:59.0105 5640 tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0105 5640 tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0106 5640 TimerStop ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0106 5640 TimerStop ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0107 5640 wampapache ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0107 5640 wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:51:54.0357 5628 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
19:51:54.0502 5628 ============================================================
19:51:54.0502 5628 Current date / time: 2012/04/11 19:51:54.0502
19:51:54.0502 5628 SystemInfo:
19:51:54.0502 5628
19:51:54.0502 5628 OS Version: 6.0.6000 ServicePack: 0.0
19:51:54.0502 5628 Product type: Workstation
19:51:54.0502 5628 ComputerName: SALAT-V5545
19:51:54.0502 5628 UserName: radek
19:51:54.0502 5628 Windows directory: C:\Windows
19:51:54.0502 5628 System windows directory: C:\Windows
19:51:54.0502 5628 Processor architecture: Intel x86
19:51:54.0502 5628 Number of processors: 2
19:51:54.0502 5628 Page size: 0x1000
19:51:54.0502 5628 Boot type: Normal boot
19:51:54.0502 5628 ============================================================
19:51:55.0614 5628 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:51:55.0616 5628 \Device\Harddisk0\DR0:
19:51:55.0616 5628 MBR used
19:51:55.0616 5628 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
19:51:55.0650 5628 Initialize success
19:51:55.0650 5628 ============================================================
19:52:04.0183 6064 ============================================================
19:52:04.0183 6064 Scan started
19:52:04.0183 6064 Mode: Manual; SigCheck; TDLFS;
19:52:04.0183 6064 ============================================================
19:52:06.0304 6064 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
19:52:06.0426 6064 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
19:52:06.0594 6064 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
19:52:06.0629 6064 ACPI - ok
19:52:06.0714 6064 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:52:06.0726 6064 AdobeFlashPlayerUpdateSvc - ok
19:52:06.0804 6064 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
19:52:06.0828 6064 adp94xx - ok
19:52:06.0897 6064 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
19:52:06.0912 6064 adpahci - ok
19:52:06.0936 6064 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
19:52:06.0946 6064 adpu160m - ok
19:52:06.0975 6064 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
19:52:06.0986 6064 adpu320 - ok
19:52:07.0028 6064 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
19:52:07.0136 6064 AeLookupSvc - ok
19:52:07.0208 6064 AF15BDA (639a9c2dab390769be8fa23854435876) C:\Windows\system32\Drivers\AF15BDA.sys
19:52:07.0287 6064 AF15BDA - ok
19:52:07.0351 6064 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\Windows\system32\drivers\Afc.sys
19:52:07.0377 6064 Afc ( UnsignedFile.Multi.Generic ) - warning
19:52:07.0377 6064 Afc - detected UnsignedFile.Multi.Generic (1)
19:52:07.0441 6064 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
19:52:07.0516 6064 AFD - ok
19:52:07.0563 6064 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
19:52:07.0574 6064 agp440 - ok
19:52:07.0616 6064 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:52:07.0627 6064 aic78xx - ok
19:52:07.0827 6064 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common files\akamai/netsession_win_6c825ce.dll
19:52:07.0827 6064 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7
19:52:07.0834 6064 Akamai ( HiddenFile.Multi.Generic ) - warning
19:52:07.0834 6064 Akamai - detected HiddenFile.Multi.Generic (1)
19:52:08.0163 6064 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
19:52:08.0216 6064 ALG - ok
19:52:08.0274 6064 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
19:52:08.0281 6064 aliide - ok
19:52:08.0315 6064 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
19:52:08.0326 6064 amdagp - ok
19:52:08.0342 6064 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
19:52:08.0352 6064 amdide - ok
19:52:08.0379 6064 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
19:52:08.0426 6064 AmdK7 - ok
19:52:08.0452 6064 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
19:52:08.0510 6064 AmdK8 - ok
19:52:08.0585 6064 AMON (687c3f2e78aeb209ade1cc265a2560bb) C:\Windows\system32\drivers\amon.sys
19:52:08.0627 6064 AMON - ok
19:52:08.0719 6064 AMService - ok
19:52:08.0803 6064 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
19:52:08.0866 6064 Appinfo - ok
19:52:09.0022 6064 Apple Mobile Device (a8aa9d47f971570a5162b862b80f87e8) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
19:52:09.0047 6064 Apple Mobile Device - ok
19:52:09.0237 6064 AppMgmt (051e86735b71e8402aebc1d662f26ba2) C:\Windows\System32\appmgmts.dll
19:52:09.0285 6064 AppMgmt - ok
19:52:09.0361 6064 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
19:52:09.0371 6064 arc - ok
19:52:09.0409 6064 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
19:52:09.0419 6064 arcsas - ok
19:52:09.0471 6064 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
19:52:09.0528 6064 AsyncMac - ok
19:52:09.0575 6064 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
19:52:09.0583 6064 atapi - ok
19:52:09.0655 6064 Ati External Event Utility (4604db6d5eca6362873cc3a76d2204ba) C:\Windows\system32\Ati2evxx.exe
19:52:09.0768 6064 Ati External Event Utility - ok
19:52:09.0927 6064 atikmdag (47dcf5d78c395159d72c65c25129fc44) C:\Windows\system32\DRIVERS\atikmdag.sys
19:52:10.0249 6064 atikmdag - ok
19:52:10.0323 6064 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
19:52:10.0403 6064 AudioEndpointBuilder - ok
19:52:10.0444 6064 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
19:52:10.0486 6064 Audiosrv - ok
19:52:10.0548 6064 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
19:52:10.0605 6064 Beep - ok
19:52:10.0693 6064 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\System32\qmgr.dll
19:52:10.0776 6064 BITS - ok
19:52:10.0806 6064 blbdrive - ok
19:52:10.0896 6064 Bonjour Service (9efe4236f8670846b6e7c5b0eff6e715) C:\Program Files\Bonjour\mDNSResponder.exe
19:52:10.0910 6064 Bonjour Service - ok
19:52:10.0967 6064 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
19:52:11.0025 6064 bowser - ok
19:52:11.0071 6064 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:52:11.0129 6064 BrFiltLo - ok
19:52:11.0154 6064 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:52:11.0223 6064 BrFiltUp - ok
19:52:11.0271 6064 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
19:52:11.0330 6064 Browser - ok
19:52:11.0378 6064 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:52:11.0437 6064 Brserid - ok
19:52:11.0478 6064 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:52:11.0546 6064 BrSerWdm - ok
19:52:11.0583 6064 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:52:11.0632 6064 BrUsbMdm - ok
19:52:11.0661 6064 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:52:11.0735 6064 BrUsbSer - ok
19:52:11.0801 6064 BTCFilterService (4813df77ede536a52e3737971f910baa) C:\Windows\system32\DRIVERS\motfilt.sys
19:52:11.0871 6064 BTCFilterService - ok
19:52:11.0942 6064 BthEnum (cf97c2d6a011ee9403b42191b5f95ba8) C:\Windows\system32\DRIVERS\BthEnum.sys
19:52:11.0982 6064 BthEnum - ok
19:52:12.0034 6064 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\DRIVERS\bthmodem.sys
19:52:12.0089 6064 BTHMODEM - ok
19:52:12.0130 6064 BthPan (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
19:52:12.0188 6064 BthPan - ok
19:52:12.0254 6064 BTHPORT (b4ce8000aab30a9ab16cd0fb3db4d7cf) C:\Windows\system32\Drivers\BTHport.sys
19:52:12.0285 6064 BTHPORT - ok
19:52:12.0346 6064 BthServ (58ee7f5e68310bc8d4e7cebd8358c12e) C:\Windows\System32\bthserv.dll
19:52:12.0423 6064 BthServ - ok
19:52:12.0468 6064 BTHUSB (9a4ddc8544c1459aa2a118a8858dade3) C:\Windows\system32\Drivers\BTHUSB.sys
19:52:12.0493 6064 BTHUSB - ok
19:52:12.0542 6064 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
19:52:12.0591 6064 cdfs - ok
19:52:12.0629 6064 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
19:52:12.0672 6064 cdrom - ok
19:52:12.0704 6064 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
19:52:12.0762 6064 CertPropSvc - ok
19:52:12.0788 6064 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
19:52:12.0837 6064 circlass - ok
19:52:12.0881 6064 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
19:52:12.0895 6064 CLFS - ok
19:52:12.0987 6064 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:52:12.0998 6064 clr_optimization_v2.0.50727_32 - ok
19:52:13.0039 6064 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
19:52:13.0064 6064 CmBatt - ok
19:52:13.0107 6064 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
19:52:13.0115 6064 cmdide - ok
19:52:13.0269 6064 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
19:52:13.0278 6064 Compbatt - ok
19:52:13.0290 6064 COMSysApp - ok
19:52:13.0308 6064 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
19:52:13.0318 6064 crcdisk - ok
19:52:13.0348 6064 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
19:52:13.0401 6064 Crusoe - ok
19:52:13.0453 6064 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
19:52:13.0505 6064 CryptSvc - ok
19:52:13.0553 6064 CSC (ee95a5f89766f199557e5900ce6b2d7d) C:\Windows\system32\drivers\csc.sys
19:52:13.0586 6064 CSC - ok
19:52:13.0654 6064 CscService (68131a9a8e3f0ab5136bf386f02a3fc7) C:\Windows\System32\cscsvc.dll
19:52:13.0704 6064 CscService - ok
19:52:13.0778 6064 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
19:52:13.0884 6064 DcomLaunch - ok
19:52:14.0002 6064 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
19:52:14.0047 6064 DfsC - ok
19:52:14.0167 6064 DFSR (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
19:52:14.0328 6064 DFSR - ok
19:52:14.0399 6064 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
19:52:14.0458 6064 Dhcp - ok
19:52:14.0517 6064 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
19:52:14.0528 6064 disk - ok
19:52:14.0572 6064 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
19:52:14.0603 6064 Dnscache - ok
19:52:14.0627 6064 dot3svc (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
19:52:14.0679 6064 dot3svc - ok
19:52:14.0728 6064 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
19:52:14.0754 6064 DPS - ok
19:52:14.0816 6064 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
19:52:14.0871 6064 drmkaud - ok
19:52:14.0914 6064 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
19:52:14.0983 6064 DXGKrnl - ok
19:52:15.0045 6064 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:52:15.0104 6064 E1G60 - ok
19:52:15.0155 6064 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
19:52:15.0212 6064 EapHost - ok
19:52:15.0266 6064 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
19:52:15.0278 6064 Ecache - ok
19:52:15.0344 6064 ehRecvr (b4580122b0a7b263b6ee9acba69c8013) C:\Windows\ehome\ehRecvr.exe
19:52:15.0395 6064 ehRecvr - ok
19:52:15.0417 6064 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
19:52:15.0442 6064 ehSched - ok
19:52:15.0475 6064 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
19:52:15.0499 6064 ehstart - ok
19:52:15.0587 6064 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
19:52:15.0597 6064 ElbyCDFL - ok
19:52:15.0637 6064 ElbyCDIO (44996a2addd2db7454f2ca40b67d8941) C:\Windows\system32\Drivers\ElbyCDIO.sys
19:52:15.0647 6064 ElbyCDIO - ok
19:52:15.0696 6064 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
19:52:15.0716 6064 elxstor - ok
19:52:15.0780 6064 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
19:52:15.0866 6064 EMDMgmt - ok
19:52:15.0956 6064 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
19:52:15.0979 6064 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
19:52:15.0980 6064 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
19:52:16.0136 6064 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
19:52:16.0166 6064 EventSystem - ok
19:52:16.0226 6064 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
19:52:16.0317 6064 fastfat - ok
19:52:16.0390 6064 Fax (93f75490b02033df8edf4d7089c7e1d8) C:\Windows\system32\fxssvc.exe
19:52:16.0466 6064 Fax - ok
19:52:16.0535 6064 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
19:52:16.0585 6064 fdc - ok
19:52:16.0653 6064 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
19:52:16.0707 6064 fdPHost - ok
19:52:16.0730 6064 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
19:52:16.0784 6064 FDResPub - ok
19:52:16.0828 6064 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
19:52:16.0837 6064 FileInfo - ok
19:52:16.0862 6064 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
19:52:16.0901 6064 Filetrace - ok
19:52:17.0058 6064 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MSI\MAGIX\Common\Database\bin\fbserver.exe
19:52:17.0291 6064 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
19:52:17.0291 6064 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
19:52:17.0374 6064 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:52:17.0448 6064 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
19:52:17.0448 6064 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
19:52:17.0618 6064 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
19:52:17.0778 6064 flpydisk - ok
19:52:17.0837 6064 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
19:52:17.0849 6064 FltMgr - ok
19:52:17.0928 6064 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:52:17.0938 6064 FontCache3.0.0.0 - ok
19:52:17.0980 6064 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
19:52:18.0001 6064 Fs_Rec - ok
19:52:18.0026 6064 fvevol (06a1cf72fbe3b50035fbff428c8d84b4) C:\Windows\system32\DRIVERS\fvevol.sys
19:52:18.0036 6064 fvevol - ok
19:52:18.0062 6064 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
19:52:18.0070 6064 gagp30kx - ok
19:52:18.0144 6064 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\Windows\system32\Drivers\GEARAspiWDM.sys
19:52:18.0152 6064 GEARAspiWDM - ok
19:52:18.0219 6064 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
19:52:18.0225 6064 ggflt - ok
19:52:18.0245 6064 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
19:52:18.0251 6064 ggsemc - ok
19:52:18.0375 6064 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
19:52:18.0515 6064 gpsvc - ok
19:52:18.0641 6064 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:18.0651 6064 gupdate - ok
19:52:18.0672 6064 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:18.0679 6064 gupdatem - ok
19:52:18.0736 6064 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:52:18.0746 6064 gusvc - ok
19:52:18.0914 6064 hamachi (7929a161f9951d173ca9900fe7067391) C:\Windows\system32\DRIVERS\hamachi.sys
19:52:18.0920 6064 hamachi - ok
19:52:18.0979 6064 HdAudAddService (743e5199a34101a3ee444df5f74d0311) C:\Windows\system32\drivers\CHDART.sys
19:52:19.0023 6064 HdAudAddService - ok
19:52:19.0066 6064 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:52:19.0089 6064 HDAudBus - ok
19:52:19.0126 6064 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\DRIVERS\hidbth.sys
19:52:19.0184 6064 HidBth - ok
19:52:19.0211 6064 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:52:19.0277 6064 HidIr - ok
19:52:19.0333 6064 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
19:52:19.0385 6064 hidserv - ok
19:52:19.0417 6064 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
19:52:19.0470 6064 HidUsb - ok
19:52:19.0492 6064 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
19:52:19.0565 6064 hkmsvc - ok
19:52:19.0606 6064 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
19:52:19.0614 6064 HpCISSs - ok
19:52:19.0663 6064 HssDrv (30858b2d6dc0d8ed044dc28011ade6a2) C:\Windows\system32\DRIVERS\HssDrv.sys
19:52:19.0670 6064 HssDrv - ok
19:52:19.0792 6064 HssSrv (d5687c8c02df0eb4687b044a10df5cb4) C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
19:52:19.0832 6064 HssSrv ( UnsignedFile.Multi.Generic ) - warning
19:52:19.0832 6064 HssSrv - detected UnsignedFile.Multi.Generic (1)
19:52:19.0888 6064 HssTrayService (e77759a567c903fa719a4396135c7373) C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
19:52:19.0913 6064 HssTrayService ( UnsignedFile.Multi.Generic ) - warning
19:52:19.0913 6064 HssTrayService - detected UnsignedFile.Multi.Generic (1)
19:52:20.0095 6064 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
19:52:20.0136 6064 HTTP - ok
19:52:20.0226 6064 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
19:52:20.0236 6064 i2omp - ok
19:52:20.0309 6064 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
19:52:20.0347 6064 i8042prt - ok
19:52:20.0382 6064 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
19:52:20.0398 6064 iaStorV - ok
19:52:20.0514 6064 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:52:20.0537 6064 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:52:20.0537 6064 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:52:20.0631 6064 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:52:20.0699 6064 idsvc - ok
19:52:20.0778 6064 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:52:20.0789 6064 iirsp - ok
19:52:20.0852 6064 IKEEXT (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
19:52:20.0916 6064 IKEEXT - ok
19:52:20.0961 6064 intelide (988981c840084f480ba9e3319cebde1b) C:\Windows\system32\drivers\intelide.sys
19:52:20.0972 6064 intelide - ok
19:52:21.0019 6064 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
19:52:21.0073 6064 intelppm - ok
19:52:21.0114 6064 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
19:52:21.0174 6064 IPBusEnum - ok
19:52:21.0202 6064 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:52:21.0253 6064 IpFilterDriver - ok
19:52:21.0267 6064 IpInIp - ok
19:52:21.0298 6064 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
19:52:21.0341 6064 IPMIDRV - ok
19:52:21.0383 6064 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
19:52:21.0433 6064 IPNAT - ok
19:52:21.0526 6064 iPod Service (62937a89470af8ff172f0980ca8aefc9) C:\Program Files\iPod\bin\iPodService.exe
19:52:21.0545 6064 iPod Service - ok
19:52:21.0585 6064 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
19:52:21.0626 6064 IRENUM - ok
19:52:21.0649 6064 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
19:52:21.0656 6064 isapnp - ok
19:52:21.0686 6064 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
19:52:21.0698 6064 iScsiPrt - ok
19:52:21.0722 6064 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:52:21.0732 6064 iteatapi - ok
19:52:21.0771 6064 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:52:21.0778 6064 iteraid - ok
19:52:21.0830 6064 k750bus (fe8300320281d658a7854d5cfc02a63f) C:\Windows\system32\DRIVERS\k750bus.sys
19:52:21.0862 6064 k750bus - ok
19:52:21.0902 6064 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
19:52:21.0912 6064 kbdclass - ok
19:52:21.0936 6064 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
19:52:21.0956 6064 kbdhid - ok
19:52:21.0997 6064 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:52:22.0031 6064 KeyIso - ok
19:52:22.0078 6064 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
19:52:22.0102 6064 KSecDD - ok
19:52:22.0174 6064 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
19:52:22.0239 6064 KtmRm - ok
19:52:22.0276 6064 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\system32\srvsvc.dll
19:52:22.0346 6064 LanmanServer - ok
19:52:22.0407 6064 LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
19:52:22.0450 6064 LanmanWorkstation - ok
19:52:22.0526 6064 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
19:52:22.0580 6064 lltdio - ok
19:52:22.0621 6064 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
19:52:22.0668 6064 lltdsvc - ok
19:52:22.0692 6064 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
19:52:22.0744 6064 lmhosts - ok
19:52:22.0772 6064 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
19:52:22.0783 6064 LSI_FC - ok
19:52:22.0805 6064 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
19:52:22.0815 6064 LSI_SAS - ok
19:52:22.0853 6064 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
19:52:22.0865 6064 LSI_SCSI - ok
19:52:22.0886 6064 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
19:52:22.0936 6064 luafv - ok
19:52:22.0995 6064 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
19:52:23.0029 6064 MarvinBus - ok
19:52:23.0070 6064 Mcx2Svc (e93c1ad58e88a0846eaee10671c2a8f3) C:\Windows\system32\Mcx2Svc.dll
19:52:23.0104 6064 Mcx2Svc - ok
19:52:23.0208 6064 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
19:52:23.0242 6064 MDM ( UnsignedFile.Multi.Generic ) - warning
19:52:23.0242 6064 MDM - detected UnsignedFile.Multi.Generic (1)
19:52:23.0305 6064 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
19:52:23.0314 6064 megasas - ok
19:52:23.0369 6064 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
19:52:23.0420 6064 MMCSS - ok
19:52:23.0447 6064 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
19:52:23.0493 6064 Modem - ok
19:52:23.0746 6064 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
19:52:23.0818 6064 monitor - ok
19:52:23.0889 6064 motccgp (f4ea1193a52c8fe4b8a135e210abe546) C:\Windows\system32\DRIVERS\motccgp.sys
19:52:23.0969 6064 motccgp - ok
19:52:24.0004 6064 motccgpfl (b812da6605caf02641312f1f65c75419) C:\Windows\system32\DRIVERS\motccgpfl.sys
19:52:24.0021 6064 motccgpfl - ok
19:52:24.0049 6064 MotDev (e190ed75bcc7928143f8f2af4c34d91d) C:\Windows\system32\DRIVERS\motodrv.sys
19:52:24.0102 6064 MotDev - ok
19:52:24.0143 6064 motmodem (69814acd50a9d6d28296050ef6215d46) C:\Windows\system32\DRIVERS\motmodem.sys
19:52:24.0218 6064 motmodem - ok
19:52:24.0304 6064 MotoHelper (3bbc6c2402242401f791548aaebf3d39) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
19:52:24.0318 6064 MotoHelper - ok
19:52:24.0464 6064 MotoSwitchService (fd8c2cef7ad8b23c6714103d621fac1f) C:\Windows\system32\DRIVERS\motswch.sys
19:52:24.0499 6064 MotoSwitchService - ok
19:52:24.0532 6064 Motousbnet (ddc489d40b49f443787e7ffa75373522) C:\Windows\system32\DRIVERS\Motousbnet.sys
19:52:24.0558 6064 Motousbnet - ok
19:52:24.0630 6064 motusbdevice (f18898d418f43e74a93edc57e1f28bc9) C:\Windows\system32\DRIVERS\motusbdevice.sys
19:52:24.0673 6064 motusbdevice - ok
19:52:24.0800 6064 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
19:52:24.0809 6064 mouclass - ok
19:52:24.0882 6064 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
19:52:24.0905 6064 mouhid - ok
19:52:24.0942 6064 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
19:52:24.0952 6064 MountMgr - ok
19:52:24.0987 6064 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
19:52:24.0998 6064 mpio - ok
19:52:25.0037 6064 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
19:52:25.0076 6064 mpsdrv - ok
19:52:25.0116 6064 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:52:25.0126 6064 Mraid35x - ok
19:52:25.0178 6064 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
19:52:25.0233 6064 MRxDAV - ok
19:52:25.0290 6064 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:52:25.0320 6064 mrxsmb - ok
19:52:25.0361 6064 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:52:25.0390 6064 mrxsmb10 - ok
19:52:25.0458 6064 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:52:25.0488 6064 mrxsmb20 - ok
19:52:25.0545 6064 msahci (b2efb263600314babcf9dadb1cbba994) C:\Windows\system32\drivers\msahci.sys
19:52:25.0554 6064 msahci - ok
19:52:25.0605 6064 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
19:52:25.0615 6064 msdsm - ok
19:52:25.0652 6064 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
19:52:25.0685 6064 MSDTC - ok
19:52:25.0721 6064 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
19:52:25.0764 6064 Msfs - ok
19:52:25.0808 6064 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
19:52:25.0817 6064 msisadrv - ok
19:52:25.0858 6064 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
19:52:25.0921 6064 MSiSCSI - ok
19:52:25.0938 6064 msiserver - ok
19:52:25.0965 6064 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
19:52:26.0017 6064 MSKSSRV - ok
19:52:26.0059 6064 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
19:52:26.0126 6064 MSPCLOCK - ok
19:52:26.0143 6064 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
19:52:26.0217 6064 MSPQM - ok
19:52:26.0249 6064 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
19:52:26.0261 6064 MsRPC - ok
19:52:26.0290 6064 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
19:52:26.0300 6064 mssmbios - ok
19:52:26.0314 6064 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
19:52:26.0394 6064 MSTEE - ok
19:52:26.0433 6064 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
19:52:26.0441 6064 Mup - ok
19:52:26.0483 6064 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
19:52:26.0539 6064 napagent - ok
19:52:26.0590 6064 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
19:52:26.0628 6064 NativeWifiP - ok
19:52:26.0690 6064 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
19:52:26.0710 6064 NDIS - ok
19:52:26.0760 6064 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
19:52:26.0790 6064 NdisTapi - ok
19:52:26.0832 6064 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
19:52:26.0871 6064 Ndisuio - ok
19:52:26.0893 6064 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
19:52:26.0952 6064 NdisWan - ok
19:52:26.0992 6064 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
19:52:27.0013 6064 NDProxy - ok
19:52:27.0046 6064 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
19:52:27.0086 6064 NetBIOS - ok
19:52:27.0115 6064 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
19:52:27.0161 6064 netbt - ok
19:52:27.0207 6064 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:52:27.0219 6064 Netlogon - ok
19:52:27.0264 6064 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
19:52:27.0330 6064 Netman - ok
19:52:27.0360 6064 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
19:52:27.0406 6064 netprofm - ok
19:52:27.0477 6064 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:52:27.0486 6064 NetTcpPortSharing - ok
19:52:27.0610 6064 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
19:52:27.0774 6064 NETw4v32 - ok
19:52:27.0816 6064 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:52:27.0824 6064 nfrd960 - ok
19:52:27.0868 6064 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
19:52:27.0921 6064 NlaSvc - ok
19:52:27.0973 6064 NMIndexingService - ok
19:52:28.0036 6064 nod32drv (b4ea8cba9a69d0921b7bd89c8cf9e032) C:\Windows\system32\drivers\nod32drv.sys
19:52:28.0044 6064 nod32drv - ok
19:52:28.0096 6064 NOD32krn (7da9d9593081cb76fccdab3f14438370) C:\Program Files\Eset\nod32krn.exe
19:52:28.0126 6064 NOD32krn ( UnsignedFile.Multi.Generic ) - warning
19:52:28.0126 6064 NOD32krn - detected UnsignedFile.Multi.Generic (1)
19:52:28.0173 6064 NPF (b15e0180c43d8b5219196d76878cc2dd) C:\Windows\system32\drivers\npf.sys
19:52:28.0182 6064 NPF - ok
19:52:28.0214 6064 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
19:52:28.0268 6064 Npfs - ok
19:52:28.0297 6064 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
19:52:28.0352 6064 nsi - ok
19:52:28.0380 6064 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
19:52:28.0446 6064 nsiproxy - ok
19:52:28.0552 6064 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
19:52:28.0618 6064 Ntfs - ok
19:52:28.0645 6064 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:52:28.0695 6064 ntrigdigi - ok
19:52:28.0726 6064 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
19:52:28.0782 6064 Null - ok
19:52:28.0993 6064 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
19:52:29.0003 6064 nvraid - ok
19:52:29.0032 6064 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
19:52:29.0040 6064 nvstor - ok
19:52:29.0062 6064 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
19:52:29.0073 6064 nv_agp - ok
19:52:29.0087 6064 NwlnkFlt - ok
19:52:29.0105 6064 NwlnkFwd - ok
19:52:29.0241 6064 odserv (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:52:29.0265 6064 odserv - ok
19:52:29.0323 6064 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
19:52:29.0365 6064 ohci1394 - ok
19:52:29.0523 6064 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:29.0533 6064 ose - ok
19:52:29.0678 6064 p2pimsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:52:29.0768 6064 p2pimsvc - ok
19:52:29.0781 6064 p2psvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:52:29.0804 6064 p2psvc - ok
19:52:29.0901 6064 PAC207 (dca942c0a19a0ad2abcd9acf94eb4b10) C:\Windows\system32\DRIVERS\PFC027.SYS
19:52:29.0949 6064 PAC207 - ok
19:52:30.0016 6064 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:52:30.0071 6064 Parport - ok
19:52:30.0102 6064 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
19:52:30.0110 6064 partmgr - ok
19:52:30.0133 6064 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:52:30.0186 6064 Parvdm - ok
19:52:30.0222 6064 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
19:52:30.0277 6064 PcaSvc - ok
19:52:30.0304 6064 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
19:52:30.0314 6064 pci - ok
19:52:30.0337 6064 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
19:52:30.0346 6064 pciide - ok
19:52:30.0380 6064 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:52:30.0395 6064 pcmcia - ok
19:52:30.0444 6064 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:52:30.0558 6064 PEAUTH - ok
19:52:30.0622 6064 pfc (957b82ec80ad7ead64e5e47df6b0dc40) C:\Windows\system32\drivers\pfc.sys
19:52:30.0627 6064 pfc ( UnsignedFile.Multi.Generic ) - warning
19:52:30.0627 6064 pfc - detected UnsignedFile.Multi.Generic (1)
19:52:30.0710 6064 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
19:52:30.0868 6064 pla - ok
19:52:30.0906 6064 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
19:52:30.0932 6064 PlugPlay - ok
19:52:30.0978 6064 PNRPAutoReg (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:52:31.0001 6064 PNRPAutoReg - ok
19:52:31.0067 6064 PNRPsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:52:31.0090 6064 PNRPsvc - ok
19:52:31.0164 6064 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
19:52:31.0213 6064 PolicyAgent - ok
19:52:31.0304 6064 PptpMiniport (6c359ac71d7b550a0d41f9db4563ce05) C:\Windows\system32\DRIVERS\raspptp.sys
19:52:31.0344 6064 PptpMiniport - ok
19:52:31.0363 6064 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
19:52:31.0405 6064 Processor - ok
19:52:31.0456 6064 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
19:52:31.0531 6064 ProfSvc - ok
19:52:31.0572 6064 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:52:31.0584 6064 ProtectedStorage - ok
19:52:31.0638 6064 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
19:52:31.0661 6064 PSched - ok
19:52:31.0706 6064 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
19:52:31.0715 6064 PxHelp20 - ok
19:52:31.0782 6064 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
19:52:31.0853 6064 ql2300 - ok
19:52:31.0891 6064 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:52:31.0902 6064 ql40xx - ok
19:52:31.0947 6064 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
19:52:31.0982 6064 QWAVE - ok
19:52:32.0008 6064 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
19:52:32.0033 6064 QWAVEdrv - ok
19:52:32.0057 6064 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
19:52:32.0107 6064 RasAcd - ok
19:52:32.0136 6064 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
19:52:32.0179 6064 RasAuto - ok
19:52:32.0211 6064 Rasl2tp (88587dd843e2059848995b407b67f6cf) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:52:32.0269 6064 Rasl2tp - ok
19:52:32.0303 6064 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
19:52:32.0366 6064 RasMan - ok
19:52:32.0396 6064 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
19:52:32.0465 6064 RasPppoe - ok
19:52:32.0509 6064 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
19:52:32.0555 6064 rdbss - ok
19:52:32.0575 6064 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:52:32.0626 6064 RDPCDD - ok
19:52:32.0666 6064 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\DRIVERS\rdpdr.sys
19:52:32.0720 6064 rdpdr - ok
19:52:32.0736 6064 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
19:52:32.0782 6064 RDPENCDD - ok
19:52:32.0818 6064 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
19:52:32.0864 6064 RDPWD - ok
19:52:32.0938 6064 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
19:52:32.0992 6064 RemoteAccess - ok
19:52:33.0027 6064 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
19:52:33.0084 6064 RemoteRegistry - ok
19:52:33.0147 6064 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys
19:52:33.0154 6064 Revoflt - ok
19:52:33.0200 6064 RFCOMM (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
19:52:33.0247 6064 RFCOMM - ok
19:52:33.0315 6064 RMCAST (8804bcb4383859f66ffd51f049a1d744) C:\Windows\system32\DRIVERS\RMCAST.sys
19:52:33.0338 6064 RMCAST - ok
19:52:33.0401 6064 rpcapd (9ed13880478f14900a5840ff048d174c) C:\Program Files\WinPcap\rpcapd.exe
19:52:33.0409 6064 rpcapd - ok
19:52:33.0450 6064 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
19:52:33.0479 6064 RpcLocator - ok
19:52:33.0538 6064 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
19:52:33.0560 6064 RpcSs - ok
19:52:33.0619 6064 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
19:52:33.0659 6064 rspndr - ok
19:52:33.0715 6064 RTL8169 (71b7026d61293c1e91145bdad11c53bf) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:52:33.0757 6064 RTL8169 - ok
19:52:33.0821 6064 RTSTOR (e845f4d709c456992f11d2acf321bced) C:\Windows\system32\drivers\RTSTOR.SYS
19:52:33.0866 6064 RTSTOR - ok
19:52:33.0906 6064 s115bus (e1ab463b36a7ef31d8a73a97a9b57afa) C:\Windows\system32\DRIVERS\s115bus.sys
19:52:33.0916 6064 s115bus - ok
19:52:33.0980 6064 s115mdfl (e24113fc13b8737c94cf4e3415488c76) C:\Windows\system32\DRIVERS\s115mdfl.sys
19:52:34.0023 6064 s115mdfl - ok
19:52:34.0168 6064 s115mdm (4029e49e7c673aa0670bd206b0af1b5b) C:\Windows\system32\DRIVERS\s115mdm.sys
19:52:34.0179 6064 s115mdm - ok
19:52:34.0209 6064 s115mgmt (eb02ab4ca8bccecfde236cad8fc6e135) C:\Windows\system32\DRIVERS\s115mgmt.sys
19:52:34.0219 6064 s115mgmt - ok
19:52:34.0278 6064 s115obex (089869db9ffd2ac807fa87fe82ac7761) C:\Windows\system32\DRIVERS\s115obex.sys
19:52:34.0289 6064 s115obex - ok
19:52:34.0338 6064 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:52:34.0350 6064 SamSs - ok
19:52:34.0383 6064 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:52:34.0395 6064 sbp2port - ok
19:52:34.0439 6064 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
19:52:34.0492 6064 SCardSvr - ok
19:52:34.0557 6064 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
19:52:34.0593 6064 Schedule - ok
19:52:34.0641 6064 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
19:52:34.0682 6064 SCPolicySvc - ok
19:52:34.0710 6064 SDRSVC (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
19:52:34.0747 6064 SDRSVC - ok
19:52:34.0801 6064 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:52:34.0840 6064 secdrv - ok
19:52:34.0864 6064 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
19:52:34.0905 6064 seclogon - ok
19:52:34.0945 6064 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
19:52:34.0982 6064 seehcri - ok
19:52:35.0012 6064 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\System32\sens.dll
19:52:35.0065 6064 SENS - ok
19:52:35.0089 6064 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:52:35.0139 6064 Serenum - ok
19:52:35.0173 6064 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:52:35.0248 6064 Serial - ok
19:52:35.0304 6064 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
19:52:35.0328 6064 sermouse - ok
19:52:35.0372 6064 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
19:52:35.0437 6064 SessionEnv - ok
19:52:35.0463 6064 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
19:52:35.0504 6064 sffdisk - ok
19:52:35.0519 6064 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
19:52:35.0561 6064 sffp_mmc - ok
19:52:35.0588 6064 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
19:52:35.0642 6064 sffp_sd - ok
19:52:35.0658 6064 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:52:35.0711 6064 sfloppy - ok
19:52:35.0756 6064 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
19:52:35.0789 6064 SharedAccess - ok
19:52:35.0822 6064 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
19:52:35.0854 6064 ShellHWDetection - ok
19:52:35.0879 6064 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
19:52:35.0888 6064 sisagp - ok
19:52:35.0910 6064 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
19:52:35.0919 6064 SiSRaid2 - ok
19:52:35.0949 6064 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
19:52:35.0960 6064 SiSRaid4 - ok
19:52:36.0054 6064 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files\Skype\Updater\Updater.exe
19:52:36.0063 6064 SkypeUpdate - ok
19:52:36.0173 6064 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
19:52:36.0373 6064 slsvc - ok
19:52:36.0428 6064 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
19:52:36.0455 6064 SLUINotify - ok
19:52:36.0513 6064 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
19:52:36.0581 6064 Smb - ok
19:52:36.0639 6064 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
19:52:36.0654 6064 SNMPTRAP - ok
19:52:36.0675 6064 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
19:52:36.0684 6064 spldr - ok
19:52:36.0708 6064 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
19:52:36.0722 6064 Spooler - ok
19:52:36.0778 6064 sptd (d390675b8ce45e5fb359338e5e649329) C:\Windows\system32\Drivers\sptd.sys
19:52:36.0779 6064 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329
19:52:36.0781 6064 sptd ( LockedFile.Multi.Generic ) - warning
19:52:36.0781 6064 sptd - detected LockedFile.Multi.Generic (1)
19:52:36.0842 6064 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
19:52:36.0872 6064 srv - ok
19:52:36.0930 6064 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
19:52:36.0977 6064 srv2 - ok
19:52:37.0026 6064 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
19:52:37.0041 6064 srvnet - ok
19:52:37.0082 6064 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
19:52:37.0127 6064 SSDPSRV - ok
19:52:37.0159 6064 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
19:52:37.0186 6064 stisvc - ok
19:52:37.0241 6064 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
19:52:37.0250 6064 swenum - ok
19:52:37.0283 6064 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
19:52:37.0338 6064 swprv - ok
19:52:37.0367 6064 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:52:37.0375 6064 Symc8xx - ok
19:52:37.0397 6064 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:52:37.0405 6064 Sym_hi - ok
19:52:37.0427 6064 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:52:37.0435 6064 Sym_u3 - ok
19:52:37.0490 6064 SysMain (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
19:52:37.0550 6064 SysMain - ok
19:52:37.0588 6064 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
19:52:37.0605 6064 TabletInputService - ok
19:52:37.0659 6064 tap0901 (34f1bcb847a924a161422f106a79b9ff) C:\Windows\system32\DRIVERS\tap0901.sys
19:52:37.0715 6064 tap0901 ( UnsignedFile.Multi.Generic ) - warning
19:52:37.0715 6064 tap0901 - detected UnsignedFile.Multi.Generic (1)
19:52:37.0757 6064 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
19:52:37.0765 6064 taphss - ok
19:52:37.0794 6064 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
19:52:37.0838 6064 TapiSrv - ok
19:52:37.0863 6064 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
19:52:37.0922 6064 TBS - ok
19:52:37.0977 6064 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
19:52:38.0061 6064 Tcpip - ok
19:52:38.0090 6064 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
19:52:38.0114 6064 Tcpip6 - ok
19:52:38.0180 6064 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
19:52:38.0237 6064 tcpipreg - ok
19:52:38.0266 6064 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
19:52:38.0320 6064 TDPIPE - ok
19:52:38.0349 6064 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
19:52:38.0392 6064 TDTCP - ok
19:52:38.0411 6064 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
19:52:38.0452 6064 tdx - ok
19:52:38.0475 6064 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
19:52:38.0483 6064 TermDD - ok
19:52:38.0535 6064 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
19:52:38.0590 6064 TermService - ok
19:52:38.0632 6064 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
19:52:38.0648 6064 Themes - ok
19:52:38.0688 6064 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
19:52:38.0728 6064 THREADORDER - ok
19:52:38.0791 6064 TimerStop (6a4e028caa0723b293b26cd3a55a888b) C:\Windows\system32\timerstop.sys
19:52:38.0798 6064 TimerStop ( UnsignedFile.Multi.Generic ) - warning
19:52:38.0798 6064 TimerStop - detected UnsignedFile.Multi.Generic (1)
19:52:38.0828 6064 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
19:52:38.0879 6064 TrkWks - ok
19:52:38.0937 6064 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
19:52:38.0964 6064 TrustedInstaller - ok
19:52:39.0022 6064 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:52:39.0075 6064 tssecsrv - ok
19:52:39.0124 6064 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
19:52:39.0136 6064 tunmp - ok
19:52:39.0192 6064 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
19:52:39.0212 6064 tunnel - ok
19:52:39.0236 6064 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
19:52:39.0245 6064 uagp35 - ok
19:52:39.0276 6064 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
19:52:39.0322 6064 udfs - ok
19:52:39.0369 6064 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
19:52:39.0383 6064 UI0Detect - ok
19:52:39.0406 6064 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
19:52:39.0417 6064 uliagpkx - ok
19:52:39.0447 6064 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
19:52:39.0461 6064 uliahci - ok
19:52:39.0489 6064 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:52:39.0500 6064 UlSata - ok
19:52:39.0524 6064 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:52:39.0537 6064 ulsata2 - ok
19:52:39.0560 6064 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
19:52:39.0601 6064 umbus - ok
19:52:39.0636 6064 UmRdpService (cfbb746c889b9223d2ac268cf283a93e) C:\Windows\System32\umrdp.dll
19:52:39.0674 6064 UmRdpService - ok
19:52:39.0710 6064 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
19:52:39.0776 6064 upnphost - ok
19:52:39.0835 6064 USBAAPL (c1ca131f4e3ed63d6bc89a35ffad4cda) C:\Windows\system32\Drivers\usbaapl.sys
19:52:39.0875 6064 USBAAPL - ok
19:52:39.0942 6064 usbaudio (f6bf998ae33e3fb6c7d27f0560f1173f) C:\Windows\system32\drivers\usbaudio.sys
19:52:39.0998 6064 usbaudio - ok
19:52:40.0038 6064 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
19:52:40.0103 6064 usbccgp - ok
19:52:40.0138 6064 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:52:40.0190 6064 usbcir - ok
19:52:40.0245 6064 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
19:52:40.0273 6064 usbehci - ok
19:52:40.0320 6064 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
19:52:40.0337 6064 usbhub - ok
19:52:40.0356 6064 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:52:40.0395 6064 usbohci - ok
19:52:40.0423 6064 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
19:52:40.0490 6064 usbprint - ok
19:52:40.0528 6064 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:52:40.0553 6064 USBSTOR - ok
19:52:40.0586 6064 usbuhci (d864735b0bfcb65440960a0b7cc1a38d) C:\Windows\system32\DRIVERS\usbuhci.sys
19:52:40.0610 6064 usbuhci - ok
19:52:40.0668 6064 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
19:52:40.0710 6064 usbvideo - ok
19:52:40.0746 6064 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
19:52:40.0799 6064 UxSms - ok
19:52:40.0840 6064 UxTuneUp (d3986793dedc6bb93db4da5a793e42ce) C:\Windows\System32\uxtuneup.dll
19:52:40.0848 6064 UxTuneUp - ok
19:52:40.0881 6064 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
19:52:40.0907 6064 vds - ok
19:52:40.0969 6064 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
19:52:41.0024 6064 vga - ok
19:52:41.0057 6064 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
19:52:41.0097 6064 VgaSave - ok
19:52:41.0124 6064 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
19:52:41.0135 6064 viaagp - ok
19:52:41.0162 6064 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
19:52:41.0215 6064 ViaC7 - ok
19:52:41.0249 6064 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
19:52:41.0256 6064 viaide - ok
19:52:41.0283 6064 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
19:52:41.0292 6064 volmgr - ok
19:52:41.0319 6064 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
19:52:41.0336 6064 volmgrx - ok
19:52:41.0377 6064 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
19:52:41.0393 6064 volsnap - ok
19:52:41.0426 6064 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
19:52:41.0436 6064 vsmraid - ok
19:52:41.0505 6064 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
19:52:41.0581 6064 VSS - ok
19:52:41.0680 6064 vvdsvc (9e8c7a7b8a98e4f6ccbbf9f88a1c111f) C:\Windows\system32\nagasoft\vjocx.dll
19:52:41.0840 6064 vvdsvc - ok
19:52:41.0902 6064 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
19:52:41.0950 6064 W32Time - ok
19:52:41.0999 6064 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:52:42.0040 6064 WacomPen - ok
19:52:42.0159 6064 wampapache (375640f39f2d613b6fdcf8c2f956205a) c:\programs\wamp\bin\apache\apache2.2.11\bin\httpd.exe
19:52:42.0183 6064 wampapache ( UnsignedFile.Multi.Generic ) - warning
19:52:42.0183 6064 wampapache - detected UnsignedFile.Multi.Generic (1)
19:52:42.0225 6064 wampmysqld - ok
19:52:42.0266 6064 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
19:52:42.0297 6064 Wanarp - ok
19:52:42.0301 6064 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
19:52:42.0311 6064 Wanarpv6 - ok
19:52:42.0375 6064 wbengine (6d2f099d4ce88777e46cb1808c87b132) C:\Windows\system32\wbengine.exe
19:52:42.0435 6064 wbengine - ok
19:52:42.0475 6064 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
19:52:42.0493 6064 wcncsvc - ok
19:52:42.0511 6064 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
19:52:42.0555 6064 WcsPlugInService - ok
19:52:42.0586 6064 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
19:52:42.0594 6064 Wd - ok
19:52:42.0653 6064 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:52:42.0680 6064 Wdf01000 - ok
19:52:42.0706 6064 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
19:52:42.0746 6064 WdiServiceHost - ok
19:52:42.0751 6064 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
19:52:42.0765 6064 WdiSystemHost - ok
19:52:42.0822 6064 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
19:52:42.0851 6064 WebClient - ok
19:52:42.0885 6064 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
19:52:42.0930 6064 Wecsvc - ok
19:52:42.0954 6064 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
19:52:43.0026 6064 wercplsupport - ok
19:52:43.0070 6064 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
19:52:43.0114 6064 WerSvc - ok
19:52:43.0119 6064 WinHttpAutoProxySvc - ok
19:52:43.0188 6064 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
19:52:43.0231 6064 Winmgmt - ok
19:52:43.0282 6064 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
19:52:43.0383 6064 WinRM - ok
19:52:43.0456 6064 Wlansvc (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
19:52:43.0553 6064 Wlansvc - ok
19:52:43.0616 6064 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:52:43.0627 6064 WmiAcpi - ok
19:52:43.0694 6064 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
19:52:43.0707 6064 wmiApSrv - ok
19:52:43.0795 6064 WMPNetworkSvc (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:52:43.0904 6064 WMPNetworkSvc - ok
19:52:44.0076 6064 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
19:52:44.0105 6064 WPCSvc - ok
19:52:44.0168 6064 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
19:52:44.0322 6064 WPDBusEnum - ok
19:52:44.0456 6064 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
19:52:44.0503 6064 WpdUsb - ok
19:52:44.0545 6064 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
19:52:44.0602 6064 ws2ifsl - ok
19:52:44.0678 6064 WSDPrintDevice (f01f25b4227ad8d717c21f25f62b43c8) C:\Windows\system32\DRIVERS\WSDPrint.sys
19:52:44.0717 6064 WSDPrintDevice - ok
19:52:44.0766 6064 WSDScan (ff6e0448dc0d2b588e9300fc474558fd) C:\Windows\system32\DRIVERS\WSDScan.sys
19:52:44.0806 6064 WSDScan - ok
19:52:44.0820 6064 WSearch - ok
19:52:44.0920 6064 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
19:52:45.0061 6064 wuauserv - ok
19:52:45.0123 6064 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:52:45.0178 6064 WUDFRd - ok
19:52:45.0221 6064 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
19:52:45.0280 6064 wudfsvc - ok
19:52:45.0311 6064 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:52:45.0480 6064 \Device\Harddisk0\DR0 - ok
19:52:45.0483 6064 Boot (0x1200) (74616604de750d65da10dd5ec44b0e52) \Device\Harddisk0\DR0\Partition0
19:52:45.0485 6064 \Device\Harddisk0\DR0\Partition0 - ok
19:52:45.0485 6064 ============================================================
19:52:45.0485 6064 Scan finished
19:52:45.0485 6064 ============================================================
19:52:45.0494 5640 Detected object count: 15
19:52:45.0494 5640 Actual detected object count: 15
19:52:59.0089 5640 Afc ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0090 5640 Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0090 5640 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
19:52:59.0090 5640 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
19:52:59.0091 5640 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0091 5640 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0093 5640 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0093 5640 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0094 5640 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0095 5640 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0096 5640 HssSrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0096 5640 HssSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0097 5640 HssTrayService ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0097 5640 HssTrayService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0098 5640 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0098 5640 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0100 5640 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0100 5640 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0101 5640 NOD32krn ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0101 5640 NOD32krn ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0102 5640 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0102 5640 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0104 5640 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:52:59.0104 5640 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:52:59.0105 5640 tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0105 5640 tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0106 5640 TimerStop ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0106 5640 TimerStop ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0107 5640 wampapache ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0107 5640 wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip
Naposledy upravil(a) vyosek dne 12 dub 2012 19:16, celkem upraveno 1 x.
Důvod: log odstranen z code
Důvod: log odstranen z code
Re: Prosím o kontrolu logu - vypínání PC
Připomínám se.
Re: Prosím o kontrolu logu - vypínání PC
Zde log, který se otevřel po restartu:Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Log z OTL je přiložený. Výsledky z VT (tučně tam, kde to našlo nějakou infekci):C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
https://www.virustotal.com/file/df72d03 ... 334273899/
C:\Windows\system32\deployJava1.dll
https://www.virustotal.com/file/2de3461 ... 334274117/
C:\Windows\system32\FlashPlayerApp.exe
https://www.virustotal.com/file/fce2fba ... 334274504/
C:\Windows\system32\FlashPlayerCPLApp.cpl
https://www.virustotal.com/file/353152e ... 334274859/
c:\program files\common files\akamai\netsession_win_6c825ce.dll
https://www.virustotal.com/file/b17a731 ... 334275086/
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
https://www.virustotal.com/file/d33a9a2 ... 334275295/
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
https://www.virustotal.com/file/6108912 ... 334275425/
C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
https://www.virustotal.com/file/c017c24 ... 334275638/
C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
https://www.virustotal.com/file/ff1b104 ... 334275926/
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
https://www.virustotal.com/file/0d70a7a ... 334276063/
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
https://www.virustotal.com/file/2f23b09 ... 334276454/
C:\Program Files\Eset\nod32krn.exe
https://www.virustotal.com/file/8e36f18 ... 334303509/
C:\Windows\system32\drivers\pfc.sys
https://www.virustotal.com/file/2485243 ... 334303975/
C:\Windows\system32\DRIVERS\tap0901.sys
https://www.virustotal.com/file/4d10383 ... 334304831/
C:\Windows\system32\timerstop.sys
https://www.virustotal.com/file/9529d01 ... 334276850/
c:\programs\wamp\bin\apache\apache2.2.11\bin\httpd.exe
https://www.virustotal.com/file/c036bf7 ... 334305094/
Flashplayer jsem myslím vždy stahoval přímo z Adobe, ale teď jak jsi to napsal, tak si vlastně uvědomuju, že se mi jednou na nějaké podezřelé stránce instalace spustila a já ji odklikl, protože jsem si myslel, že to je ten automatický update... Akamai už jsem dlouho nepoužil, před několika lety jsem ho používal na příjem streamovaného videa, ale teď už ho nepotřebuju.Btw, včera jsem měl puštěný kód v Matlabu, po 4 a půl hodinách výpočtu jsem pustil Winamp a do dvou minut se to vyplo
. Laptop se taky dost přehřívá, příští týden to někam zajdu vyčistit.- Přílohy
-
- OTL.rar
- (89.91 KiB) Staženo 27 x
Re: Prosím o kontrolu logu - vypínání PC
Posílám report z Combofixu. Píše to, že rezidentní ochrana ESET je aktivní, nevím vůbec proč, pamatuju si na 100%, že jsem ji vypínal . Vadí to?
ComboFix 12-04-13.01 - radek 14.04.2012 3:00.1.2 - x86
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1250.420.1029.18.2046.1384 [GMT 2:00]
Spuљtмnэ z: c:\users\radek\Desktop\ComboFix.exe
* Rezidentnн љtнt AV je zapnutэ
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatnн vэmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\Hotspot Shield\hssie\HsSIe.dll
c:\users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\MAILTRAN.INI
c:\users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\TRNCOM.INI
c:\users\radek\AppData\Local\EapEventserv\appHelpInterval.dll
c:\users\radek\AppData\Local\Microsoft\Windows\Temporary Internet Files\MAILTRAN.INI
c:\users\radek\AppData\Local\Microsoft\Windows\Temporary Internet Files\TRNCOM.INI
c:\users\radek\AppData\Roaming\Microsoft\Windows\Recent\caaf.docx
c:\windows\$NtUninstallKB50272$
c:\windows\$NtUninstallKB50272$\1481612335\L\fomtmfeh
c:\windows\system32\AF15BDAEX.dll
c:\windows\system32\Nagasoft
c:\windows\system32\Nagasoft\Codecs\asyncflt.ax
c:\windows\system32\Nagasoft\Codecs\atrc.dll
c:\windows\system32\Nagasoft\Codecs\cook.dll
c:\windows\system32\Nagasoft\Codecs\drvc.dll
c:\windows\system32\Nagasoft\Codecs\raac.dll
c:\windows\system32\Nagasoft\Codecs\RealMediaSplitter.ax
c:\windows\system32\Nagasoft\Codecs\WMFDemux.dll
c:\windows\system32\Nagasoft\GifShower.dll
c:\windows\system32\Nagasoft\vjocx.dll
c:\windows\system32\spsys.log
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((((((((((((( Ovladaиe/Sluћby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AMService
-------\Service_vvdsvc
-------\Service_vvdsvc
.
.
((((((((((((((((((((((((( Soubory vytvoшenй od 2012-03-14 do 2012-04-14 )))))))))))))))))))))))))))))))
.
.
2012-04-14 01:15 . 2012-04-14 07:37 -------- d-----w- c:\users\radek\AppData\Local\temp
2012-04-12 21:57 . 2012-04-12 21:57 -------- d-----w- C:\_OTL
2012-04-11 17:36 . 2012-04-11 17:36 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-10 14:45 . 2012-04-13 00:30 512 ----a-w- C:\PhysicalMBR.bin
2012-04-10 13:36 . 2012-04-10 13:36 -------- d-----w- C:\rsit
2012-04-09 14:27 . 2012-04-14 00:35 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-29 11:56 . 2012-03-29 11:56 -------- d-----w- c:\users\radek\AppData\Roaming\pdfforge
2012-03-29 11:56 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2012-03-29 11:56 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2012-03-28 20:57 . 2012-03-28 21:00 -------- d-----w- c:\users\radek\AppData\Local\Babylon
2012-03-28 20:57 . 2011-06-20 13:41 142336 ----a-w- c:\program files\Mozilla Firefox\BabyFox.dll
2012-03-28 20:57 . 2012-03-28 20:57 -------- d-----w- c:\program files\Babylon
2012-03-28 20:57 . 2012-03-28 21:01 -------- d-----w- c:\users\radek\AppData\Roaming\Babylon
2012-03-28 20:57 . 2012-03-28 21:01 -------- d-----w- c:\programdata\Babylon
2012-03-28 20:57 . 2012-03-28 20:57 -------- d-----w- c:\program files\Pdf Editor
2012-03-28 20:57 . 2012-03-28 20:56 723294 ----a-w- c:\windows\unins000.exe
2012-03-28 20:56 . 2012-03-28 20:56 -------- d-----w- c:\program files\AVI to MP4 Converter
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr
2012-03-22 09:08 . 2012-03-14 16:23 54784 ----a-w- c:\windows\system32\pdfcmon.dll
2012-03-17 17:24 . 2012-03-17 17:24 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-03-17 17:24 . 2012-03-17 17:24 45016 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-03-17 17:24 . 2012-03-17 17:24 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-03-17 17:24 . 2012-03-17 17:24 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M vэpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 00:35 . 2011-07-11 18:01 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 17:39 . 2006-11-02 08:57 68096 ----a-w- c:\windows\system32\drivers\tdx.sys
2012-04-05 12:34 . 2010-08-15 20:33 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-02 15:01 . 2012-03-02 15:08 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2012-03-02 15:01 . 2012-03-02 15:08 93696 ----a-w- c:\windows\system32\E_FLBHAE.DLL
2012-03-02 15:01 . 2012-03-02 15:08 63488 ----a-w- c:\windows\system32\E_FD4BHAE.DLL
2012-03-17 17:24 . 2011-07-11 17:57 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouљtмcн body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznбmka* prбzdnй zбznamy a legitimnн vэchozн ъdaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-10 1232896]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-11-17 171464]
"Switcher"="c:\program files\Switcher\Switcher.exe" [2007-10-28 425984]
"Sysinternals Desktops"="c:\programs\Desktops\Desktops.exe" [2008-08-21 118824]
"Infium"="c:\program files\QIP Infium\infium.exe" [2009-03-25 5245440]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-11-16 949376]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-05-20 185896]
"UpdateReminder"="c:\program files\Eset\UpdateReminder.exe" [2011-07-18 462848]
"mumservice"="c:\program files\Motorola\Software Update\mumservice.exe" [2011-06-03 1066304]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\radek\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
c:\users\radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
C-Organizer Pro.lnk - c:\program files\C-Organizer Pro\C-OrganizerPro.exe [2008-5-13 18546688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AdobeUpdater"=c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
vvdsvc REG_MULTI_SZ vvdsvc
Akamai REG_MULTI_SZ Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
2008-08-28 08:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe
.
Obsah adresбшe 'Naplбnovanй ъlohy'
.
2012-04-13 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 20:51]
.
2012-04-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 00:35]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 21:30]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 21:30]
.
2012-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-375337239-1711731820-815350120-1000Core.job
- c:\users\radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-26 18:41]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-375337239-1711731820-815350120-1000UA.job
- c:\users\radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-26 18:41]
.
.
------- Doplтkovэ sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local;192.168.*.*;127.0.0.1:9421;
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\radek\AppData\Roaming\Mozilla\Firefox\Profiles\pvfdkeei.default\
FF - prefs.js: browser.startup.homepage - about:blank
.
- - - - NEPLATNЙ POLOЋKY ODSTRANМNЙ Z REGISTRU - - - -
.
HKCU-Run-appHelpInterval - c:\users\radek\AppData\Local\EapEventserv\appHelpInterval.dll
SafeBoot-66662549.sys
HKLM_ActiveSetup-{26AC2EC6-37B3-F6AA-28B0-9BE785507068} - C:\Windows:svhosts.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\radek\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-14 09:36
Windows 6.0.6000 NTFS
.
skenovбnн skrytэch procesщ ...
.
skenovбnн skrytэch poloћek 'Po spuљtмnн' ...
.
skenovбnн skrytэch souborщ ...
.
sken byl ъspeљnм dokonиen
skrytй soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_6c825ce.dll"
.
--------------------- ZAMKNUTЙ KLНИE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-375337239-1711731820-815350120-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{27AA0F38-7ED0-4668-C242-C72BFBAA87C9}*]
"kaeghfminbbgefcnfcmbjm"=hex:66,61,65,62,67,6e,6e,62,6f,6d,70,61,00,61
"maehlgkongfkgkmjeohcoadnln"=hex:62,61,6f,69,00,01
"kaeghfminbbgefcnfcmbgm"=hex:67,61,65,67,6c,66,6e,61,70,66,64,6b,6c,6e,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navбzanй na bмћнcн procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(576)
c:\users\radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Jinй spuљtenй procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Motorola\MotoHelper\MotoHelperService.exe
c:\program files\Eset\nod32krn.exe
c:\program files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
c:\program files\Motorola\MotoHelper\MotoHelperAgent.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkovэ иas: 2012-04-14 09:41:37 - poинtaи byl restartovбn
ComboFix-quarantined-files.txt 2012-04-14 07:41
.
Pred spustenim: Volnэch bajtщ: 12,975,071,232
Po spusteni: Volnэch bajtщ: 12,032,196,608
.
- - End Of File - - E14EFDB0B9EA5CEA9311195FC8737FE2
. Vadí to?ComboFix 12-04-13.01 - radek 14.04.2012 3:00.1.2 - x86
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1250.420.1029.18.2046.1384 [GMT 2:00]
Spuљtмnэ z: c:\users\radek\Desktop\ComboFix.exe
* Rezidentnн љtнt AV je zapnutэ
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatnн vэmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\Hotspot Shield\hssie\HsSIe.dll
c:\users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\MAILTRAN.INI
c:\users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\TRNCOM.INI
c:\users\radek\AppData\Local\EapEventserv\appHelpInterval.dll
c:\users\radek\AppData\Local\Microsoft\Windows\Temporary Internet Files\MAILTRAN.INI
c:\users\radek\AppData\Local\Microsoft\Windows\Temporary Internet Files\TRNCOM.INI
c:\users\radek\AppData\Roaming\Microsoft\Windows\Recent\caaf.docx
c:\windows\$NtUninstallKB50272$
c:\windows\$NtUninstallKB50272$\1481612335\L\fomtmfeh
c:\windows\system32\AF15BDAEX.dll
c:\windows\system32\Nagasoft
c:\windows\system32\Nagasoft\Codecs\asyncflt.ax
c:\windows\system32\Nagasoft\Codecs\atrc.dll
c:\windows\system32\Nagasoft\Codecs\cook.dll
c:\windows\system32\Nagasoft\Codecs\drvc.dll
c:\windows\system32\Nagasoft\Codecs\raac.dll
c:\windows\system32\Nagasoft\Codecs\RealMediaSplitter.ax
c:\windows\system32\Nagasoft\Codecs\WMFDemux.dll
c:\windows\system32\Nagasoft\GifShower.dll
c:\windows\system32\Nagasoft\vjocx.dll
c:\windows\system32\spsys.log
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((((((((((((( Ovladaиe/Sluћby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AMService
-------\Service_vvdsvc
-------\Service_vvdsvc
.
.
((((((((((((((((((((((((( Soubory vytvoшenй od 2012-03-14 do 2012-04-14 )))))))))))))))))))))))))))))))
.
.
2012-04-14 01:15 . 2012-04-14 07:37 -------- d-----w- c:\users\radek\AppData\Local\temp
2012-04-12 21:57 . 2012-04-12 21:57 -------- d-----w- C:\_OTL
2012-04-11 17:36 . 2012-04-11 17:36 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-10 14:45 . 2012-04-13 00:30 512 ----a-w- C:\PhysicalMBR.bin
2012-04-10 13:36 . 2012-04-10 13:36 -------- d-----w- C:\rsit
2012-04-09 14:27 . 2012-04-14 00:35 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-29 11:56 . 2012-03-29 11:56 -------- d-----w- c:\users\radek\AppData\Roaming\pdfforge
2012-03-29 11:56 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2012-03-29 11:56 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2012-03-28 20:57 . 2012-03-28 21:00 -------- d-----w- c:\users\radek\AppData\Local\Babylon
2012-03-28 20:57 . 2011-06-20 13:41 142336 ----a-w- c:\program files\Mozilla Firefox\BabyFox.dll
2012-03-28 20:57 . 2012-03-28 20:57 -------- d-----w- c:\program files\Babylon
2012-03-28 20:57 . 2012-03-28 21:01 -------- d-----w- c:\users\radek\AppData\Roaming\Babylon
2012-03-28 20:57 . 2012-03-28 21:01 -------- d-----w- c:\programdata\Babylon
2012-03-28 20:57 . 2012-03-28 20:57 -------- d-----w- c:\program files\Pdf Editor
2012-03-28 20:57 . 2012-03-28 20:56 723294 ----a-w- c:\windows\unins000.exe
2012-03-28 20:56 . 2012-03-28 20:56 -------- d-----w- c:\program files\AVI to MP4 Converter
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr
2012-03-22 09:08 . 2012-03-14 16:23 54784 ----a-w- c:\windows\system32\pdfcmon.dll
2012-03-17 17:24 . 2012-03-17 17:24 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-03-17 17:24 . 2012-03-17 17:24 45016 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-03-17 17:24 . 2012-03-17 17:24 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-03-17 17:24 . 2012-03-17 17:24 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M vэpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 00:35 . 2011-07-11 18:01 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 17:39 . 2006-11-02 08:57 68096 ----a-w- c:\windows\system32\drivers\tdx.sys
2012-04-05 12:34 . 2010-08-15 20:33 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-02 15:01 . 2012-03-02 15:08 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2012-03-02 15:01 . 2012-03-02 15:08 93696 ----a-w- c:\windows\system32\E_FLBHAE.DLL
2012-03-02 15:01 . 2012-03-02 15:08 63488 ----a-w- c:\windows\system32\E_FD4BHAE.DLL
2012-03-17 17:24 . 2011-07-11 17:57 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouљtмcн body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznбmka* prбzdnй zбznamy a legitimnн vэchozн ъdaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-10 1232896]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-11-17 171464]
"Switcher"="c:\program files\Switcher\Switcher.exe" [2007-10-28 425984]
"Sysinternals Desktops"="c:\programs\Desktops\Desktops.exe" [2008-08-21 118824]
"Infium"="c:\program files\QIP Infium\infium.exe" [2009-03-25 5245440]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-11-16 949376]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-05-20 185896]
"UpdateReminder"="c:\program files\Eset\UpdateReminder.exe" [2011-07-18 462848]
"mumservice"="c:\program files\Motorola\Software Update\mumservice.exe" [2011-06-03 1066304]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\radek\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
c:\users\radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
C-Organizer Pro.lnk - c:\program files\C-Organizer Pro\C-OrganizerPro.exe [2008-5-13 18546688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AdobeUpdater"=c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
vvdsvc REG_MULTI_SZ vvdsvc
Akamai REG_MULTI_SZ Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
2008-08-28 08:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe
.
Obsah adresбшe 'Naplбnovanй ъlohy'
.
2012-04-13 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 20:51]
.
2012-04-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 00:35]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 21:30]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 21:30]
.
2012-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-375337239-1711731820-815350120-1000Core.job
- c:\users\radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-26 18:41]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-375337239-1711731820-815350120-1000UA.job
- c:\users\radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-26 18:41]
.
.
------- Doplтkovэ sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local;192.168.*.*;127.0.0.1:9421;
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\radek\AppData\Roaming\Mozilla\Firefox\Profiles\pvfdkeei.default\
FF - prefs.js: browser.startup.homepage - about:blank
.
- - - - NEPLATNЙ POLOЋKY ODSTRANМNЙ Z REGISTRU - - - -
.
HKCU-Run-appHelpInterval - c:\users\radek\AppData\Local\EapEventserv\appHelpInterval.dll
SafeBoot-66662549.sys
HKLM_ActiveSetup-{26AC2EC6-37B3-F6AA-28B0-9BE785507068} - C:\Windows:svhosts.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\radek\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-14 09:36
Windows 6.0.6000 NTFS
.
skenovбnн skrytэch procesщ ...
.
skenovбnн skrytэch poloћek 'Po spuљtмnн' ...
.
skenovбnн skrytэch souborщ ...
.
sken byl ъspeљnм dokonиen
skrytй soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_6c825ce.dll"
.
--------------------- ZAMKNUTЙ KLНИE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-375337239-1711731820-815350120-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{27AA0F38-7ED0-4668-C242-C72BFBAA87C9}*]
"kaeghfminbbgefcnfcmbjm"=hex:66,61,65,62,67,6e,6e,62,6f,6d,70,61,00,61
"maehlgkongfkgkmjeohcoadnln"=hex:62,61,6f,69,00,01
"kaeghfminbbgefcnfcmbgm"=hex:67,61,65,67,6c,66,6e,61,70,66,64,6b,6c,6e,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navбzanй na bмћнcн procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(576)
c:\users\radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Jinй spuљtenй procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Motorola\MotoHelper\MotoHelperService.exe
c:\program files\Eset\nod32krn.exe
c:\program files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
c:\program files\Motorola\MotoHelper\MotoHelperAgent.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkovэ иas: 2012-04-14 09:41:37 - poинtaи byl restartovбn
ComboFix-quarantined-files.txt 2012-04-14 07:41
.
Pred spustenim: Volnэch bajtщ: 12,975,071,232
Po spusteni: Volnэch bajtщ: 12,032,196,608
.
- - End Of File - - E14EFDB0B9EA5CEA9311195FC8737FE2
Re: Prosím o kontrolu logu - vypínání PC
Nějaké zlepšení určitě je, to přehřívání ještě musím nějak spravit.
Klíč v registru jsem vymazal, složky jsem chtěl zabalit, ale nejde to, píše to:
! Cannot read contents of C:\Qoobox\BackEnv\*
! Cannot create Slozky.rar
! Pristup byl odepren.
Máš ideu, jak na to?
Klíč v registru jsem vymazal, složky jsem chtěl zabalit, ale nejde to, píše to:
! Cannot read contents of C:\Qoobox\BackEnv\*
! Cannot create Slozky.rar
! Pristup byl odepren.
Máš ideu, jak na to?
Re: Prosím o kontrolu logu - vypínání PC
Odkaz už jsem do zpráv poslal předevčírem, tak se připomínám, jestli jsi náhodou nezapomněl 
. (navíc jsem nevěděl, jestli pak mám sem psát nebo ne).
. (navíc jsem nevěděl, jestli pak mám sem psát nebo ne).Re: Prosím o kontrolu logu - vypínání PC
Díky, teď jsem ty programy odinstaloval, snad to zatím vypadá dobře, kdyby byly nějaké další problémy, tak bych se ozval.
Počítač po vyčištění evidentně reaguje o hodně líp, tolik se nepřehřívá a odezvy jsou o něco rychlejší (kromě toho, když je puštěný ten Matlab a počítá si nějaké smyčky se 4D maticemi).
Počítač po vyčištění evidentně reaguje o hodně líp, tolik se nepřehřívá a odezvy jsou o něco rychlejší (kromě toho, když je puštěný ten Matlab a počítá si nějaké smyčky se 4D maticemi
).
Přispějete na provoz fóra?