AVG Anti virus - Trojský kůň

Zpráva

kristyna91 · #1 Příspěvek od **kristyna91** » 21 čer 2012 20:41

Dobrý den,

chtěla bych se poradit s virem, který mi hlásí AVG anti virus. Jsem v tomto oboru úplny amatér, tak se omlouvám za neodborný a velmi slabý popis. Projevuje se ve velmi pomalé rychlosti počítače a zamrznutí internetů.

Budu velmi vděčná za každou radu. Děkuji.

Podle rady jsem si tu stáhla program RSIT a tady je log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by uzivatelXP at 2012-06-21 21:25:13
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (8%) free of 50 GB
Total RAM: 2046 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:25:19, on 21.6.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Winamp3\winampa.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AVG\AVG2012\avgui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\uzivatelXP\Plocha\RSIT.exe
C:\Program Files\trend micro\uzivatelXP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [JP595IR86O] C:\DOCUME~1\UZIVAT~1\LOCALS~1\Temp\Bby.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ResultBar Service - Unknown owner - C:\Documents and Settings\All Users\Data aplikací\ResultBar\resultbar113.exe (file missing)

--
End of file - 9354 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\uzivatelXP\Data aplikací\Mozilla\Firefox\Profiles\63b6478h.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "extensions.enabledItems" - "{3f963a5b-e555-4543-90e2-c3908898db71}:12.0.0.1912, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid=%7B22 ... &sap=ku&q="

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{3f963a5b-e555-4543-90e2-c3908898db71}"=C:\Program Files\AVG\AVG2012\Firefox\
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
aboutCertError.js
aboutPrivateBrowsing.js
aboutRights.js
aboutRobots.js
aboutSessionRestore.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\uzivatelXP\Data aplikací\Mozilla\Firefox\Profiles\63b6478h.default\searchplugins\
icq-search.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"WinampAgent"=C:\Program Files\Winamp3\winampa.exe [2002-07-23 12288]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-09 98304]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
"ROC_roc_dec12"=C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe /PROMPT /CMPID=roc_dec12 []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"JP595IR86O"=C:\DOCUME~1\UZIVAT~1\LOCALS~1\Temp\Bby.exe []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-05 204288]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-07-10 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-27 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\Hry\The Battle for Middle-earth (tm) II\game.dat"="D:\Hry\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"D:\Hry\Empire Earth\Empire Earth.exe"="D:\Hry\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"D:\Hry\Empire Earth - The Art of Conquest\EE-AOC.exe"="D:\Hry\Empire Earth - The Art of Conquest\EE-AOC.exe:*:Enabled:EE-AOC"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.l3acm"=l3codeca.acm
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"vidc.vp60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.vp61"=C:\WINDOWS\system32\vp6vfw.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsvid.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"vidc.iv50"=ir50_32.dll
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2012-06-21 21:25:13 ----D---- C:\rsit
2012-06-21 21:25:13 ----D---- C:\Program Files\trend micro
2012-06-20 12:19:04 ----HD---- C:\$AVG
2012-06-18 21:30:58 ----A---- C:\PA7302.DAT
2012-06-12 21:01:11 ----D---- C:\Documents and Settings\uzivatelXP\Data aplikací\.anki
2012-06-10 16:27:17 ----A---- C:\WINDOWS\IE4 Error Log.txt

======List of files/folders modified in the last 1 month======

2012-06-21 21:25:13 ----RD---- C:\Program Files
2012-06-21 21:22:58 ----D---- C:\Program Files\Mozilla Firefox
2012-06-21 21:20:56 ----A---- C:\WINDOWS\NeroDigital.ini
2012-06-21 18:21:28 ----D---- C:\WINDOWS\Temp
2012-06-21 18:21:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2012-06-21 18:21:22 ----D---- C:\WINDOWS\system32\drivers\AVG
2012-06-21 15:34:24 ----D---- C:\WINDOWS\Prefetch
2012-06-21 13:43:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2012-06-21 10:56:14 ----D---- C:\WINDOWS\system32\CatRoot2
2012-06-21 10:38:04 ----D---- C:\WINDOWS\system32\drivers
2012-06-21 01:24:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-06-21 00:16:39 ----D---- C:\WINDOWS\system32
2012-06-19 10:17:34 ----SHD---- C:\WINDOWS\Installer
2012-06-19 03:59:20 ----D---- C:\Documents and Settings\uzivatelXP\Data aplikací\Skype
2012-06-10 16:27:17 ----D---- C:\WINDOWS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-01-04 691696]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-11-20 9216]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-27 77568]
R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\system32\DRIVERS\xfilt.sys [2007-11-20 17920]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-11-16 50704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-07-10 4407808]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134608]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\WINDOWS\system32\DRIVERS\CamSuiteVAC.sys [2008-09-20 37560]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 PAC7302;iLook 300; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2009-04-28 461824]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 xcpip;Ovladač protokolu TCP/IP; C:\WINDOWS\system32\drivers\xcpip.sys []
R3 xpsec;Ovladač IPSEC; C:\WINDOWS\system32\drivers\xpsec.sys []
S3 a3oqfjlq;a3oqfjlq; C:\WINDOWS\system32\drivers\a3oqfjlq.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-27 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 uxplb.sys;uxplb.sys; \??\C:\WINDOWS\system32\drivers\uxplb.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-04-27 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-07-10 602112]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
R3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-07-09 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-18 136176]
S2 ResultBar Service;ResultBar Service; C:\Documents and Settings\All Users\Data aplikací\ResultBar\resultbar113.exe C:\Program Files\ResultBar\resultbar.dll casayuho []
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-18 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 21 čer 2012 21:36

Zdravím!
Ve kterém souboru našel AVG toho trojáka?

kristyna91 · #3 Příspěvek od **kristyna91** » 22 čer 2012 07:49

Dobrý den,

tyto soubory mi hlásí AVG jako infikované a nevyléčitelné.

Moc děkuji za odpověď. K.

"";"C:\WINDOWS\system32\winlogon.exe (900):\memory_012d0000";"Trojský kůň PSW.Agent.AUET";"Infikováno"
"";"C:\WINDOWS\system32\svchost.exe (3392):\memory_00fa0000";"Trojský kůň PSW.Agent.AUET";"Infikováno"
"";"C:\WINDOWS\system32\svchost.exe (1660):\memory_00c20000";"Trojský kůň PSW.Agent.AUET";"Infikováno"
"";"C:\WINDOWS\system32\svchost.exe (1416):\memory_00690000";"Trojský kůň PSW.Agent.AUET";"Infikováno"
"";"C:\WINDOWS\system32\svchost.exe (1376):\memory_017c0000";"Trojský kůň PSW.Agent.AUET";"Infikováno"
"";"C:\WINDOWS\system32\svchost.exe (1152):\memory_00af0000";"Trojský kůň PSW.Agent.AUET";"Infikováno"
"";"C:\WINDOWS\system32\services.exe (944):\memory_011c0000";"Trojský kůň PSW.Agent.ARMV";"Infikováno"
"";"C:\WINDOWS\explorer.exe (2188):\memory_017a0000";"Trojský kůň PSW.Agent.AUET";"Infikováno"
"";"C:\Program Files\Internet Explorer\iexplore.exe (5796):\memory_02610000";"Trojský kůň PSW.Agent.ASJX";"Infikováno"
"";"C:\Program Files\Internet Explorer\iexplore.exe (4200):\memory_063e0000";"Trojský kůň PSW.Agent.ASJX";"Infikováno"
"";"C:\Program Files\Internet Explorer\iexplore.exe (4192):\memory_06130000";"Trojský kůň PSW.Agent.ASJX";"Infikováno"
"";"C:\Program Files\Internet Explorer\iexplore.exe (3700):\memory_030e0000";"Trojský kůň PSW.Agent.ASJX";"Infikováno"
"";"C:\Program Files\Internet Explorer\iexplore.exe (3040):\memory_02770000";"Trojský kůň PSW.Agent.ASJX";"Infikováno"
"";"C:\Program Files\Internet Explorer\iexplore.exe (2956):\memory_030f0000";"Trojský kůň PSW.Agent.ASJX";"Infikováno"
"";"C:\Program Files\Internet Explorer\iexplore.exe (2392):\memory_03100000";"Trojský kůň PSW.Agent.ASJX";"Infikováno"

#4 Příspěvek od **JaRon** » 22 čer 2012 08:27

zaskocim:
http://forum.viry.cz/viewtopic.php?f=24 ... 05#p981205
pouzi volbu scan - log vloz

kristyna91 · #5 Příspěvek od **kristyna91** » 22 čer 2012 09:20

Doufám, že je to to co pořebujete. Ještě jednou děkuji za bleskové reakce!

RogueKiller V7.5.4 [06/07/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: uzivatelXP [Práva správce]
Mód: Kontrola -- Datum: 06/22/2012 10:16:46

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 8 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : JP595IR86O (C:\DOCUME~1\UZIVAT~1\LOCALS~1\Temp\Bby.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-2025429265-1060284298-682003330-1003[...]\Run : JP595IR86O (C:\DOCUME~1\UZIVAT~1\LOCALS~1\Temp\Bby.exe) -> FOUND
[SUSP PATH] {22116563-108C-42c0-A7CE-60161B75E508}.job @ : C:\DOCUME~1\UZIVAT~1\LOCALS~1\Temp\Bby.exe -> FOUND
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> FOUND
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> FOUND
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> FOUND
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_CREATE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_CLOSE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_SYSTEM_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_DEVICE_CHANGE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)

¤¤¤ Nákaza : Root.MBR ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500JS-00NCB1 +++++
--- User ---
[MBR] e2a68e07ac4561a5ec037da4a28012e1
[BSP] 5bd73d790395059bfceb5d136d751c83 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 102398310 | Size: 188473 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 538da413f702946505895d75301ea1a9
[BSP] bd0a2f9e9d28d8e7b8b2680e8b66f822 : Whistler/Sinowal MBR Code!
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 102398310 | Size: 188473 Mo

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

#6 Příspěvek od **JaRon** » 22 čer 2012 09:45

no je to horsie ako to vypadalo

zopakuj akciu - volba delete a daj zmazat nasledovne:
[SUSP PATH] HKCU\[...]\Run : JP595IR86O (C:\DOCUME~1\UZIVAT~1\LOCALS~1\Temp\Bby.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-2025429265-1060284298-682003330-1003[...]\Run : JP595IR86O (C:\DOCUME~1\UZIVAT~1\LOCALS~1\Temp\Bby.exe) -> FOUND
[SUSP PATH] {22116563-108C-42c0-A7CE-60161B75E508}.job @ : C:\DOCUME~1\UZIVAT~1\LOCALS~1\Temp\Bby.exe -> FOUND

kristyna91 · #7 Příspěvek od **kristyna91** » 22 čer 2012 10:10

A prosím jak smažu jen ty tři? Mám totiž jen vpravo možnost smazat, ale bojím se, že tak smažu vše, tak se raději ptám.

Děkuji, K.

#8 Příspěvek od **JaRon** » 22 čer 2012 10:28

kludne mozes zmazat vsetko najdene - uvedene 3 su dolezite, aby boli zmazane

kristyna91 · #9 Příspěvek od **kristyna91** » 22 čer 2012 10:55

Tak jsem vše smazala, co prosím dál? A vytvořila se mi nová zpráva:

RogueKiller V7.5.4 [06/07/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: uzivatelXP [Práva správce]
Mód: Odebrat -- Datum: 06/22/2012 11:53:08

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_CREATE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_CLOSE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_SYSTEM_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_DEVICE_CHANGE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)

¤¤¤ Nákaza : Root.MBR ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500JS-00NCB1 +++++
--- User ---
[MBR] e2a68e07ac4561a5ec037da4a28012e1
[BSP] 5bd73d790395059bfceb5d136d751c83 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 102398310 | Size: 188473 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 538da413f702946505895d75301ea1a9
[BSP] bd0a2f9e9d28d8e7b8b2680e8b66f822 : Whistler/Sinowal MBR Code!
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 102398310 | Size: 188473 Mo

Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

#10 Příspěvek od **JaRon** » 22 čer 2012 11:00

tak polovicku prace mame za sebou

stiahni a spust TDSSKiller - log vloz

kristyna91 · #11 Příspěvek od **kristyna91** » 22 čer 2012 11:21

Super.

Doufám, že je to ten správný log. Velmi Děkuji.

12:17:42.0281 4952 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
12:17:47.0187 4952 ============================================================
12:17:47.0187 4952 Current date / time: 2012/06/22 12:17:47.0187
12:17:47.0187 4952 SystemInfo:
12:17:47.0187 4952
12:17:47.0187 4952 OS Version: 5.1.2600 ServicePack: 3.0
12:17:47.0187 4952 Product type: Workstation
12:17:47.0187 4952 ComputerName: PC
12:17:47.0187 4952 UserName: uzivatelXP
12:17:47.0187 4952 Windows directory: C:\WINDOWS
12:17:47.0187 4952 System windows directory: C:\WINDOWS
12:17:47.0187 4952 Processor architecture: Intel x86
12:17:47.0187 4952 Number of processors: 2
12:17:47.0187 4952 Page size: 0x1000
12:17:47.0187 4952 Boot type: Normal boot
12:17:47.0187 4952 ============================================================
12:17:48.0578 4952 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:17:48.0578 4952 ============================================================
12:17:48.0578 4952 \Device\Harddisk0\DR0:
12:17:48.0578 4952 MBR partitions:
12:17:48.0578 4952 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
12:17:48.0578 4952 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x1701CC1B
12:17:48.0578 4952 ============================================================
12:17:48.0609 4952 C: <-> \Device\Harddisk0\DR0\Partition0
12:17:48.0640 4952 D: <-> \Device\Harddisk0\DR0\Partition1
12:17:48.0640 4952 ============================================================
12:17:48.0640 4952 Initialize success
12:17:48.0640 4952 ============================================================
12:17:51.0453 2008 ============================================================
12:17:51.0453 2008 Scan started
12:17:51.0453 2008 Mode: Manual;
12:17:51.0453 2008 ============================================================
12:17:52.0328 2008 Abiosdsk - ok
12:17:52.0328 2008 abp480n5 - ok
12:17:52.0359 2008 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:17:52.0359 2008 ACPI - ok
12:17:52.0406 2008 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:17:52.0406 2008 ACPIEC - ok
12:17:52.0421 2008 adpu160m - ok
12:17:52.0453 2008 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:17:52.0453 2008 aec - ok
12:17:52.0468 2008 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
12:17:52.0468 2008 AFD - ok
12:17:52.0468 2008 Aha154x - ok
12:17:52.0484 2008 aic78u2 - ok
12:17:52.0484 2008 aic78xx - ok
12:17:52.0671 2008 ALCXWDM (f3e15607ba53249c765e36388b332c2f) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
12:17:52.0703 2008 ALCXWDM - ok
12:17:52.0750 2008 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
12:17:52.0750 2008 Alerter - ok
12:17:52.0765 2008 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
12:17:52.0765 2008 ALG - ok
12:17:52.0781 2008 AliIde - ok
12:17:52.0781 2008 amsint - ok
12:17:52.0812 2008 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
12:17:52.0812 2008 AppMgmt - ok
12:17:52.0812 2008 asc - ok
12:17:52.0828 2008 asc3350p - ok
12:17:52.0828 2008 asc3550 - ok
12:17:52.0875 2008 aspnet_state (d33c507942299753868204cc7642fa27) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:17:52.0875 2008 aspnet_state - ok
12:17:52.0890 2008 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:17:52.0906 2008 AsyncMac - ok
12:17:52.0906 2008 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:17:52.0906 2008 atapi - ok
12:17:52.0906 2008 Atdisk - ok
12:17:52.0968 2008 Ati HotKey Poller (97991f053b599f7315122562a18d7921) C:\WINDOWS\system32\Ati2evxx.exe
12:17:52.0984 2008 Ati HotKey Poller - ok
12:17:53.0031 2008 ATI Smart (08be1463638df5d445a6e6fb139188b5) C:\WINDOWS\system32\ati2sgag.exe
12:17:53.0046 2008 ATI Smart - ok
12:17:53.0281 2008 ati2mtag (f06cfd54ad49c0621b40ebf063c46b08) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:17:53.0296 2008 ati2mtag - ok
12:17:53.0343 2008 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:17:53.0343 2008 Atmarpc - ok
12:17:53.0343 2008 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
12:17:53.0359 2008 AudioSrv - ok
12:17:53.0390 2008 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:17:53.0390 2008 audstub - ok
12:17:53.0671 2008 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
12:17:53.0796 2008 AVGIDSAgent - ok
12:17:53.0875 2008 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
12:17:53.0890 2008 AVGIDSDriver - ok
12:17:53.0921 2008 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
12:17:53.0921 2008 AVGIDSEH - ok
12:17:53.0937 2008 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
12:17:53.0937 2008 AVGIDSFilter - ok
12:17:53.0937 2008 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
12:17:53.0953 2008 AVGIDSShim - ok
12:17:53.0968 2008 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
12:17:53.0968 2008 Avgldx86 - ok
12:17:53.0968 2008 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
12:17:53.0968 2008 Avgmfx86 - ok
12:17:53.0984 2008 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
12:17:53.0984 2008 Avgrkx86 - ok
12:17:54.0015 2008 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
12:17:54.0015 2008 Avgtdix - ok
12:17:54.0062 2008 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
12:17:54.0109 2008 avgwd - ok
12:17:54.0109 2008 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:17:54.0109 2008 Beep - ok
12:17:54.0156 2008 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
12:17:54.0187 2008 BITS - ok
12:17:54.0203 2008 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
12:17:54.0218 2008 Browser - ok
12:17:54.0234 2008 CamSuiteVAC (e292176878f933e6a3cc46d6109ef1bb) C:\WINDOWS\system32\DRIVERS\CamSuiteVAC.sys
12:17:54.0250 2008 CamSuiteVAC - ok
12:17:54.0265 2008 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:17:54.0281 2008 cbidf2k - ok
12:17:54.0296 2008 CCDECODE (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:17:54.0296 2008 CCDECODE - ok
12:17:54.0296 2008 cd20xrnt - ok
12:17:54.0312 2008 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:17:54.0312 2008 Cdaudio - ok
12:17:54.0328 2008 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:17:54.0328 2008 Cdfs - ok
12:17:54.0328 2008 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:17:54.0343 2008 Cdrom - ok
12:17:54.0343 2008 Changer - ok
12:17:54.0359 2008 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
12:17:54.0359 2008 CiSvc - ok
12:17:54.0359 2008 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
12:17:54.0375 2008 ClipSrv - ok
12:17:54.0421 2008 clr_optimization_v2.0.50727_32 (3c4d595e7f9b747325aef28b4adcaae5) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:17:54.0421 2008 clr_optimization_v2.0.50727_32 - ok
12:17:54.0421 2008 CmdIde - ok
12:17:54.0437 2008 COMSysApp - ok
12:17:54.0437 2008 Cpqarray - ok
12:17:54.0468 2008 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
12:17:54.0468 2008 CryptSvc - ok
12:17:54.0468 2008 dac2w2k - ok
12:17:54.0484 2008 dac960nt - ok
12:17:54.0515 2008 DcomLaunch (c868f3ae15cf71a93f2aa3a32856d839) C:\WINDOWS\system32\rpcss.dll
12:17:54.0531 2008 DcomLaunch - ok
12:17:54.0546 2008 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
12:17:54.0562 2008 Dhcp - ok
12:17:54.0562 2008 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:17:54.0562 2008 Disk - ok
12:17:54.0578 2008 dmadmin - ok
12:17:54.0625 2008 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
12:17:54.0625 2008 dmboot - ok
12:17:54.0640 2008 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
12:17:54.0640 2008 dmio - ok
12:17:54.0656 2008 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:17:54.0656 2008 dmload - ok
12:17:54.0671 2008 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
12:17:54.0671 2008 dmserver - ok
12:17:54.0703 2008 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:17:54.0703 2008 DMusic - ok
12:17:54.0718 2008 Dnscache (0634b791684b84f4a331f3d3536feef8) C:\WINDOWS\System32\dnsrslvr.dll
12:17:54.0718 2008 Dnscache - ok
12:17:54.0734 2008 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
12:17:54.0734 2008 Dot3svc - ok
12:17:54.0750 2008 dpti2o - ok
12:17:54.0750 2008 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:17:54.0750 2008 drmkaud - ok
12:17:54.0781 2008 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
12:17:54.0781 2008 EapHost - ok
12:17:54.0796 2008 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
12:17:54.0796 2008 ERSvc - ok
12:17:54.0812 2008 Eventlog (f0d2ae69035092bf22dad6b50fab85c2) C:\WINDOWS\system32\services.exe
12:17:54.0812 2008 Eventlog - ok
12:17:54.0859 2008 EventSystem (260c69fd67687b0dc062fc3d31655857) C:\WINDOWS\system32\es.dll
12:17:54.0875 2008 EventSystem - ok
12:17:54.0906 2008 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:17:54.0906 2008 Fastfat - ok
12:17:54.0921 2008 FastUserSwitchingCompatibility (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
12:17:54.0937 2008 FastUserSwitchingCompatibility - ok
12:17:54.0968 2008 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:17:54.0968 2008 Fdc - ok
12:17:55.0000 2008 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
12:17:55.0000 2008 FETNDIS - ok
12:17:55.0000 2008 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
12:17:55.0000 2008 Fips - ok
12:17:55.0015 2008 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:17:55.0015 2008 Flpydisk - ok
12:17:55.0046 2008 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:17:55.0046 2008 FltMgr - ok
12:17:55.0125 2008 FontCache3.0.0.0 (facecf3f75baf3775a879d1168402270) C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:17:55.0140 2008 FontCache3.0.0.0 - ok
12:17:55.0156 2008 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:17:55.0156 2008 Fs_Rec - ok
12:17:55.0171 2008 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:17:55.0171 2008 Ftdisk - ok
12:17:55.0171 2008 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
12:17:55.0171 2008 gagp30kx - ok
12:17:55.0187 2008 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:17:55.0187 2008 Gpc - ok
12:17:55.0265 2008 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:17:55.0265 2008 gupdate - ok
12:17:55.0265 2008 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:17:55.0265 2008 gupdatem - ok
12:17:55.0328 2008 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:17:55.0328 2008 helpsvc - ok
12:17:55.0328 2008 HidServ - ok
12:17:55.0359 2008 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:17:55.0359 2008 hidusb - ok
12:17:55.0375 2008 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
12:17:55.0375 2008 hkmsvc - ok
12:17:55.0390 2008 hpn - ok
12:17:55.0421 2008 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
12:17:55.0421 2008 HTTP - ok
12:17:55.0453 2008 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
12:17:55.0453 2008 HTTPFilter - ok
12:17:55.0468 2008 i2omgmt - ok
12:17:55.0468 2008 i2omp - ok
12:17:55.0484 2008 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:17:55.0484 2008 i8042prt - ok
12:17:55.0562 2008 idsvc (ea7267505149b3a10df32506a4e4e412) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:17:55.0578 2008 idsvc - ok
12:17:55.0640 2008 IJPLMSVC (755519f49906b73c1fe9cbbf75e347ea) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
12:17:55.0640 2008 IJPLMSVC - ok
12:17:55.0656 2008 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:17:55.0656 2008 Imapi - ok
12:17:55.0656 2008 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
12:17:55.0671 2008 ImapiService - ok
12:17:55.0687 2008 ini910u - ok
12:17:55.0703 2008 IntelIde - ok
12:17:55.0703 2008 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:17:55.0703 2008 Ip6Fw - ok
12:17:55.0718 2008 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:17:55.0718 2008 IpFilterDriver - ok
12:17:55.0734 2008 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:17:55.0734 2008 IpInIp - ok
12:17:55.0750 2008 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:17:55.0750 2008 IpNat - ok
12:17:55.0781 2008 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:17:55.0781 2008 IPSec - ok
12:17:55.0796 2008 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:17:55.0796 2008 IRENUM - ok
12:17:55.0828 2008 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:17:55.0828 2008 isapnp - ok
12:17:55.0906 2008 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
12:17:55.0921 2008 JavaQuickStarterService - ok
12:17:55.0953 2008 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:17:55.0953 2008 Kbdclass - ok
12:17:55.0984 2008 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:17:55.0984 2008 kmixer - ok
12:17:56.0000 2008 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
12:17:56.0000 2008 KSecDD - ok
12:17:56.0046 2008 LanmanServer (21920ac69594ab021237054fa728fe46) C:\WINDOWS\System32\srvsvc.dll
12:17:56.0046 2008 LanmanServer - ok
12:17:56.0078 2008 lanmanworkstation (5190783f51a2d7a8495202c664d7c963) C:\WINDOWS\System32\wkssvc.dll
12:17:56.0093 2008 lanmanworkstation - ok
12:17:56.0093 2008 lbrtfdc - ok
12:17:56.0109 2008 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
12:17:56.0125 2008 LmHosts - ok
12:17:56.0218 2008 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
12:17:56.0265 2008 MDM - ok
12:17:56.0296 2008 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
12:17:56.0296 2008 Messenger - ok
12:17:56.0343 2008 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:17:56.0343 2008 mnmdd - ok
12:17:56.0375 2008 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
12:17:56.0375 2008 mnmsrvc - ok
12:17:56.0375 2008 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
12:17:56.0375 2008 Modem - ok
12:17:56.0406 2008 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:17:56.0406 2008 Mouclass - ok
12:17:56.0421 2008 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:17:56.0421 2008 mouhid - ok
12:17:56.0421 2008 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:17:56.0421 2008 MountMgr - ok
12:17:56.0437 2008 mraid35x - ok
12:17:56.0453 2008 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:17:56.0453 2008 MRxDAV - ok
12:17:56.0468 2008 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:17:56.0468 2008 MRxSmb - ok
12:17:56.0515 2008 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
12:17:56.0515 2008 MSDTC - ok
12:17:56.0531 2008 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:17:56.0531 2008 Msfs - ok
12:17:56.0531 2008 MSIServer - ok
12:17:56.0562 2008 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:17:56.0562 2008 MSKSSRV - ok
12:17:56.0562 2008 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:17:56.0562 2008 MSPCLOCK - ok
12:17:56.0578 2008 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:17:56.0578 2008 MSPQM - ok
12:17:56.0593 2008 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:17:56.0593 2008 mssmbios - ok
12:17:56.0609 2008 MSTEE (d5059366b361f0e1124753447af08aa2) C:\WINDOWS\system32\drivers\MSTEE.sys
12:17:56.0609 2008 MSTEE - ok
12:17:56.0625 2008 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
12:17:56.0625 2008 Mup - ok
12:17:56.0640 2008 NABTSFEC (ac31b352ce5e92704056d409834beb74) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:17:56.0640 2008 NABTSFEC - ok
12:17:56.0656 2008 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
12:17:56.0671 2008 napagent - ok
12:17:56.0687 2008 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:17:56.0703 2008 NDIS - ok
12:17:56.0734 2008 NdisIP (abd7629cf2796250f315c1dd0b6cf7a0) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:17:56.0734 2008 NdisIP - ok
12:17:56.0750 2008 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:17:56.0750 2008 NdisTapi - ok
12:17:56.0765 2008 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:17:56.0765 2008 Ndisuio - ok
12:17:56.0781 2008 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:17:56.0781 2008 NdisWan - ok
12:17:56.0796 2008 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
12:17:56.0796 2008 NDProxy - ok
12:17:56.0890 2008 Nero BackItUp Scheduler 3 (2aae889742376edc5c3203dfb74f28fd) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
12:17:56.0906 2008 Nero BackItUp Scheduler 3 - ok
12:17:56.0921 2008 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:17:56.0921 2008 NetBIOS - ok
12:17:56.0937 2008 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:17:56.0937 2008 NetBT - ok
12:17:56.0953 2008 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
12:17:56.0968 2008 NetDDE - ok
12:17:56.0968 2008 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
12:17:56.0968 2008 NetDDEdsdm - ok
12:17:57.0000 2008 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
12:17:57.0000 2008 Netlogon - ok
12:17:57.0015 2008 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
12:17:57.0046 2008 Netman - ok
12:17:57.0156 2008 NetTcpPortSharing (8070bb07fe06de8b9acb29b07016a273) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:17:57.0156 2008 NetTcpPortSharing - ok
12:17:57.0187 2008 Nla (aac97dab5f8a0573cf10e0eac42a7724) C:\WINDOWS\System32\mswsock.dll
12:17:57.0234 2008 Nla - ok
12:17:57.0296 2008 NMIndexingService (cb992ae1506985d9167e85883b4c3240) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
12:17:57.0312 2008 NMIndexingService - ok
12:17:57.0359 2008 nmwcd (b0a67de1a128389aea4d42c5a56215fd) C:\WINDOWS\system32\drivers\ccdcmb.sys
12:17:57.0375 2008 nmwcd - ok
12:17:57.0406 2008 npf (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\npf.sys
12:17:57.0406 2008 npf - ok
12:17:57.0406 2008 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:17:57.0406 2008 Npfs - ok
12:17:57.0453 2008 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:17:57.0453 2008 Ntfs - ok
12:17:57.0453 2008 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
12:17:57.0453 2008 NtLmSsp - ok
12:17:57.0484 2008 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
12:17:57.0515 2008 NtmsSvc - ok
12:17:57.0546 2008 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:17:57.0546 2008 Null - ok
12:17:57.0546 2008 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:17:57.0546 2008 NwlnkFlt - ok
12:17:57.0562 2008 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:17:57.0562 2008 NwlnkFwd - ok
12:17:57.0609 2008 PAC7302 (ad66bc56dd6a030174c03395b3dc0720) C:\WINDOWS\system32\DRIVERS\PAC7302.SYS
12:17:57.0625 2008 PAC7302 - ok
12:17:57.0640 2008 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
12:17:57.0640 2008 Parport - ok
12:17:57.0640 2008 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:17:57.0640 2008 PartMgr - ok
12:17:57.0671 2008 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
12:17:57.0671 2008 ParVdm - ok
12:17:57.0687 2008 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
12:17:57.0687 2008 PCI - ok
12:17:57.0703 2008 PCIDump - ok
12:17:57.0703 2008 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:17:57.0718 2008 PCIIde - ok
12:17:57.0734 2008 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:17:57.0734 2008 Pcmcia - ok
12:17:57.0734 2008 PDCOMP - ok
12:17:57.0750 2008 PDFRAME - ok
12:17:57.0750 2008 PDRELI - ok
12:17:57.0765 2008 PDRFRAME - ok
12:17:57.0765 2008 perc2 - ok
12:17:57.0765 2008 perc2hib - ok
12:17:57.0828 2008 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\WINDOWS\system32\IoctlSvc.exe
12:17:57.0828 2008 PLFlash DeviceIoControl Service - ok
12:17:57.0859 2008 PlugPlay (f0d2ae69035092bf22dad6b50fab85c2) C:\WINDOWS\system32\services.exe
12:17:57.0859 2008 PlugPlay - ok
12:17:57.0859 2008 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
12:17:57.0859 2008 PolicyAgent - ok
12:17:57.0875 2008 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:17:57.0875 2008 PptpMiniport - ok
12:17:57.0890 2008 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
12:17:57.0906 2008 Processor - ok
12:17:57.0906 2008 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
12:17:57.0906 2008 ProtectedStorage - ok
12:17:57.0906 2008 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:17:57.0906 2008 PSched - ok
12:17:57.0937 2008 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:17:57.0937 2008 Ptilink - ok
12:17:57.0937 2008 ql1080 - ok
12:17:57.0953 2008 Ql10wnt - ok
12:17:57.0953 2008 ql12160 - ok
12:17:57.0953 2008 ql1240 - ok
12:17:57.0968 2008 ql1280 - ok
12:17:57.0984 2008 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:17:57.0984 2008 RasAcd - ok
12:17:58.0000 2008 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
12:17:58.0015 2008 RasAuto - ok
12:17:58.0015 2008 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:17:58.0015 2008 Rasl2tp - ok
12:17:58.0046 2008 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
12:17:58.0078 2008 RasMan - ok
12:17:58.0078 2008 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:17:58.0093 2008 RasPppoe - ok
12:17:58.0093 2008 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:17:58.0093 2008 Raspti - ok
12:17:58.0109 2008 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:17:58.0109 2008 Rdbss - ok
12:17:58.0125 2008 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:17:58.0125 2008 RDPCDD - ok
12:17:58.0171 2008 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:17:58.0171 2008 rdpdr - ok
12:17:58.0187 2008 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
12:17:58.0187 2008 RDPWD - ok
12:17:58.0203 2008 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
12:17:58.0218 2008 RDSessMgr - ok
12:17:58.0234 2008 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:17:58.0234 2008 redbook - ok
12:17:58.0250 2008 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
12:17:58.0265 2008 RemoteAccess - ok
12:17:58.0281 2008 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
12:17:58.0281 2008 RemoteRegistry - ok
12:17:58.0328 2008 ResultBar Service - ok
12:17:58.0343 2008 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
12:17:58.0359 2008 RpcLocator - ok
12:17:58.0375 2008 RpcSs (c868f3ae15cf71a93f2aa3a32856d839) C:\WINDOWS\system32\rpcss.dll
12:17:58.0390 2008 RpcSs - ok
12:17:58.0437 2008 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
12:17:58.0453 2008 RSVP - ok
12:17:58.0468 2008 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
12:17:58.0468 2008 SamSs - ok
12:17:58.0500 2008 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
12:17:58.0500 2008 SCardSvr - ok
12:17:58.0531 2008 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
12:17:58.0546 2008 Schedule - ok
12:17:58.0562 2008 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:17:58.0562 2008 Secdrv - ok
12:17:58.0562 2008 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
12:17:58.0578 2008 seclogon - ok
12:17:58.0593 2008 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
12:17:58.0593 2008 SENS - ok
12:17:58.0593 2008 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:17:58.0609 2008 serenum - ok
12:17:58.0609 2008 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
12:17:58.0609 2008 Serial - ok
12:17:58.0640 2008 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:17:58.0640 2008 Sfloppy - ok
12:17:58.0671 2008 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
12:17:58.0687 2008 SharedAccess - ok
12:17:58.0687 2008 ShellHWDetection (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
12:17:58.0703 2008 ShellHWDetection - ok
12:17:58.0703 2008 Simbad - ok
12:17:58.0734 2008 SLIP (1ffc44d6787ec1ea9a2b1440a90fa5c1) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:17:58.0734 2008 SLIP - ok
12:17:58.0750 2008 Sparrow - ok
12:17:58.0781 2008 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:17:58.0781 2008 splitter - ok
12:17:58.0781 2008 Spooler (cb1090bca0e7b40d0b5b4e4d66531809) C:\WINDOWS\system32\spoolsv.exe
12:17:58.0781 2008 Spooler - ok
12:17:58.0828 2008 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
12:17:58.0828 2008 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
12:17:58.0828 2008 sptd ( LockedFile.Multi.Generic ) - warning
12:17:58.0828 2008 sptd - detected LockedFile.Multi.Generic (1)
12:17:58.0875 2008 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
12:17:58.0875 2008 sr - ok
12:17:58.0890 2008 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
12:17:58.0890 2008 srservice - ok
12:17:58.0921 2008 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
12:17:58.0921 2008 Srv - ok
12:17:58.0937 2008 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
12:17:58.0937 2008 SSDPSRV - ok
12:17:58.0968 2008 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
12:17:59.0031 2008 stisvc - ok
12:17:59.0046 2008 streamip (a9f9fd0212e572b84edb9eb661f6bc04) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:17:59.0046 2008 streamip - ok
12:17:59.0078 2008 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:17:59.0078 2008 swenum - ok
12:17:59.0109 2008 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:17:59.0109 2008 swmidi - ok
12:17:59.0109 2008 SwPrv - ok
12:17:59.0109 2008 symc810 - ok
12:17:59.0125 2008 symc8xx - ok
12:17:59.0125 2008 sym_hi - ok
12:17:59.0140 2008 sym_u3 - ok
12:17:59.0156 2008 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:17:59.0156 2008 sysaudio - ok
12:17:59.0171 2008 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
12:17:59.0187 2008 SysmonLog - ok
12:17:59.0203 2008 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
12:17:59.0250 2008 TapiSrv - ok
12:17:59.0281 2008 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:17:59.0281 2008 Tcpip - ok
12:17:59.0312 2008 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:17:59.0312 2008 TDPIPE - ok
12:17:59.0328 2008 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:17:59.0328 2008 TDTCP - ok
12:17:59.0359 2008 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:17:59.0359 2008 TermDD - ok
12:17:59.0375 2008 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
12:17:59.0390 2008 TermService - ok
12:17:59.0406 2008 Themes (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
12:17:59.0406 2008 Themes - ok
12:17:59.0421 2008 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
12:17:59.0421 2008 TlntSvr - ok
12:17:59.0421 2008 TosIde - ok
12:17:59.0453 2008 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
12:17:59.0453 2008 TrkWks - ok
12:17:59.0468 2008 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:17:59.0468 2008 Udfs - ok
12:17:59.0468 2008 ultra - ok
12:17:59.0515 2008 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:17:59.0515 2008 Update - ok
12:17:59.0562 2008 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
12:17:59.0578 2008 upnphost - ok
12:17:59.0593 2008 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
12:17:59.0593 2008 UPS - ok
12:17:59.0625 2008 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:17:59.0625 2008 usbccgp - ok
12:17:59.0625 2008 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:17:59.0640 2008 usbehci - ok
12:17:59.0656 2008 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:17:59.0656 2008 usbhub - ok
12:17:59.0656 2008 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:17:59.0656 2008 usbprint - ok
12:17:59.0671 2008 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:17:59.0671 2008 usbscan - ok
12:17:59.0687 2008 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:17:59.0687 2008 USBSTOR - ok
12:17:59.0703 2008 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:17:59.0703 2008 usbuhci - ok
12:17:59.0703 2008 uxplb.sys - ok
12:17:59.0718 2008 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:17:59.0718 2008 VgaSave - ok
12:17:59.0718 2008 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
12:17:59.0718 2008 ViaIde - ok
12:17:59.0734 2008 videX32 (cbad598bb71ccc9f725ea042d7be4e35) C:\WINDOWS\system32\DRIVERS\videX32.sys
12:17:59.0734 2008 videX32 - ok
12:17:59.0750 2008 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
12:17:59.0750 2008 VolSnap - ok
12:17:59.0765 2008 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
12:17:59.0781 2008 VSS - ok
12:17:59.0796 2008 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
12:17:59.0843 2008 W32Time - ok
12:17:59.0859 2008 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:17:59.0859 2008 Wanarp - ok
12:17:59.0921 2008 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
12:17:59.0921 2008 Wdf01000 - ok
12:17:59.0921 2008 WDICA - ok
12:17:59.0968 2008 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:17:59.0968 2008 wdmaud - ok
12:18:00.0000 2008 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
12:18:00.0000 2008 WebClient - ok
12:18:00.0062 2008 WinDefend (f45dd1e1365d857dd08bc23563370d0e) C:\Program Files\Windows Defender\MsMpEng.exe
12:18:00.0062 2008 WinDefend - ok
12:18:00.0109 2008 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:18:00.0109 2008 winmgmt - ok
12:18:00.0140 2008 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll
12:18:00.0140 2008 WmdmPmSN - ok
12:18:00.0203 2008 Wmi (6538d6bde04b56737fe743c24d4ce83d) C:\WINDOWS\System32\advapi32.dll
12:18:00.0218 2008 Wmi - ok
12:18:00.0250 2008 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:18:00.0265 2008 WmiApSrv - ok
12:18:00.0312 2008 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:18:00.0343 2008 WMPNetworkSvc - ok
12:18:00.0390 2008 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:18:00.0390 2008 WpdUsb - ok
12:18:00.0421 2008 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
12:18:00.0421 2008 wscsvc - ok
12:18:00.0453 2008 WSTCODEC (233cdd1c06942115802eb7ce6669e099) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:18:00.0453 2008 WSTCODEC - ok
12:18:00.0484 2008 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
12:18:00.0484 2008 wuauserv - ok
12:18:00.0500 2008 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:18:00.0500 2008 WudfPf - ok
12:18:00.0515 2008 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:18:00.0515 2008 WudfRd - ok
12:18:00.0562 2008 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
12:18:00.0562 2008 WudfSvc - ok
12:18:00.0625 2008 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
12:18:00.0687 2008 WZCSVC - ok
12:18:00.0687 2008 xcpip - ok
12:18:00.0718 2008 xfilt (8b9d689780063bb988c3e9e791925dcf) C:\WINDOWS\system32\DRIVERS\xfilt.sys
12:18:00.0718 2008 xfilt - ok
12:18:00.0734 2008 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
12:18:00.0750 2008 xmlprov - ok
12:18:00.0750 2008 xpsec - ok
12:18:00.0781 2008 MBR (0x1B8) (0e1d60863e74698b6255deeb65261da6) \Device\Harddisk0\DR0
12:18:00.0781 2008 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
12:18:00.0781 2008 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
12:18:00.0796 2008 Boot (0x1200) (f6a4ca433b7ea24442e549fa29cc159f) \Device\Harddisk0\DR0\Partition0
12:18:00.0796 2008 \Device\Harddisk0\DR0\Partition0 - ok
12:18:00.0812 2008 Boot (0x1200) (8c31f43fede5ad4dc8c118d4cbe9ffec) \Device\Harddisk0\DR0\Partition1
12:18:00.0812 2008 \Device\Harddisk0\DR0\Partition1 - ok
12:18:00.0812 2008 ============================================================
12:18:00.0812 2008 Scan finished
12:18:00.0812 2008 ============================================================
12:18:00.0828 2176 Detected object count: 2
12:18:00.0828 2176 Actual detected object count: 2
12:19:05.0703 2176 sptd ( LockedFile.Multi.Generic ) - skipped by user
12:19:05.0703 2176 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
12:19:05.0906 2176 \Device\Harddisk0\DR0\# - copied to quarantine
12:19:05.0921 2176 \Device\Harddisk0\DR0 - copied to quarantine
12:19:05.0921 2176 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
12:19:05.0937 2176 \Device\Harddisk0\DR0 - ok
12:19:05.0937 2176 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure

#12 Příspěvek od **JaRon** » 22 čer 2012 12:10

12:19:05.0906 2176 \Device\Harddisk0\DR0\# - copied to quarantine
12:19:05.0921 2176 \Device\Harddisk0\DR0 - copied to quarantine
12:19:05.0921 2176 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
12:19:05.0937 2176 \Device\Harddisk0\DR0 - ok
12:19:05.0937 2176 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure

ked restartujes PC - vytvor novy log z TDSSKiller

kristyna91 · #13 Příspěvek od **kristyna91** » 22 čer 2012 12:21

Tady je nový log po restartu, co dál?
13:17:11.0562 3656 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
13:17:11.0734 3656 ============================================================
13:17:11.0734 3656 Current date / time: 2012/06/22 13:17:11.0734
13:17:11.0734 3656 SystemInfo:
13:17:11.0734 3656
13:17:11.0734 3656 OS Version: 5.1.2600 ServicePack: 3.0
13:17:11.0734 3656 Product type: Workstation
13:17:11.0734 3656 ComputerName: PC
13:17:11.0734 3656 UserName: uzivatelXP
13:17:11.0734 3656 Windows directory: C:\WINDOWS
13:17:11.0734 3656 System windows directory: C:\WINDOWS
13:17:11.0734 3656 Processor architecture: Intel x86
13:17:11.0734 3656 Number of processors: 2
13:17:11.0734 3656 Page size: 0x1000
13:17:11.0734 3656 Boot type: Normal boot
13:17:11.0734 3656 ============================================================
13:17:12.0984 3656 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:17:12.0984 3656 ============================================================
13:17:12.0984 3656 \Device\Harddisk0\DR0:
13:17:12.0984 3656 MBR partitions:
13:17:12.0984 3656 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
13:17:12.0984 3656 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x1701CC1B
13:17:12.0984 3656 ============================================================
13:17:13.0000 3656 C: <-> \Device\Harddisk0\DR0\Partition0
13:17:13.0031 3656 D: <-> \Device\Harddisk0\DR0\Partition1
13:17:13.0031 3656 ============================================================
13:17:13.0031 3656 Initialize success
13:17:13.0031 3656 ============================================================
13:17:16.0437 3760 ============================================================
13:17:16.0437 3760 Scan started
13:17:16.0437 3760 Mode: Manual;
13:17:16.0437 3760 ============================================================
13:17:17.0062 3760 Abiosdsk - ok
13:17:17.0078 3760 abp480n5 - ok
13:17:17.0109 3760 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:17:17.0109 3760 ACPI - ok
13:17:17.0140 3760 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:17:17.0140 3760 ACPIEC - ok
13:17:17.0140 3760 adpu160m - ok
13:17:17.0171 3760 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:17:17.0187 3760 aec - ok
13:17:17.0203 3760 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
13:17:17.0218 3760 AFD - ok
13:17:17.0234 3760 Aha154x - ok
13:17:17.0234 3760 aic78u2 - ok
13:17:17.0250 3760 aic78xx - ok
13:17:17.0453 3760 ALCXWDM (f3e15607ba53249c765e36388b332c2f) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
13:17:17.0609 3760 ALCXWDM - ok
13:17:18.0140 3760 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
13:17:18.0171 3760 Alerter - ok
13:17:18.0203 3760 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
13:17:18.0203 3760 ALG - ok
13:17:18.0218 3760 AliIde - ok
13:17:18.0218 3760 amsint - ok
13:17:18.0375 3760 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
13:17:18.0375 3760 AppMgmt - ok
13:17:18.0375 3760 asc - ok
13:17:18.0390 3760 asc3350p - ok
13:17:18.0390 3760 asc3550 - ok
13:17:18.0437 3760 aspnet_state (d33c507942299753868204cc7642fa27) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:17:18.0437 3760 aspnet_state - ok
13:17:18.0453 3760 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:17:18.0453 3760 AsyncMac - ok
13:17:18.0468 3760 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:17:18.0468 3760 atapi - ok
13:17:18.0468 3760 Atdisk - ok
13:17:18.0531 3760 Ati HotKey Poller (97991f053b599f7315122562a18d7921) C:\WINDOWS\system32\Ati2evxx.exe
13:17:18.0546 3760 Ati HotKey Poller - ok
13:17:18.0593 3760 ATI Smart (08be1463638df5d445a6e6fb139188b5) C:\WINDOWS\system32\ati2sgag.exe
13:17:18.0609 3760 ATI Smart - ok
13:17:18.0843 3760 ati2mtag (f06cfd54ad49c0621b40ebf063c46b08) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
13:17:18.0875 3760 ati2mtag - ok
13:17:18.0968 3760 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:17:18.0968 3760 Atmarpc - ok
13:17:19.0015 3760 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
13:17:19.0015 3760 AudioSrv - ok
13:17:19.0031 3760 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:17:19.0031 3760 audstub - ok
13:17:19.0312 3760 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
13:17:19.0421 3760 AVGIDSAgent - ok
13:17:19.0468 3760 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
13:17:19.0468 3760 AVGIDSDriver - ok
13:17:19.0484 3760 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
13:17:19.0484 3760 AVGIDSEH - ok
13:17:19.0500 3760 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
13:17:19.0500 3760 AVGIDSFilter - ok
13:17:19.0515 3760 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
13:17:19.0515 3760 AVGIDSShim - ok
13:17:19.0531 3760 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
13:17:19.0531 3760 Avgldx86 - ok
13:17:19.0531 3760 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
13:17:19.0546 3760 Avgmfx86 - ok
13:17:19.0578 3760 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
13:17:19.0578 3760 Avgrkx86 - ok
13:17:19.0609 3760 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
13:17:19.0609 3760 Avgtdix - ok
13:17:19.0656 3760 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
13:17:19.0703 3760 avgwd - ok
13:17:19.0703 3760 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:17:19.0703 3760 Beep - ok
13:17:19.0765 3760 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
13:17:19.0781 3760 BITS - ok
13:17:19.0812 3760 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
13:17:19.0812 3760 Browser - ok
13:17:19.0843 3760 CamSuiteVAC (e292176878f933e6a3cc46d6109ef1bb) C:\WINDOWS\system32\DRIVERS\CamSuiteVAC.sys
13:17:19.0843 3760 CamSuiteVAC - ok
13:17:19.0875 3760 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:17:19.0875 3760 cbidf2k - ok
13:17:19.0890 3760 CCDECODE (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:17:19.0890 3760 CCDECODE - ok
13:17:19.0890 3760 cd20xrnt - ok
13:17:19.0906 3760 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:17:19.0921 3760 Cdaudio - ok
13:17:19.0921 3760 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:17:19.0921 3760 Cdfs - ok
13:17:19.0937 3760 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:17:19.0937 3760 Cdrom - ok
13:17:19.0937 3760 Changer - ok
13:17:19.0953 3760 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
13:17:19.0953 3760 CiSvc - ok
13:17:19.0968 3760 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
13:17:19.0968 3760 ClipSrv - ok
13:17:20.0015 3760 clr_optimization_v2.0.50727_32 (3c4d595e7f9b747325aef28b4adcaae5) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:17:20.0031 3760 clr_optimization_v2.0.50727_32 - ok
13:17:20.0031 3760 CmdIde - ok
13:17:20.0046 3760 COMSysApp - ok
13:17:20.0062 3760 Cpqarray - ok
13:17:20.0078 3760 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
13:17:20.0078 3760 CryptSvc - ok
13:17:20.0078 3760 dac2w2k - ok
13:17:20.0093 3760 dac960nt - ok
13:17:20.0140 3760 DcomLaunch (c868f3ae15cf71a93f2aa3a32856d839) C:\WINDOWS\system32\rpcss.dll
13:17:20.0156 3760 DcomLaunch - ok
13:17:20.0171 3760 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
13:17:20.0187 3760 Dhcp - ok
13:17:20.0187 3760 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:17:20.0187 3760 Disk - ok
13:17:20.0187 3760 dmadmin - ok
13:17:20.0250 3760 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
13:17:20.0296 3760 dmboot - ok
13:17:20.0328 3760 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
13:17:20.0343 3760 dmio - ok
13:17:20.0343 3760 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:17:20.0359 3760 dmload - ok
13:17:20.0375 3760 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
13:17:20.0375 3760 dmserver - ok
13:17:20.0406 3760 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:17:20.0406 3760 DMusic - ok
13:17:20.0421 3760 Dnscache (0634b791684b84f4a331f3d3536feef8) C:\WINDOWS\System32\dnsrslvr.dll
13:17:20.0421 3760 Dnscache - ok
13:17:20.0453 3760 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
13:17:20.0468 3760 Dot3svc - ok
13:17:20.0468 3760 dpti2o - ok
13:17:20.0484 3760 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:17:20.0484 3760 drmkaud - ok
13:17:20.0500 3760 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
13:17:20.0500 3760 EapHost - ok
13:17:20.0515 3760 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
13:17:20.0515 3760 ERSvc - ok
13:17:20.0531 3760 Eventlog (f0d2ae69035092bf22dad6b50fab85c2) C:\WINDOWS\system32\services.exe
13:17:20.0531 3760 Eventlog - ok
13:17:20.0562 3760 EventSystem (260c69fd67687b0dc062fc3d31655857) C:\WINDOWS\system32\es.dll
13:17:20.0578 3760 EventSystem - ok
13:17:20.0578 3760 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:17:20.0578 3760 Fastfat - ok
13:17:20.0593 3760 FastUserSwitchingCompatibility (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
13:17:20.0593 3760 FastUserSwitchingCompatibility - ok
13:17:20.0640 3760 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:17:20.0640 3760 Fdc - ok
13:17:20.0671 3760 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
13:17:20.0671 3760 FETNDIS - ok
13:17:20.0671 3760 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
13:17:20.0671 3760 Fips - ok
13:17:20.0687 3760 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:17:20.0687 3760 Flpydisk - ok
13:17:20.0718 3760 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:17:20.0718 3760 FltMgr - ok
13:17:20.0812 3760 FontCache3.0.0.0 (facecf3f75baf3775a879d1168402270) C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:17:20.0812 3760 FontCache3.0.0.0 - ok
13:17:20.0828 3760 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:17:20.0828 3760 Fs_Rec - ok
13:17:20.0843 3760 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:17:20.0843 3760 Ftdisk - ok
13:17:20.0859 3760 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
13:17:20.0859 3760 gagp30kx - ok
13:17:20.0890 3760 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:17:20.0890 3760 Gpc - ok
13:17:20.0968 3760 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:17:20.0968 3760 gupdate - ok
13:17:20.0968 3760 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:17:20.0968 3760 gupdatem - ok
13:17:21.0000 3760 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:17:21.0000 3760 helpsvc - ok
13:17:21.0000 3760 HidServ - ok
13:17:21.0031 3760 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:17:21.0031 3760 hidusb - ok
13:17:21.0046 3760 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
13:17:21.0046 3760 hkmsvc - ok
13:17:21.0062 3760 hpn - ok
13:17:21.0093 3760 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
13:17:21.0109 3760 HTTP - ok
13:17:21.0140 3760 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
13:17:21.0140 3760 HTTPFilter - ok
13:17:21.0140 3760 i2omgmt - ok
13:17:21.0156 3760 i2omp - ok
13:17:21.0156 3760 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:17:21.0171 3760 i8042prt - ok
13:17:21.0234 3760 idsvc (ea7267505149b3a10df32506a4e4e412) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:17:21.0281 3760 idsvc - ok
13:17:21.0328 3760 IJPLMSVC (755519f49906b73c1fe9cbbf75e347ea) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
13:17:21.0328 3760 IJPLMSVC - ok
13:17:21.0359 3760 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:17:21.0359 3760 Imapi - ok
13:17:21.0375 3760 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
13:17:21.0390 3760 ImapiService - ok
13:17:21.0390 3760 ini910u - ok
13:17:21.0406 3760 IntelIde - ok
13:17:21.0421 3760 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:17:21.0421 3760 Ip6Fw - ok
13:17:21.0437 3760 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:17:21.0453 3760 IpFilterDriver - ok
13:17:21.0468 3760 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:17:21.0468 3760 IpInIp - ok
13:17:21.0468 3760 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:17:21.0515 3760 IpNat - ok
13:17:21.0531 3760 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:17:21.0531 3760 IPSec - ok
13:17:21.0562 3760 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:17:21.0562 3760 IRENUM - ok
13:17:21.0593 3760 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:17:21.0593 3760 isapnp - ok
13:17:21.0671 3760 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
13:17:21.0671 3760 JavaQuickStarterService - ok
13:17:21.0734 3760 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:17:21.0734 3760 Kbdclass - ok
13:17:21.0765 3760 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:17:21.0765 3760 kmixer - ok
13:17:21.0796 3760 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
13:17:21.0796 3760 KSecDD - ok
13:17:21.0828 3760 LanmanServer (21920ac69594ab021237054fa728fe46) C:\WINDOWS\System32\srvsvc.dll
13:17:21.0843 3760 LanmanServer - ok
13:17:21.0859 3760 lanmanworkstation (5190783f51a2d7a8495202c664d7c963) C:\WINDOWS\System32\wkssvc.dll
13:17:21.0859 3760 lanmanworkstation - ok
13:17:21.0859 3760 lbrtfdc - ok
13:17:21.0906 3760 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
13:17:21.0906 3760 LmHosts - ok
13:17:21.0937 3760 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
13:17:21.0984 3760 MDM - ok
13:17:22.0000 3760 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
13:17:22.0015 3760 Messenger - ok
13:17:22.0062 3760 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:17:22.0062 3760 mnmdd - ok
13:17:22.0093 3760 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
13:17:22.0093 3760 mnmsrvc - ok
13:17:22.0093 3760 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
13:17:22.0093 3760 Modem - ok
13:17:22.0109 3760 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:17:22.0109 3760 Mouclass - ok
13:17:22.0140 3760 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:17:22.0140 3760 mouhid - ok
13:17:22.0140 3760 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:17:22.0140 3760 MountMgr - ok
13:17:22.0156 3760 mraid35x - ok
13:17:22.0156 3760 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:17:22.0171 3760 MRxDAV - ok
13:17:22.0203 3760 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:17:22.0250 3760 MRxSmb - ok
13:17:22.0265 3760 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
13:17:22.0265 3760 MSDTC - ok
13:17:22.0281 3760 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:17:22.0281 3760 Msfs - ok
13:17:22.0281 3760 MSIServer - ok
13:17:22.0312 3760 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:17:22.0312 3760 MSKSSRV - ok
13:17:22.0312 3760 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:17:22.0312 3760 MSPCLOCK - ok
13:17:22.0328 3760 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:17:22.0328 3760 MSPQM - ok
13:17:22.0343 3760 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:17:22.0343 3760 mssmbios - ok
13:17:22.0359 3760 MSTEE (d5059366b361f0e1124753447af08aa2) C:\WINDOWS\system32\drivers\MSTEE.sys
13:17:22.0359 3760 MSTEE - ok
13:17:22.0375 3760 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
13:17:22.0375 3760 Mup - ok
13:17:22.0390 3760 NABTSFEC (ac31b352ce5e92704056d409834beb74) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:17:22.0390 3760 NABTSFEC - ok
13:17:22.0421 3760 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
13:17:22.0437 3760 napagent - ok
13:17:22.0453 3760 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:17:22.0468 3760 NDIS - ok
13:17:22.0484 3760 NdisIP (abd7629cf2796250f315c1dd0b6cf7a0) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:17:22.0484 3760 NdisIP - ok
13:17:22.0484 3760 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:17:22.0484 3760 NdisTapi - ok
13:17:22.0500 3760 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:17:22.0500 3760 Ndisuio - ok
13:17:22.0515 3760 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:17:22.0515 3760 NdisWan - ok
13:17:22.0531 3760 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
13:17:22.0531 3760 NDProxy - ok
13:17:22.0656 3760 Nero BackItUp Scheduler 3 (2aae889742376edc5c3203dfb74f28fd) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
13:17:22.0671 3760 Nero BackItUp Scheduler 3 - ok
13:17:22.0671 3760 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:17:22.0671 3760 NetBIOS - ok
13:17:22.0687 3760 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:17:22.0703 3760 NetBT - ok
13:17:22.0718 3760 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
13:17:22.0718 3760 NetDDE - ok
13:17:22.0734 3760 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
13:17:22.0734 3760 NetDDEdsdm - ok
13:17:22.0765 3760 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
13:17:22.0765 3760 Netlogon - ok
13:17:22.0781 3760 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
13:17:22.0812 3760 Netman - ok
13:17:22.0921 3760 NetTcpPortSharing (8070bb07fe06de8b9acb29b07016a273) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:17:22.0921 3760 NetTcpPortSharing - ok
13:17:22.0953 3760 Nla (aac97dab5f8a0573cf10e0eac42a7724) C:\WINDOWS\System32\mswsock.dll
13:17:23.0000 3760 Nla - ok
13:17:23.0046 3760 NMIndexingService (cb992ae1506985d9167e85883b4c3240) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
13:17:23.0062 3760 NMIndexingService - ok
13:17:23.0093 3760 nmwcd (b0a67de1a128389aea4d42c5a56215fd) C:\WINDOWS\system32\drivers\ccdcmb.sys
13:17:23.0093 3760 nmwcd - ok
13:17:23.0125 3760 npf (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\npf.sys
13:17:23.0140 3760 npf - ok
13:17:23.0140 3760 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:17:23.0156 3760 Npfs - ok
13:17:23.0187 3760 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:17:23.0218 3760 Ntfs - ok
13:17:23.0234 3760 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
13:17:23.0234 3760 NtLmSsp - ok
13:17:23.0265 3760 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
13:17:23.0281 3760 NtmsSvc - ok
13:17:23.0312 3760 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:17:23.0312 3760 Null - ok
13:17:23.0312 3760 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:17:23.0312 3760 NwlnkFlt - ok
13:17:23.0328 3760 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:17:23.0328 3760 NwlnkFwd - ok
13:17:23.0375 3760 PAC7302 (ad66bc56dd6a030174c03395b3dc0720) C:\WINDOWS\system32\DRIVERS\PAC7302.SYS
13:17:23.0406 3760 PAC7302 - ok
13:17:23.0406 3760 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
13:17:23.0421 3760 Parport - ok
13:17:23.0421 3760 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:17:23.0421 3760 PartMgr - ok
13:17:23.0437 3760 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
13:17:23.0437 3760 ParVdm - ok
13:17:23.0453 3760 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
13:17:23.0453 3760 PCI - ok
13:17:23.0468 3760 PCIDump - ok
13:17:23.0468 3760 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:17:23.0484 3760 PCIIde - ok
13:17:23.0500 3760 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:17:23.0515 3760 Pcmcia - ok
13:17:23.0515 3760 PDCOMP - ok
13:17:23.0531 3760 PDFRAME - ok
13:17:23.0531 3760 PDRELI - ok
13:17:23.0546 3760 PDRFRAME - ok
13:17:23.0546 3760 perc2 - ok
13:17:23.0562 3760 perc2hib - ok
13:17:23.0593 3760 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\WINDOWS\system32\IoctlSvc.exe
13:17:23.0593 3760 PLFlash DeviceIoControl Service - ok
13:17:23.0656 3760 PlugPlay (f0d2ae69035092bf22dad6b50fab85c2) C:\WINDOWS\system32\services.exe
13:17:23.0656 3760 PlugPlay - ok
13:17:23.0656 3760 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
13:17:23.0656 3760 PolicyAgent - ok
13:17:23.0671 3760 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:17:23.0671 3760 PptpMiniport - ok
13:17:23.0687 3760 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
13:17:23.0687 3760 Processor - ok
13:17:23.0687 3760 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
13:17:23.0703 3760 ProtectedStorage - ok
13:17:23.0703 3760 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:17:23.0718 3760 PSched - ok
13:17:23.0734 3760 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:17:23.0734 3760 Ptilink - ok
13:17:23.0734 3760 ql1080 - ok
13:17:23.0750 3760 Ql10wnt - ok
13:17:23.0750 3760 ql12160 - ok
13:17:23.0765 3760 ql1240 - ok
13:17:23.0765 3760 ql1280 - ok
13:17:23.0781 3760 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:17:23.0781 3760 RasAcd - ok
13:17:23.0796 3760 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
13:17:23.0812 3760 RasAuto - ok
13:17:23.0812 3760 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:17:23.0812 3760 Rasl2tp - ok
13:17:23.0843 3760 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
13:17:23.0875 3760 RasMan - ok
13:17:23.0890 3760 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:17:23.0890 3760 RasPppoe - ok
13:17:23.0890 3760 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:17:23.0890 3760 Raspti - ok
13:17:23.0906 3760 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:17:23.0953 3760 Rdbss - ok
13:17:23.0953 3760 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:17:23.0953 3760 RDPCDD - ok
13:17:23.0984 3760 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:17:24.0000 3760 rdpdr - ok
13:17:24.0031 3760 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
13:17:24.0046 3760 RDPWD - ok
13:17:24.0062 3760 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
13:17:24.0078 3760 RDSessMgr - ok
13:17:24.0093 3760 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:17:24.0093 3760 redbook - ok
13:17:24.0109 3760 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
13:17:24.0109 3760 RemoteAccess - ok
13:17:24.0140 3760 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
13:17:24.0140 3760 RemoteRegistry - ok
13:17:24.0218 3760 ResultBar Service - ok
13:17:24.0234 3760 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
13:17:24.0234 3760 RpcLocator - ok
13:17:24.0281 3760 RpcSs (c868f3ae15cf71a93f2aa3a32856d839) C:\WINDOWS\system32\rpcss.dll
13:17:24.0281 3760 RpcSs - ok
13:17:24.0328 3760 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
13:17:24.0328 3760 RSVP - ok
13:17:24.0359 3760 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
13:17:24.0359 3760 SamSs - ok
13:17:24.0375 3760 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
13:17:24.0375 3760 SCardSvr - ok
13:17:24.0406 3760 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
13:17:24.0406 3760 Schedule - ok
13:17:24.0421 3760 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:17:24.0421 3760 Secdrv - ok
13:17:24.0437 3760 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
13:17:24.0437 3760 seclogon - ok
13:17:24.0468 3760 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
13:17:24.0484 3760 SENS - ok
13:17:24.0484 3760 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:17:24.0500 3760 serenum - ok
13:17:24.0500 3760 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
13:17:24.0500 3760 Serial - ok
13:17:24.0515 3760 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:17:24.0515 3760 Sfloppy - ok
13:17:24.0546 3760 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
13:17:24.0578 3760 SharedAccess - ok
13:17:24.0593 3760 ShellHWDetection (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
13:17:24.0593 3760 ShellHWDetection - ok
13:17:24.0593 3760 Simbad - ok
13:17:24.0640 3760 SLIP (1ffc44d6787ec1ea9a2b1440a90fa5c1) C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:17:24.0640 3760 SLIP - ok
13:17:24.0640 3760 Sparrow - ok
13:17:24.0671 3760 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:17:24.0671 3760 splitter - ok
13:17:24.0687 3760 Spooler (cb1090bca0e7b40d0b5b4e4d66531809) C:\WINDOWS\system32\spoolsv.exe
13:17:24.0687 3760 Spooler - ok
13:17:24.0750 3760 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
13:17:24.0750 3760 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
13:17:24.0750 3760 sptd ( LockedFile.Multi.Generic ) - warning
13:17:24.0750 3760 sptd - detected LockedFile.Multi.Generic (1)
13:17:24.0781 3760 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
13:17:24.0781 3760 sr - ok
13:17:24.0796 3760 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
13:17:24.0812 3760 srservice - ok
13:17:24.0828 3760 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
13:17:24.0828 3760 Srv - ok
13:17:24.0843 3760 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
13:17:24.0843 3760 SSDPSRV - ok
13:17:24.0890 3760 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
13:17:24.0953 3760 stisvc - ok
13:17:24.0953 3760 streamip (a9f9fd0212e572b84edb9eb661f6bc04) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:17:24.0968 3760 streamip - ok
13:17:24.0984 3760 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:17:24.0984 3760 swenum - ok
13:17:25.0015 3760 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:17:25.0015 3760 swmidi - ok
13:17:25.0031 3760 SwPrv - ok
13:17:25.0031 3760 symc810 - ok
13:17:25.0031 3760 symc8xx - ok
13:17:25.0046 3760 sym_hi - ok
13:17:25.0046 3760 sym_u3 - ok
13:17:25.0062 3760 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:17:25.0062 3760 sysaudio - ok
13:17:25.0093 3760 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
13:17:25.0093 3760 SysmonLog - ok
13:17:25.0125 3760 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
13:17:25.0171 3760 TapiSrv - ok
13:17:25.0187 3760 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:17:25.0203 3760 Tcpip - ok
13:17:25.0218 3760 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:17:25.0234 3760 TDPIPE - ok
13:17:25.0234 3760 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:17:25.0250 3760 TDTCP - ok
13:17:25.0265 3760 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:17:25.0265 3760 TermDD - ok
13:17:25.0296 3760 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
13:17:25.0296 3760 TermService - ok
13:17:25.0328 3760 Themes (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
13:17:25.0328 3760 Themes - ok
13:17:25.0343 3760 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
13:17:25.0343 3760 TlntSvr - ok
13:17:25.0359 3760 TosIde - ok
13:17:25.0375 3760 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
13:17:25.0375 3760 TrkWks - ok
13:17:25.0406 3760 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:17:25.0406 3760 Udfs - ok
13:17:25.0406 3760 ultra - ok
13:17:25.0453 3760 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:17:25.0500 3760 Update - ok
13:17:25.0515 3760 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
13:17:25.0531 3760 upnphost - ok
13:17:25.0546 3760 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
13:17:25.0562 3760 UPS - ok
13:17:25.0578 3760 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:17:25.0578 3760 usbccgp - ok
13:17:25.0625 3760 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:17:25.0625 3760 usbehci - ok
13:17:25.0640 3760 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:17:25.0640 3760 usbhub - ok
13:17:25.0656 3760 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:17:25.0656 3760 usbprint - ok
13:17:25.0671 3760 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:17:25.0671 3760 usbscan - ok
13:17:25.0671 3760 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:17:25.0671 3760 USBSTOR - ok
13:17:25.0687 3760 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:17:25.0687 3760 usbuhci - ok
13:17:25.0703 3760 uxplb.sys - ok
13:17:25.0734 3760 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:17:25.0734 3760 VgaSave - ok
13:17:25.0750 3760 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
13:17:25.0750 3760 ViaIde - ok
13:17:25.0765 3760 videX32 (cbad598bb71ccc9f725ea042d7be4e35) C:\WINDOWS\system32\DRIVERS\videX32.sys
13:17:25.0765 3760 videX32 - ok
13:17:25.0765 3760 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
13:17:25.0765 3760 VolSnap - ok
13:17:25.0796 3760 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
13:17:25.0812 3760 VSS - ok
13:17:25.0828 3760 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
13:17:25.0859 3760 W32Time - ok
13:17:25.0875 3760 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:17:25.0875 3760 Wanarp - ok
13:17:25.0937 3760 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
13:17:25.0968 3760 Wdf01000 - ok
13:17:25.0968 3760 WDICA - ok
13:17:26.0000 3760 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:17:26.0000 3760 wdmaud - ok
13:17:26.0015 3760 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
13:17:26.0015 3760 WebClient - ok
13:17:26.0078 3760 WinDefend (f45dd1e1365d857dd08bc23563370d0e) C:\Program Files\Windows Defender\MsMpEng.exe
13:17:26.0078 3760 WinDefend - ok
13:17:26.0109 3760 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
13:17:26.0125 3760 winmgmt - ok
13:17:26.0156 3760 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll
13:17:26.0156 3760 WmdmPmSN - ok
13:17:26.0203 3760 Wmi (6538d6bde04b56737fe743c24d4ce83d) C:\WINDOWS\System32\advapi32.dll
13:17:26.0218 3760 Wmi - ok
13:17:26.0250 3760 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:17:26.0250 3760 WmiApSrv - ok
13:17:26.0312 3760 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
13:17:26.0343 3760 WMPNetworkSvc - ok
13:17:26.0390 3760 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:17:26.0390 3760 WpdUsb - ok
13:17:26.0421 3760 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
13:17:26.0421 3760 wscsvc - ok
13:17:26.0437 3760 WSTCODEC (233cdd1c06942115802eb7ce6669e099) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:17:26.0453 3760 WSTCODEC - ok
13:17:26.0468 3760 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
13:17:26.0468 3760 wuauserv - ok
13:17:26.0484 3760 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:17:26.0484 3760 WudfPf - ok
13:17:26.0515 3760 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:17:26.0515 3760 WudfRd - ok
13:17:26.0515 3760 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
13:17:26.0531 3760 WudfSvc - ok
13:17:26.0593 3760 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
13:17:26.0640 3760 WZCSVC - ok
13:17:26.0640 3760 xcpip - ok
13:17:26.0671 3760 xfilt (8b9d689780063bb988c3e9e791925dcf) C:\WINDOWS\system32\DRIVERS\xfilt.sys
13:17:26.0671 3760 xfilt - ok
13:17:26.0703 3760 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
13:17:26.0718 3760 xmlprov - ok
13:17:26.0718 3760 xpsec - ok
13:17:26.0750 3760 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
13:17:27.0046 3760 \Device\Harddisk0\DR0 - ok
13:17:27.0046 3760 Boot (0x1200) (f6a4ca433b7ea24442e549fa29cc159f) \Device\Harddisk0\DR0\Partition0
13:17:27.0062 3760 \Device\Harddisk0\DR0\Partition0 - ok
13:17:27.0078 3760 Boot (0x1200) (8c31f43fede5ad4dc8c118d4cbe9ffec) \Device\Harddisk0\DR0\Partition1
13:17:27.0078 3760 \Device\Harddisk0\DR0\Partition1 - ok
13:17:27.0078 3760 ============================================================
13:17:27.0078 3760 Scan finished
13:17:27.0078 3760 ============================================================
13:17:27.0093 3752 Detected object count: 1
13:17:27.0093 3752 Actual detected object count: 1
13:19:13.0468 3752 sptd ( LockedFile.Multi.Generic ) - skipped by user
13:19:13.0468 3752 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

#14 Příspěvek od **JaRon** » 22 čer 2012 12:25

nuz dievcatko mas to ciste

1. citat:
TFC http://oldtimer.geekstogo.com/TFC.exe
• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

2. doporucujem sa zamysliet na zmenou AV >>> AVG je hodne slaby ,,,

kristyna91 · #15 Příspěvek od **kristyna91** » 22 čer 2012 12:37

Díiky moc, počítač mám čistý.

VIRY.CZ

AVG Anti virus - Trojský kůň

AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň

Re: AVG Anti virus - Trojský kůň