Avast hlásí rootkit v acpi.sys
Logfile of random's system information tool 1.09 (written by random/random)
Run by uživatel at 2013-01-03 16:52:20
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (22%) free of 76 GB
Total RAM: 767 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:52:28, on 3.1.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\uživatel.AMDX2\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\uživatel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60040
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... 3god5n8ANA
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ppcb&s={searchTerms}&f=4
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing)
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Badoo Desktop] C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe
O4 - HKCU\..\Run: [GameXN GO] "C:\Documents and Settings\All Users.WINDOWS\Data aplikací\GameXN\GameXNGO.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://tbedits.videodownloadconverter.c ... 22614&cv=2
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe
--
End of file - 9182 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{19946800-5297-4F1C-AB0B-19F5B7CEEC0B}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-01-30 64928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}]
Toolbar BHO - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbar.dll [2012-12-26 707728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]
Search Assistant BHO - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2012-12-26 62864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll []
{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2012-12-26 707728]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-01-12 37888]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-03-18 77824]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2003-06-25 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [2003-11-08 188416]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2012-12-26 42536]
"VideoDownloadConverter_4z Browser Plugin Loader"=C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe [2012-12-26 30096]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"Badoo Desktop"=C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe []
"GameXN GO"=C:\Documents and Settings\All Users.WINDOWS\Data aplikací\GameXN\GameXNGO.exe /startup []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-12-02 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Grand Prix 4\GP4.exe"="C:\Grand Prix 4\GP4.exe:*:Disabled:GP4"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\empires2.exe"="C:\empires2.exe:*:Enabled:Age of Empires II"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\mshta.exe"="C:\WINDOWS\system32\mshta.exe:*:Enabled:Microsoft (R) HTML Application host"
"C:\Program Files\Electronic Arts\Need for Speed Carbon\nfsc.exe"="C:\Program Files\Electronic Arts\Need for Speed Carbon\nfsc.exe:*:Enabled:nfsc"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Documents and Settings\uživatel.AMDX2\Plocha\MovieBario_FM.exe"="C:\Documents and Settings\uživatel.AMDX2\Plocha\MovieBario_FM.exe:*:Enabled:Facemoods Installer"
"C:\Documents and Settings\uživatel.AMDX2\Local Settings\Temp\Rar$EX20.125\Left 4 Dead 2\left4dead2.exe"="C:\Documents and Settings\uživatel.AMDX2\Local Settings\Temp\Rar$EX20.125\Left 4 Dead 2\left4dead2.exe:*:Enabled:left4dead2"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\uživatel.AMDX2\Plocha\bulanci.exe"="C:\Documents and Settings\uživatel.AMDX2\Plocha\bulanci.exe:*:Enabled:bulanci"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe"="C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11"
"C:\Program Files\Valve\hlds.exe"="C:\Program Files\Valve\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Documents and Settings\uživatel.AMDX2\Plocha\hry\bulanci.exe"="C:\Documents and Settings\uživatel.AMDX2\Plocha\hry\bulanci.exe:*:Disabled:bulanci"
"C:\Documents and Settings\uživatel.AMDX2\Plocha\Age Of Empires 2 & The Conquerors(cz)no instal\age2_x1.exe"="C:\Documents and Settings\uživatel.AMDX2\Plocha\Age Of Empires 2 & The Conquerors(cz)no instal\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\All Users.WINDOWS\Dokumenty\Norton\{NISADO-B185-4abb-B07C-C084B04B4F12}\Age Of Empires 2 & The Conquerors(cz)no instal\age2_x1.exe"="C:\Documents and Settings\All Users.WINDOWS\Dokumenty\Norton\{NISADO-B185-4abb-B07C-C084B04B4F12}\Age Of Empires 2 & The Conquerors(cz)no instal\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Documents and Settings\All Users.WINDOWS\Dokumenty\Norton\{NISADO-B185-4abb-B07C-C084B04B4F12}\Age Of Empires 2 & The Conquerors(cz)no instal\empires2.exe"="C:\Documents and Settings\All Users.WINDOWS\Dokumenty\Norton\{NISADO-B185-4abb-B07C-C084B04B4F12}\Age Of Empires 2 & The Conquerors(cz)no instal\empires2.exe:*:Enabled:Age of Empires II"
"C:\Program Files\Counter-Strike 1.6 Non-Steam\hl.exe"="C:\Program Files\Counter-Strike 1.6 Non-Steam\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\Grisoft\AVG7\avgemc.exe"="C:\Program Files\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.vorbis"=vorbis.acm
======File associations======
.reg - open - "regedit.exe" "%1"
.scr - open - "%1" /S "%3"
======List of files/folders created in the last 1 month======
2013-01-03 16:47:17 ----D---- C:\Program Files\trend micro
2013-01-03 16:47:16 ----D---- C:\rsit
2013-01-02 18:05:09 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-01-02 18:05:08 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2013-01-02 18:05:05 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2013-01-02 18:05:04 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2013-01-02 18:05:04 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2013-01-02 18:05:03 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2013-01-02 18:05:03 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2013-01-02 18:05:02 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2013-01-02 18:04:18 ----A---- C:\WINDOWS\avastSS.scr
2013-01-02 18:04:17 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-01-02 18:03:57 ----D---- C:\Program Files\AVAST Software
2013-01-02 17:25:22 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Avg7
2013-01-02 14:42:01 ----D---- C:\Program Files\Grisoft
2013-01-01 01:46:54 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVAST Software
2012-12-31 15:17:22 ----D---- C:\Program Files\Cenega Czech
2012-12-26 20:41:55 ----D---- C:\Documents and Settings\uživatel.AMDX2\Data aplikací\PhotoFiltre Studio X
2012-12-26 20:41:46 ----D---- C:\Program Files\PhotoFiltre Studio X
2012-12-26 20:37:16 ----D---- C:\Documents and Settings\uživatel.AMDX2\Data aplikací\VideoDownloadConverter_4z
2012-12-26 20:35:42 ----D---- C:\Program Files\Video Download Converter
2012-12-26 20:35:00 ----D---- C:\Program Files\VideoDownloadConverter_4z
2012-12-21 15:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842-v2$
2012-12-13 17:27:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$
2012-12-13 17:27:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2779030$
2012-12-13 17:26:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$
2012-12-13 17:26:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842$
2012-12-13 17:26:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$
2012-12-09 09:36:02 ----A---- C:\WINDOWS\TextSpy.ini
2012-12-09 09:34:28 ----D---- C:\WINDOWS\Profiles
2012-12-09 09:34:24 ----D---- C:\Documents and Settings\uživatel.AMDX2\Data aplikací\InterTrust
2012-12-09 09:34:05 ----A---- C:\WINDOWS\IsUn0405.exe
2012-12-08 20:01:01 ----A---- C:\WINDOWS\system32\drivers\prodrv04.sys
2012-12-08 19:58:11 ----D---- C:\Documents and Settings\uživatel.AMDX2\Data aplikací\ubi.com
2012-12-08 19:56:27 ----D---- C:\Program Files\Red Storm Entertainment
======List of files/folders modified in the last 1 month======
2013-01-03 16:50:43 ----D---- C:\WINDOWS\Temp
2013-01-03 16:49:59 ----D---- C:\WINDOWS\Prefetch
2013-01-03 16:47:17 ----RD---- C:\Program Files
2013-01-03 16:42:20 ----D---- C:\WINDOWS
2013-01-03 16:41:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-01-03 16:40:43 ----AC---- C:\WINDOWS\WINCMD.INI
2013-01-03 16:32:45 ----D---- C:\WINDOWS\system32\drivers
2013-01-03 16:29:02 ----D---- C:\WINDOWS\system32\CatRoot2
2013-01-03 16:26:10 ----SD---- C:\WINDOWS\Tasks
2013-01-03 16:26:06 ----D---- C:\WINDOWS\system32
2013-01-02 18:04:49 ----SHD---- C:\WINDOWS\Installer
2013-01-02 18:04:49 ----HD---- C:\Config.Msi
2013-01-02 18:04:48 ----D---- C:\WINDOWS\WinSxS
2013-01-02 17:31:31 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Norton
2013-01-02 17:29:33 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Origin
2013-01-02 17:25:20 ----SD---- C:\Documents and Settings\uživatel.AMDX2\Data aplikací\Microsoft
2013-01-02 17:25:19 ----D---- C:\WINDOWS\system
2013-01-02 12:44:01 ----D---- C:\Program Files\Counter-Strike 1.6 Non-Steam
2013-01-02 09:57:50 ----D---- C:\Grand Prix 4
2013-01-01 10:36:26 ----A---- C:\AILog.txt
2013-01-01 01:57:09 ----D---- C:\Program Files\Google
2012-12-26 09:30:49 ----D---- C:\Program Files\Opera
2012-12-25 07:52:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-12-23 18:37:01 ----HD---- C:\WINDOWS\inf
2012-12-23 18:34:48 ----D---- C:\Program Files\Realtek
2012-12-23 18:25:13 ----HD---- C:\Program Files\InstallShield Installation Information
2012-12-23 17:59:37 ----D---- C:\WINDOWS\Network Diagnostic
2012-12-23 17:51:06 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-12-23 13:11:35 ----D---- C:\install
2012-12-23 13:07:50 ----D---- C:\Program Files\Image-Line
2012-12-23 13:04:33 ----D---- C:\Program Files\Microsoft Office
2012-12-23 13:02:34 ----D---- C:\Program Files\Common Files
2012-12-23 12:57:53 ----D---- C:\WINDOWS\SxsCaPendDel
2012-12-21 15:02:01 ----A---- C:\WINDOWS\imsins.BAK
2012-12-21 15:00:43 ----HD---- C:\WINDOWS\$hf_mig$
2012-12-16 13:23:59 ----A---- C:\WINDOWS\system32\atmfd.dll
2012-12-13 17:26:08 ----D---- C:\Program Files\Internet Explorer
2012-12-13 17:25:54 ----D---- C:\WINDOWS\ie8updates
2012-12-13 17:18:02 ----A---- C:\WINDOWS\system32\MRT.exe
2012-12-09 09:35:06 ----D---- C:\Program Files\Common Files\Adobe
2012-12-09 09:34:26 ----RSD---- C:\WINDOWS\Fonts
2012-12-09 09:34:24 ----D---- C:\WINDOWS\system32\Adobe
2012-12-09 09:34:24 ----D---- C:\Program Files\Adobe
2012-12-04 17:57:18 ----D---- C:\WINDOWS\Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdide;amdide; C:\WINDOWS\system32\DRIVERS\amdide.sys [2007-10-12 9096]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-14 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2012-08-21 18544]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv04;Star Force copy protection driver v4; C:\WINDOWS\System32\drivers\prodrv04.sys [2012-12-08 114496]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-12-02 3452928]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-11-01 93184]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-22 5082624]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-11-27 177152]
S3 a5scgvoq;a5scgvoq; C:\WINDOWS\system32\drivers\a5scgvoq.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-08-26 21568]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 RTLTEAMING;Realtek Intermediate Driver for Ethernet Extended Features; C:\WINDOWS\system32\DRIVERS\RTLTEAMING.SYS [2009-02-16 28800]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-12-02 598016]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-12-01 593920]
S2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-01 136176]
S2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe []
S2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2012-12-26 42504]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-09 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-01 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
Zdravim a pekny podvecer preji 
Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.
Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe
Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.
- Utilitu spustte a prikazte ji, at skenuje - klik na Scan
- Kliknutim na Save log ulozte log aswMBR na plochu
- Obsah logu aswMBR mi sem vlozte
Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe
- Ulozte nejlepe na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Report
- Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte
Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- Kliknete na volbu Change parametrs
- V okne Additional Option zakliknete vsechny moznosti
- Kliknete na OK
- Utilite prikazte, at skenuje - klik na Start Scan
- Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
- Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
- Pokud mate vsude Skip, kliknete na Continue
- Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-03 17:00:50
-----------------------------
17:00:50.437 OS Version: Windows 5.1.2600 Service Pack 3
17:00:50.437 Number of processors: 2 586 0x6B02
17:00:50.437 ComputerName: AMDX2 UserName:
17:00:52.046 Initialize success
17:00:53.515 AVAST engine defs: 13010300
17:01:06.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:01:06.984 Disk 0 Vendor: ST380013AS 3.05 Size: 76318MB BusType: 3
17:01:07.000 Disk 0 MBR read successfully
17:01:07.000 Disk 0 MBR scan
17:01:07.000 Disk 0 Windows XP default MBR code
17:01:07.000 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
17:01:07.000 Disk 0 scanning sectors +156280320
17:01:07.062 Disk 0 scanning C:\WINDOWS\system32\drivers
17:01:10.265 File: C:\WINDOWS\system32\drivers\acpi.sys **INFECTED** Win32:RLoader-B
17:01:17.125 Disk 0 trace - called modules:
17:01:17.125 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys >>UNKNOWN [0x839ec329]<<
17:01:17.125 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83ad9ab8]
17:01:17.125 3 CLASSPNP.SYS[f769cfd7] -> nt!IofCallDriver -> \Device\0000006c[0x83b21510]
17:01:17.140 5 ACPI.sys[f7428620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x83b1c940]
17:01:17.578 AVAST engine scan C:\WINDOWS
17:01:31.171 AVAST engine scan C:\WINDOWS\system32
17:04:00.640 AVAST engine scan C:\WINDOWS\system32\drivers
17:04:03.890 File: C:\WINDOWS\system32\drivers\acpi.sys **INFECTED** Win32:RLoader-B
17:04:14.687 AVAST engine scan C:\Documents and Settings\uživatel.AMDX2
17:33:09.796 AVAST engine scan C:\Documents and Settings\All Users.WINDOWS
17:36:02.171 Scan finished successfully
17:36:11.937 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\uživatel.AMDX2\Dokumenty\MBR.dat"
17:36:12.000 The log file has been saved successfully to "C:\Documents and Settings\uživatel.AMDX2\Dokumenty\aswMBR.txt"
Run date: 2013-01-03 17:00:50
-----------------------------
17:00:50.437 OS Version: Windows 5.1.2600 Service Pack 3
17:00:50.437 Number of processors: 2 586 0x6B02
17:00:50.437 ComputerName: AMDX2 UserName:
17:00:52.046 Initialize success
17:00:53.515 AVAST engine defs: 13010300
17:01:06.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:01:06.984 Disk 0 Vendor: ST380013AS 3.05 Size: 76318MB BusType: 3
17:01:07.000 Disk 0 MBR read successfully
17:01:07.000 Disk 0 MBR scan
17:01:07.000 Disk 0 Windows XP default MBR code
17:01:07.000 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
17:01:07.000 Disk 0 scanning sectors +156280320
17:01:07.062 Disk 0 scanning C:\WINDOWS\system32\drivers
17:01:10.265 File: C:\WINDOWS\system32\drivers\acpi.sys **INFECTED** Win32:RLoader-B
17:01:17.125 Disk 0 trace - called modules:
17:01:17.125 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys >>UNKNOWN [0x839ec329]<<
17:01:17.125 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83ad9ab8]
17:01:17.125 3 CLASSPNP.SYS[f769cfd7] -> nt!IofCallDriver -> \Device\0000006c[0x83b21510]
17:01:17.140 5 ACPI.sys[f7428620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x83b1c940]
17:01:17.578 AVAST engine scan C:\WINDOWS
17:01:31.171 AVAST engine scan C:\WINDOWS\system32
17:04:00.640 AVAST engine scan C:\WINDOWS\system32\drivers
17:04:03.890 File: C:\WINDOWS\system32\drivers\acpi.sys **INFECTED** Win32:RLoader-B
17:04:14.687 AVAST engine scan C:\Documents and Settings\uživatel.AMDX2
17:33:09.796 AVAST engine scan C:\Documents and Settings\All Users.WINDOWS
17:36:02.171 Scan finished successfully
17:36:11.937 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\uživatel.AMDX2\Dokumenty\MBR.dat"
17:36:12.000 The log file has been saved successfully to "C:\Documents and Settings\uživatel.AMDX2\Dokumenty\aswMBR.txt"
Re: Prosím o kontrolu logu
Kód: Vybrat vše
MBRScan v1.1.1
OS : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR : x86 Family 15 Model 107 Stepping 2, AuthenticAMD
BOOT : Normal Boot
DATE : 2013/01/03 (ISO 8601) at 17:38:05
________________________________________________________________________________
DISK : Device\Harddisk0\DR0 __ST380013AS (3.05)
BUS_TYPE : (0x03) P-ATA
USE_PIO : YES
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
Device\Harddisk0\DR0 74.53 Go [Fixed] ==> XP MBR Code
MBR_MD5 : FF7A191040B4C686814530567ED545AA
MBR_SHA1 : 43C91C256522A6BF613E87FCB57A326408120B41
Device\Harddisk0\Partition1 74.52 Go 0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________
############################### Additional scan ################################
DRIVER : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0xA5F52000
SIZE : 96.0 Ko
DRIVER : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xF7BAA000
SIZE : 8.0 Ko
DRIVER : C:\DOCUME~1\UIVATE~1.AMD\LOCALS~1\Temp\aswMBR.sys => Invisible on the disk
ADDRESS : 0xA3302000
SIZE : 48.0 Ko
SystemStartOptions : FASTDETECT USEPMTIMER NOEXECUTE=OPTIN
________________________________________________________________________________
_______MBR \Device\Harddisk0\DR0
0x00000000 33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C 3À.м.|ûP.P.ü¾.|
0x00000010 BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04 ¿..PW¹å.ó¤Ë½¾.±.
0x00000020 38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5 8n.|.u..Å.âôÍ..õ
0x00000030 83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B .Æ.It.8,tö.µ.´..
0x00000040 F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88 ð¬<.tü»..´.Í.ëò.
0x00000050 4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B N.èF.s*þF..~..t.
0x00000060 80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83 .~..t..¶.uÒ.F...
0x00000070 46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB F...V..è!.s..¶.ë
0x00000080 BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0 ¼.>þ}Uªt..~..tÈ.
0x00000090 B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56 ·.ë©.ü.W.õË¿...V
0x000000A0 00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC .´.Í.r#.Á$?..Þ.ü
0x000000B0 43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56 C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0 0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C .w#r.9F.s.¸..».|
0x000000D0 8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A .N..V.Í.sQOtN2ä.
0x000000E0 56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD V.Í.ëä.V.`»ªU´AÍ
0x000000F0 13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60 .r6.ûUªu0öÁ.t+a`
0x00000100 6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A j.j..v..v.j.h.|j
0x00000110 01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B .j.´B.ôÍ.aas.Ot.
0x00000120 32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 4E 65 70 6C 2ä.V.Í.ëÖaùÃNepl
0x00000130 61 74 6E A0 20 74 61 62 75 6C 6B 61 20 6F 64 64 atn. tabulka odd
0x00000140 A1 6C 85 00 43 68 79 62 61 20 70 FD 69 20 6E 61 ¡l..Chyba pýi na
0x00000150 9F A1 74 A0 6E A1 20 6F 70 65 72 61 9F 6E A1 68 .¡t.n¡ opera.n¡h
0x00000160 6F 20 73 79 73 74 82 6D 75 00 4F 70 65 72 61 9F o syst.mu.Opera.
0x00000170 6E A1 20 73 79 73 74 82 6D 20 6E 65 6E 61 6C 65 n¡ syst.m nenale
0x00000180 7A 65 6E 00 00 00 00 00 00 00 00 00 00 00 00 00 zen.............
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 2C 44 6A 77 95 56 B8 00 00 80 01 .....,Djw.V¸....
0x000001C0 01 00 07 FE FF FF 3F 00 00 00 C1 A5 50 09 00 00 ...þ..?...Á¥P...
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
Re: Prosím o kontrolu logu
17:39:13.0921 2960 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:39:14.0453 2960 ============================================================
17:39:14.0453 2960 Current date / time: 2013/01/03 17:39:14.0453
17:39:14.0453 2960 SystemInfo:
17:39:14.0453 2960
17:39:14.0453 2960 OS Version: 5.1.2600 ServicePack: 3.0
17:39:14.0453 2960 Product type: Workstation
17:39:14.0453 2960 ComputerName: AMDX2
17:39:14.0453 2960 UserName: uživatel
17:39:14.0453 2960 Windows directory: C:\WINDOWS
17:39:14.0453 2960 System windows directory: C:\WINDOWS
17:39:14.0453 2960 Processor architecture: Intel x86
17:39:14.0453 2960 Number of processors: 2
17:39:14.0453 2960 Page size: 0x1000
17:39:14.0453 2960 Boot type: Normal boot
17:39:14.0453 2960 ============================================================
17:39:16.0156 2960 Drive \Device\Harddisk0\DR0 - Size: 0x12A1E0DE00 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:39:16.0156 2960 ============================================================
17:39:16.0156 2960 \Device\Harddisk0\DR0:
17:39:16.0156 2960 MBR partitions:
17:39:16.0156 2960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
17:39:16.0156 2960 ============================================================
17:39:16.0187 2960 C: <-> \Device\Harddisk0\DR0\Partition1
17:39:16.0187 2960 ============================================================
17:39:16.0187 2960 Initialize success
17:39:16.0187 2960 ============================================================
17:40:17.0531 1552 ============================================================
17:40:17.0531 1552 Scan started
17:40:17.0531 1552 Mode: Manual; SigCheck; TDLFS;
17:40:17.0531 1552 ============================================================
17:40:17.0781 1552 ================ Scan system memory ========================
17:40:17.0781 1552 System memory - ok
17:40:17.0781 1552 ================ Scan services =============================
17:40:17.0890 1552 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
17:40:18.0312 1552 Aavmker4 - ok
17:40:18.0312 1552 Abiosdsk - ok
17:40:18.0328 1552 abp480n5 - ok
17:40:18.0375 1552 [ C6E149975376BEDF572F81EDAE8FF0E4 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:40:18.0390 1552 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: C6E149975376BEDF572F81EDAE8FF0E4, Fake md5: 4FE34F1F3126B61FCC6B2043AA8112C9
17:40:18.0390 1552 ACPI ( Virus.Win32.Rloader.a ) - infected
17:40:18.0390 1552 ACPI - detected Virus.Win32.Rloader.a (0)
17:40:18.0421 1552 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:40:19.0312 1552 ACPIEC - ok
17:40:19.0328 1552 adpu160m - ok
17:40:19.0359 1552 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:40:19.0500 1552 aec - ok
17:40:19.0531 1552 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:40:19.0609 1552 AFD - ok
17:40:19.0609 1552 Aha154x - ok
17:40:19.0625 1552 aic78u2 - ok
17:40:19.0640 1552 aic78xx - ok
17:40:19.0656 1552 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:40:19.0796 1552 Alerter - ok
17:40:19.0828 1552 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
17:40:19.0890 1552 ALG - ok
17:40:19.0906 1552 AliIde - ok
17:40:19.0984 1552 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
17:40:20.0140 1552 Ambfilt - ok
17:40:20.0203 1552 [ 6E58654CB25730B2579E45E1FD116A47 ] amdide C:\WINDOWS\system32\DRIVERS\amdide.sys
17:40:20.0218 1552 amdide - ok
17:40:20.0234 1552 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
17:40:20.0281 1552 AmdPPM - ok
17:40:20.0296 1552 amsint - ok
17:40:20.0312 1552 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:40:20.0406 1552 AppMgmt - ok
17:40:20.0406 1552 asc - ok
17:40:20.0421 1552 asc3350p - ok
17:40:20.0421 1552 asc3550 - ok
17:40:20.0531 1552 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:40:20.0578 1552 aspnet_state - ok
17:40:20.0609 1552 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
17:40:20.0625 1552 aswFsBlk - ok
17:40:20.0671 1552 [ 31E0D16EB06D09A248AFF20C76F9091B ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
17:40:20.0687 1552 aswKbd - ok
17:40:20.0718 1552 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
17:40:20.0750 1552 aswMon2 - ok
17:40:20.0796 1552 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
17:40:20.0812 1552 AswRdr - ok
17:40:20.0843 1552 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
17:40:20.0906 1552 aswSnx - ok
17:40:20.0953 1552 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
17:40:21.0000 1552 aswSP - ok
17:40:21.0015 1552 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
17:40:21.0031 1552 aswTdi - ok
17:40:21.0062 1552 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:40:21.0203 1552 AsyncMac - ok
17:40:21.0250 1552 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:40:21.0390 1552 atapi - ok
17:40:21.0390 1552 Atdisk - ok
17:40:21.0453 1552 [ ECA673779ECD27D674953D692FE070F6 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:40:21.0578 1552 Ati HotKey Poller - ok
17:40:21.0625 1552 [ 1428C586BB318E1404575834E428ADDD ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
17:40:21.0718 1552 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
17:40:21.0718 1552 ATI Smart - detected UnsignedFile.Multi.Generic (1)
17:40:21.0859 1552 [ 15B2FE76E2ECEB98C49ED52311A6F26F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:40:22.0140 1552 ati2mtag - ok
17:40:22.0171 1552 [ D9BC8892B9440A2551B8148C57AA039E ] AtiHdmiService C:\WINDOWS\system32\drivers\AtiHdmi.sys
17:40:22.0203 1552 AtiHdmiService - ok
17:40:22.0234 1552 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:40:22.0390 1552 Atmarpc - ok
17:40:22.0406 1552 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:40:22.0562 1552 AudioSrv - ok
17:40:22.0609 1552 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:40:22.0750 1552 audstub - ok
17:40:22.0890 1552 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:40:22.0906 1552 avast! Antivirus - ok
17:40:22.0937 1552 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:40:23.0093 1552 Beep - ok
17:40:23.0156 1552 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
17:40:23.0437 1552 BITS - ok
17:40:23.0437 1552 Bonjour Service - ok
17:40:23.0468 1552 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
17:40:23.0531 1552 Browser - ok
17:40:23.0578 1552 [ 1778EBA872274C1226D869CD9486847E ] Capture Device Service C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
17:40:23.0593 1552 Capture Device Service - ok
17:40:23.0625 1552 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:40:23.0781 1552 cbidf2k - ok
17:40:23.0796 1552 cd20xrnt - ok
17:40:23.0843 1552 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:40:23.0984 1552 Cdaudio - ok
17:40:24.0046 1552 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:40:24.0218 1552 Cdfs - ok
17:40:24.0265 1552 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:40:24.0421 1552 Cdrom - ok
17:40:24.0421 1552 Changer - ok
17:40:24.0453 1552 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:40:24.0593 1552 CiSvc - ok
17:40:24.0609 1552 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:40:24.0765 1552 ClipSrv - ok
17:40:24.0812 1552 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:40:24.0953 1552 clr_optimization_v2.0.50727_32 - ok
17:40:24.0953 1552 CmdIde - ok
17:40:24.0984 1552 COMSysApp - ok
17:40:25.0000 1552 Cpqarray - ok
17:40:25.0062 1552 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:40:25.0203 1552 CryptSvc - ok
17:40:25.0203 1552 dac2w2k - ok
17:40:25.0218 1552 dac960nt - ok
17:40:25.0265 1552 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:40:25.0390 1552 DcomLaunch - ok
17:40:25.0421 1552 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:40:25.0562 1552 Dhcp - ok
17:40:25.0578 1552 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:40:25.0734 1552 Disk - ok
17:40:25.0750 1552 dmadmin - ok
17:40:25.0796 1552 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:40:26.0015 1552 dmboot - ok
17:40:26.0046 1552 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:40:26.0218 1552 dmio - ok
17:40:26.0265 1552 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:40:26.0406 1552 dmload - ok
17:40:26.0421 1552 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:40:26.0562 1552 dmserver - ok
17:40:26.0593 1552 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:40:26.0750 1552 DMusic - ok
17:40:26.0765 1552 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:40:26.0859 1552 Dnscache - ok
17:40:26.0890 1552 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:40:27.0062 1552 Dot3svc - ok
17:40:27.0062 1552 dpti2o - ok
17:40:27.0093 1552 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:40:27.0234 1552 drmkaud - ok
17:40:27.0265 1552 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:40:27.0437 1552 EapHost - ok
17:40:27.0453 1552 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:40:27.0593 1552 ERSvc - ok
17:40:27.0625 1552 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
17:40:27.0656 1552 Eventlog - ok
17:40:27.0687 1552 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
17:40:27.0734 1552 EventSystem - ok
17:40:27.0765 1552 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:40:27.0906 1552 Fastfat - ok
17:40:27.0937 1552 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:40:28.0046 1552 FastUserSwitchingCompatibility - ok
17:40:28.0125 1552 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:40:28.0281 1552 Fdc - ok
17:40:28.0312 1552 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:40:28.0468 1552 Fips - ok
17:40:28.0515 1552 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:40:28.0593 1552 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
17:40:28.0593 1552 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
17:40:28.0609 1552 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:40:28.0781 1552 Flpydisk - ok
17:40:28.0828 1552 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:40:28.0968 1552 FltMgr - ok
17:40:29.0078 1552 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:40:29.0093 1552 FontCache3.0.0.0 - ok
17:40:29.0093 1552 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:40:29.0250 1552 Fs_Rec - ok
17:40:29.0281 1552 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:40:29.0421 1552 Ftdisk - ok
17:40:29.0453 1552 [ C6E3105B8C68C35CC1EB26A00FD1A8C6 ] gdrv C:\WINDOWS\gdrv.sys
17:40:30.0437 1552 gdrv - ok
17:40:30.0500 1552 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:40:30.0656 1552 Gpc - ok
17:40:30.0734 1552 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:40:30.0750 1552 gupdate - ok
17:40:30.0765 1552 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:40:30.0781 1552 gupdatem - ok
17:40:30.0828 1552 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:40:30.0984 1552 HDAudBus - ok
17:40:31.0046 1552 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:40:31.0218 1552 helpsvc - ok
17:40:31.0234 1552 HidServ - ok
17:40:31.0265 1552 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:40:31.0421 1552 HidUsb - ok
17:40:31.0468 1552 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:40:31.0625 1552 hkmsvc - ok
17:40:31.0640 1552 hpn - ok
17:40:31.0687 1552 [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:40:31.0796 1552 HPZid412 - ok
17:40:31.0796 1552 [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:40:31.0875 1552 HPZipr12 - ok
17:40:31.0921 1552 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:40:31.0984 1552 HPZius12 - ok
17:40:32.0062 1552 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:40:32.0093 1552 HTTP - ok
17:40:32.0156 1552 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:40:32.0328 1552 HTTPFilter - ok
17:40:32.0328 1552 i2omgmt - ok
17:40:32.0343 1552 i2omp - ok
17:40:32.0375 1552 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:40:32.0531 1552 i8042prt - ok
17:40:32.0640 1552 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:40:32.0703 1552 idsvc - ok
17:40:32.0718 1552 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:40:32.0890 1552 Imapi - ok
17:40:32.0921 1552 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:40:33.0078 1552 ImapiService - ok
17:40:33.0078 1552 ini910u - ok
17:40:33.0312 1552 [ 0CACDCBBC8E6F11E2865C47BFC509848 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:40:33.0687 1552 IntcAzAudAddService - ok
17:40:33.0703 1552 IntelIde - ok
17:40:33.0734 1552 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:40:33.0890 1552 Ip6Fw - ok
17:40:33.0906 1552 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:40:34.0078 1552 IpFilterDriver - ok
17:40:34.0109 1552 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:40:34.0250 1552 IpInIp - ok
17:40:34.0296 1552 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:40:34.0421 1552 IpNat - ok
17:40:34.0484 1552 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:40:34.0625 1552 IPSec - ok
17:40:34.0671 1552 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:40:34.0734 1552 IRENUM - ok
17:40:34.0765 1552 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:40:34.0906 1552 isapnp - ok
17:40:34.0937 1552 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:40:35.0093 1552 Kbdclass - ok
17:40:35.0125 1552 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:40:35.0265 1552 kbdhid - ok
17:40:35.0281 1552 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:40:35.0437 1552 kmixer - ok
17:40:35.0468 1552 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:40:35.0562 1552 KSecDD - ok
17:40:35.0609 1552 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
17:40:35.0656 1552 LanmanServer - ok
17:40:35.0687 1552 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:40:35.0750 1552 lanmanworkstation - ok
17:40:35.0765 1552 lbrtfdc - ok
17:40:35.0812 1552 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:40:35.0968 1552 LmHosts - ok
17:40:36.0296 1552 [ DABB24407D4EB8F1DF9F818683624176 ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
17:40:36.0375 1552 LMIGuardianSvc - ok
17:40:36.0437 1552 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
17:40:36.0453 1552 LMIInfo - ok
17:40:36.0500 1552 [ 24597000FB888EE0558F24EC391732C4 ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
17:40:36.0515 1552 LMIMaint - ok
17:40:36.0562 1552 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
17:40:36.0578 1552 lmimirr - ok
17:40:36.0578 1552 LMIRfsClientNP - ok
17:40:36.0625 1552 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
17:40:36.0640 1552 LMIRfsDriver - ok
17:40:36.0718 1552 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
17:40:36.0750 1552 LogMeIn - ok
17:40:36.0796 1552 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:40:36.0843 1552 MDM - ok
17:40:36.0859 1552 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:40:37.0031 1552 Messenger - ok
17:40:37.0093 1552 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:40:37.0234 1552 mnmdd - ok
17:40:37.0281 1552 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:40:37.0437 1552 mnmsrvc - ok
17:40:37.0453 1552 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:40:37.0609 1552 Modem - ok
17:40:37.0687 1552 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
17:40:37.0796 1552 Monfilt - ok
17:40:37.0859 1552 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:40:38.0046 1552 Mouclass - ok
17:40:38.0062 1552 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:40:38.0218 1552 mouhid - ok
17:40:38.0234 1552 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:40:38.0375 1552 MountMgr - ok
17:40:38.0390 1552 mraid35x - ok
17:40:38.0421 1552 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:40:38.0546 1552 MRxDAV - ok
17:40:38.0593 1552 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:40:38.0687 1552 MRxSmb - ok
17:40:38.0718 1552 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:40:38.0859 1552 MSDTC - ok
17:40:38.0875 1552 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:40:39.0031 1552 Msfs - ok
17:40:39.0031 1552 MSIServer - ok
17:40:39.0078 1552 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:40:39.0250 1552 MSKSSRV - ok
17:40:39.0281 1552 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:40:39.0421 1552 MSPCLOCK - ok
17:40:39.0453 1552 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:40:39.0593 1552 MSPQM - ok
17:40:39.0640 1552 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:40:39.0765 1552 mssmbios - ok
17:40:39.0781 1552 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:40:39.0843 1552 Mup - ok
17:40:39.0875 1552 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:40:40.0062 1552 napagent - ok
17:40:40.0093 1552 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:40:40.0234 1552 NDIS - ok
17:40:40.0265 1552 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:40:40.0312 1552 NdisTapi - ok
17:40:40.0343 1552 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:40:40.0500 1552 Ndisuio - ok
17:40:40.0531 1552 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:40:40.0656 1552 NdisWan - ok
17:40:40.0687 1552 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:40:40.0734 1552 NDProxy - ok
17:40:40.0781 1552 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:40:40.0953 1552 NetBIOS - ok
17:40:40.0984 1552 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:40:41.0140 1552 NetBT - ok
17:40:41.0187 1552 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
17:40:41.0328 1552 NetDDE - ok
17:40:41.0343 1552 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:40:41.0484 1552 NetDDEdsdm - ok
17:40:41.0515 1552 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:40:41.0671 1552 Netlogon - ok
17:40:41.0687 1552 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
17:40:41.0859 1552 Netman - ok
17:40:41.0890 1552 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:40:41.0906 1552 NetTcpPortSharing - ok
17:40:41.0953 1552 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
17:40:41.0984 1552 Nla - ok
17:40:41.0984 1552 NMSAccessU - ok
17:40:42.0031 1552 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:40:42.0171 1552 Npfs - ok
17:40:42.0203 1552 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:40:42.0421 1552 Ntfs - ok
17:40:42.0437 1552 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:40:42.0578 1552 NtLmSsp - ok
17:40:42.0625 1552 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:40:42.0796 1552 NtmsSvc - ok
17:40:42.0828 1552 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:40:42.0984 1552 Null - ok
17:40:43.0015 1552 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:40:43.0171 1552 NwlnkFlt - ok
17:40:43.0187 1552 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:40:43.0328 1552 NwlnkFwd - ok
17:40:43.0375 1552 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:40:43.0515 1552 Parport - ok
17:40:43.0531 1552 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:40:43.0671 1552 PartMgr - ok
17:40:43.0718 1552 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:40:43.0843 1552 ParVdm - ok
17:40:43.0890 1552 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:40:44.0062 1552 PCI - ok
17:40:44.0062 1552 PCIDump - ok
17:40:44.0093 1552 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:40:44.0234 1552 PCIIde - ok
17:40:44.0265 1552 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:40:44.0437 1552 Pcmcia - ok
17:40:44.0453 1552 PDCOMP - ok
17:40:44.0453 1552 PDFRAME - ok
17:40:44.0468 1552 PDRELI - ok
17:40:44.0484 1552 PDRFRAME - ok
17:40:44.0484 1552 perc2 - ok
17:40:44.0500 1552 perc2hib - ok
17:40:44.0531 1552 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
17:40:44.0562 1552 PlugPlay - ok
17:40:44.0578 1552 [ D31F88C5F19EEFA366A415D6BC5F2ABC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
17:40:44.0640 1552 Pml Driver HPZ12 - ok
17:40:44.0656 1552 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:40:44.0765 1552 PolicyAgent - ok
17:40:44.0781 1552 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:40:44.0953 1552 PptpMiniport - ok
17:40:45.0000 1552 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:40:45.0140 1552 Processor - ok
17:40:45.0187 1552 [ 4AA86B6F5FDF5ED32ADC723B0E5B052D ] prodrv04 C:\WINDOWS\System32\drivers\prodrv04.sys
17:40:45.0203 1552 prodrv04 ( UnsignedFile.Multi.Generic ) - warning
17:40:45.0203 1552 prodrv04 - detected UnsignedFile.Multi.Generic (1)
17:40:45.0203 1552 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:40:45.0359 1552 ProtectedStorage - ok
17:40:45.0375 1552 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:40:45.0531 1552 PSched - ok
17:40:45.0546 1552 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:40:45.0703 1552 Ptilink - ok
17:40:45.0765 1552 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:40:45.0781 1552 PxHelp20 - ok
17:40:45.0781 1552 ql1080 - ok
17:40:45.0796 1552 Ql10wnt - ok
17:40:45.0796 1552 ql12160 - ok
17:40:45.0812 1552 ql1240 - ok
17:40:45.0828 1552 ql1280 - ok
17:40:45.0843 1552 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:40:46.0000 1552 RasAcd - ok
17:40:46.0031 1552 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:40:46.0171 1552 RasAuto - ok
17:40:46.0203 1552 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:40:46.0359 1552 Rasl2tp - ok
17:40:46.0390 1552 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:40:46.0531 1552 RasMan - ok
17:40:46.0562 1552 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:40:46.0703 1552 RasPppoe - ok
17:40:46.0718 1552 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:40:46.0859 1552 Raspti - ok
17:40:46.0875 1552 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:40:47.0015 1552 Rdbss - ok
17:40:47.0031 1552 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:40:47.0187 1552 RDPCDD - ok
17:40:47.0250 1552 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:40:47.0390 1552 rdpdr - ok
17:40:47.0421 1552 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:40:47.0484 1552 RDPWD - ok
17:40:47.0515 1552 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:40:47.0671 1552 RDSessMgr - ok
17:40:47.0703 1552 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:40:47.0843 1552 redbook - ok
17:40:47.0859 1552 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:40:48.0031 1552 RemoteAccess - ok
17:40:48.0046 1552 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:40:48.0203 1552 RemoteRegistry - ok
17:40:48.0234 1552 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:40:48.0390 1552 RpcLocator - ok
17:40:48.0421 1552 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:40:48.0437 1552 RpcSs - ok
17:40:48.0484 1552 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:40:48.0640 1552 RSVP - ok
17:40:48.0671 1552 [ 6FC7DDF3B8D94FBA7AC664452D6478D4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:40:48.0796 1552 RTLE8023xp - ok
17:40:48.0843 1552 [ 9F6B9F66223B1265ED66D005D93E539D ] RTLTEAMING C:\WINDOWS\system32\DRIVERS\RTLTEAMING.SYS
17:40:48.0843 1552 RTLTEAMING ( UnsignedFile.Multi.Generic ) - warning
17:40:48.0843 1552 RTLTEAMING - detected UnsignedFile.Multi.Generic (1)
17:40:48.0875 1552 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
17:40:49.0015 1552 SamSs - ok
17:40:49.0062 1552 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:40:49.0234 1552 SCardSvr - ok
17:40:49.0281 1552 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:40:49.0437 1552 Schedule - ok
17:40:49.0453 1552 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:40:49.0531 1552 Secdrv - ok
17:40:49.0578 1552 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
17:40:49.0718 1552 seclogon - ok
17:40:49.0750 1552 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
17:40:49.0906 1552 SENS - ok
17:40:49.0921 1552 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:40:50.0062 1552 serenum - ok
17:40:50.0093 1552 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:40:50.0265 1552 Serial - ok
17:40:50.0296 1552 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:40:50.0421 1552 Sfloppy - ok
17:40:50.0453 1552 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:40:50.0609 1552 SharedAccess - ok
17:40:50.0625 1552 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:40:50.0656 1552 ShellHWDetection - ok
17:40:50.0656 1552 Simbad - ok
17:40:50.0671 1552 Sparrow - ok
17:40:50.0703 1552 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:40:50.0828 1552 splitter - ok
17:40:50.0859 1552 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:40:50.0906 1552 Spooler - ok
17:40:50.0953 1552 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
17:40:50.0953 1552 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
17:40:50.0984 1552 sptd ( LockedFile.Multi.Generic ) - warning
17:40:50.0984 1552 sptd - detected LockedFile.Multi.Generic (1)
17:40:51.0015 1552 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:40:51.0062 1552 sr - ok
17:40:51.0109 1552 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
17:40:51.0171 1552 srservice - ok
17:40:51.0218 1552 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:40:51.0328 1552 Srv - ok
17:40:51.0359 1552 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:40:51.0437 1552 SSDPSRV - ok
17:40:51.0437 1552 Steam Client Service - ok
17:40:51.0484 1552 [ 06CDA2A5A549BC455D004461E6BC5B33 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
17:40:51.0625 1552 StillCam - ok
17:40:51.0687 1552 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:40:51.0890 1552 stisvc - ok
17:40:51.0906 1552 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:40:52.0046 1552 swenum - ok
17:40:52.0078 1552 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:40:52.0234 1552 swmidi - ok
17:40:52.0250 1552 SwPrv - ok
17:40:52.0250 1552 symc810 - ok
17:40:52.0265 1552 symc8xx - ok
17:40:52.0281 1552 sym_hi - ok
17:40:52.0281 1552 sym_u3 - ok
17:40:52.0328 1552 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:40:52.0484 1552 sysaudio - ok
17:40:52.0515 1552 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:40:52.0640 1552 SysmonLog - ok
17:40:52.0687 1552 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:40:52.0859 1552 TapiSrv - ok
17:40:52.0906 1552 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:40:52.0937 1552 Tcpip - ok
17:40:52.0968 1552 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:40:53.0140 1552 TDPIPE - ok
17:40:53.0171 1552 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:40:53.0312 1552 TDTCP - ok
17:40:53.0359 1552 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:40:53.0500 1552 TermDD - ok
17:40:53.0531 1552 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
17:40:53.0687 1552 TermService - ok
17:40:53.0703 1552 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:40:53.0718 1552 Themes - ok
17:40:53.0750 1552 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:40:53.0812 1552 TlntSvr - ok
17:40:53.0812 1552 TosIde - ok
17:40:53.0843 1552 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:40:53.0984 1552 TrkWks - ok
17:40:54.0046 1552 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:40:54.0218 1552 Udfs - ok
17:40:54.0265 1552 [ 4BD2C322118A2470B450492A0C3302F9 ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
17:40:54.0281 1552 UleadBurningHelper - ok
17:40:54.0312 1552 ultra - ok
17:40:54.0375 1552 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:40:54.0562 1552 Update - ok
17:40:54.0593 1552 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
17:40:54.0671 1552 upnphost - ok
17:40:54.0703 1552 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
17:40:54.0859 1552 UPS - ok
17:40:54.0921 1552 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:40:55.0062 1552 usbccgp - ok
17:40:55.0093 1552 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:40:55.0265 1552 usbehci - ok
17:40:55.0281 1552 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:40:55.0406 1552 usbhub - ok
17:40:55.0453 1552 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:40:55.0609 1552 usbohci - ok
17:40:55.0640 1552 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:40:55.0781 1552 usbprint - ok
17:40:55.0828 1552 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:40:55.0968 1552 usbscan - ok
17:40:56.0015 1552 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:40:56.0156 1552 USBSTOR - ok
17:40:56.0171 1552 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:40:56.0328 1552 VgaSave - ok
17:40:56.0328 1552 ViaIde - ok
17:40:56.0390 1552 [ 622FCF264119F7DF127BE353F796B319 ] VideoDownloadConverter_4zService C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe
17:40:56.0406 1552 VideoDownloadConverter_4zService - ok
17:40:56.0421 1552 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:40:56.0562 1552 VolSnap - ok
17:40:56.0609 1552 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
17:40:56.0671 1552 VSS - ok
17:40:56.0718 1552 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
17:40:56.0843 1552 W32Time - ok
17:40:56.0859 1552 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:40:57.0031 1552 Wanarp - ok
17:40:57.0031 1552 WDICA - ok
17:40:57.0078 1552 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:40:57.0265 1552 wdmaud - ok
17:40:57.0296 1552 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:40:57.0500 1552 WebClient - ok
17:40:57.0578 1552 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:40:57.0718 1552 winmgmt - ok
17:40:57.0781 1552 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:40:57.0875 1552 WmdmPmSN - ok
17:40:57.0921 1552 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:40:58.0000 1552 Wmi - ok
17:40:58.0031 1552 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:40:58.0187 1552 WmiAcpi - ok
17:40:58.0218 1552 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:40:58.0359 1552 WmiApSrv - ok
17:40:58.0468 1552 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
17:40:58.0562 1552 WMPNetworkSvc - ok
17:40:58.0593 1552 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:40:58.0625 1552 WpdUsb - ok
17:40:58.0687 1552 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:40:58.0859 1552 wscsvc - ok
17:40:58.0906 1552 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:40:59.0046 1552 wuauserv - ok
17:40:59.0078 1552 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:40:59.0109 1552 WudfPf - ok
17:40:59.0140 1552 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:40:59.0156 1552 WudfRd - ok
17:40:59.0187 1552 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:40:59.0234 1552 WudfSvc - ok
17:40:59.0265 1552 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:40:59.0484 1552 WZCSVC - ok
17:40:59.0531 1552 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:40:59.0687 1552 xmlprov - ok
17:40:59.0703 1552 ================ Scan global ===============================
17:40:59.0750 1552 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
17:40:59.0796 1552 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
17:40:59.0812 1552 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
17:40:59.0843 1552 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
17:40:59.0843 1552 [Global] - ok
17:40:59.0843 1552 ================ Scan MBR ==================================
17:40:59.0859 1552 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
17:41:00.0859 1552 \Device\Harddisk0\DR0 - ok
17:41:00.0859 1552 ================ Scan VBR ==================================
17:41:00.0859 1552 [ A9BE46D5D655B44C1B69DB056854334C ] \Device\Harddisk0\DR0\Partition1
17:41:00.0859 1552 \Device\Harddisk0\DR0\Partition1 - ok
17:41:00.0859 1552 ============================================================
17:41:00.0859 1552 Scan finished
17:41:00.0859 1552 ============================================================
17:41:01.0000 3308 Detected object count: 6
17:41:01.0000 3308 Actual detected object count: 6
17:41:18.0234 3308 ACPI ( Virus.Win32.Rloader.a ) - skipped by user
17:41:18.0234 3308 ACPI ( Virus.Win32.Rloader.a ) - User select action: Skip
17:41:18.0234 3308 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:18.0234 3308 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:18.0234 3308 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:18.0234 3308 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:18.0250 3308 prodrv04 ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:18.0250 3308 prodrv04 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:18.0250 3308 RTLTEAMING ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:18.0250 3308 RTLTEAMING ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:18.0250 3308 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:41:18.0250 3308 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:39:14.0453 2960 ============================================================
17:39:14.0453 2960 Current date / time: 2013/01/03 17:39:14.0453
17:39:14.0453 2960 SystemInfo:
17:39:14.0453 2960
17:39:14.0453 2960 OS Version: 5.1.2600 ServicePack: 3.0
17:39:14.0453 2960 Product type: Workstation
17:39:14.0453 2960 ComputerName: AMDX2
17:39:14.0453 2960 UserName: uživatel
17:39:14.0453 2960 Windows directory: C:\WINDOWS
17:39:14.0453 2960 System windows directory: C:\WINDOWS
17:39:14.0453 2960 Processor architecture: Intel x86
17:39:14.0453 2960 Number of processors: 2
17:39:14.0453 2960 Page size: 0x1000
17:39:14.0453 2960 Boot type: Normal boot
17:39:14.0453 2960 ============================================================
17:39:16.0156 2960 Drive \Device\Harddisk0\DR0 - Size: 0x12A1E0DE00 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:39:16.0156 2960 ============================================================
17:39:16.0156 2960 \Device\Harddisk0\DR0:
17:39:16.0156 2960 MBR partitions:
17:39:16.0156 2960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
17:39:16.0156 2960 ============================================================
17:39:16.0187 2960 C: <-> \Device\Harddisk0\DR0\Partition1
17:39:16.0187 2960 ============================================================
17:39:16.0187 2960 Initialize success
17:39:16.0187 2960 ============================================================
17:40:17.0531 1552 ============================================================
17:40:17.0531 1552 Scan started
17:40:17.0531 1552 Mode: Manual; SigCheck; TDLFS;
17:40:17.0531 1552 ============================================================
17:40:17.0781 1552 ================ Scan system memory ========================
17:40:17.0781 1552 System memory - ok
17:40:17.0781 1552 ================ Scan services =============================
17:40:17.0890 1552 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
17:40:18.0312 1552 Aavmker4 - ok
17:40:18.0312 1552 Abiosdsk - ok
17:40:18.0328 1552 abp480n5 - ok
17:40:18.0375 1552 [ C6E149975376BEDF572F81EDAE8FF0E4 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:40:18.0390 1552 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: C6E149975376BEDF572F81EDAE8FF0E4, Fake md5: 4FE34F1F3126B61FCC6B2043AA8112C9
17:40:18.0390 1552 ACPI ( Virus.Win32.Rloader.a ) - infected
17:40:18.0390 1552 ACPI - detected Virus.Win32.Rloader.a (0)
17:40:18.0421 1552 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:40:19.0312 1552 ACPIEC - ok
17:40:19.0328 1552 adpu160m - ok
17:40:19.0359 1552 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:40:19.0500 1552 aec - ok
17:40:19.0531 1552 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:40:19.0609 1552 AFD - ok
17:40:19.0609 1552 Aha154x - ok
17:40:19.0625 1552 aic78u2 - ok
17:40:19.0640 1552 aic78xx - ok
17:40:19.0656 1552 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:40:19.0796 1552 Alerter - ok
17:40:19.0828 1552 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
17:40:19.0890 1552 ALG - ok
17:40:19.0906 1552 AliIde - ok
17:40:19.0984 1552 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
17:40:20.0140 1552 Ambfilt - ok
17:40:20.0203 1552 [ 6E58654CB25730B2579E45E1FD116A47 ] amdide C:\WINDOWS\system32\DRIVERS\amdide.sys
17:40:20.0218 1552 amdide - ok
17:40:20.0234 1552 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
17:40:20.0281 1552 AmdPPM - ok
17:40:20.0296 1552 amsint - ok
17:40:20.0312 1552 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:40:20.0406 1552 AppMgmt - ok
17:40:20.0406 1552 asc - ok
17:40:20.0421 1552 asc3350p - ok
17:40:20.0421 1552 asc3550 - ok
17:40:20.0531 1552 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:40:20.0578 1552 aspnet_state - ok
17:40:20.0609 1552 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
17:40:20.0625 1552 aswFsBlk - ok
17:40:20.0671 1552 [ 31E0D16EB06D09A248AFF20C76F9091B ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
17:40:20.0687 1552 aswKbd - ok
17:40:20.0718 1552 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
17:40:20.0750 1552 aswMon2 - ok
17:40:20.0796 1552 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
17:40:20.0812 1552 AswRdr - ok
17:40:20.0843 1552 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
17:40:20.0906 1552 aswSnx - ok
17:40:20.0953 1552 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
17:40:21.0000 1552 aswSP - ok
17:40:21.0015 1552 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
17:40:21.0031 1552 aswTdi - ok
17:40:21.0062 1552 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:40:21.0203 1552 AsyncMac - ok
17:40:21.0250 1552 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:40:21.0390 1552 atapi - ok
17:40:21.0390 1552 Atdisk - ok
17:40:21.0453 1552 [ ECA673779ECD27D674953D692FE070F6 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:40:21.0578 1552 Ati HotKey Poller - ok
17:40:21.0625 1552 [ 1428C586BB318E1404575834E428ADDD ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
17:40:21.0718 1552 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
17:40:21.0718 1552 ATI Smart - detected UnsignedFile.Multi.Generic (1)
17:40:21.0859 1552 [ 15B2FE76E2ECEB98C49ED52311A6F26F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:40:22.0140 1552 ati2mtag - ok
17:40:22.0171 1552 [ D9BC8892B9440A2551B8148C57AA039E ] AtiHdmiService C:\WINDOWS\system32\drivers\AtiHdmi.sys
17:40:22.0203 1552 AtiHdmiService - ok
17:40:22.0234 1552 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:40:22.0390 1552 Atmarpc - ok
17:40:22.0406 1552 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:40:22.0562 1552 AudioSrv - ok
17:40:22.0609 1552 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:40:22.0750 1552 audstub - ok
17:40:22.0890 1552 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:40:22.0906 1552 avast! Antivirus - ok
17:40:22.0937 1552 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:40:23.0093 1552 Beep - ok
17:40:23.0156 1552 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
17:40:23.0437 1552 BITS - ok
17:40:23.0437 1552 Bonjour Service - ok
17:40:23.0468 1552 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
17:40:23.0531 1552 Browser - ok
17:40:23.0578 1552 [ 1778EBA872274C1226D869CD9486847E ] Capture Device Service C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
17:40:23.0593 1552 Capture Device Service - ok
17:40:23.0625 1552 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:40:23.0781 1552 cbidf2k - ok
17:40:23.0796 1552 cd20xrnt - ok
17:40:23.0843 1552 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:40:23.0984 1552 Cdaudio - ok
17:40:24.0046 1552 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:40:24.0218 1552 Cdfs - ok
17:40:24.0265 1552 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:40:24.0421 1552 Cdrom - ok
17:40:24.0421 1552 Changer - ok
17:40:24.0453 1552 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:40:24.0593 1552 CiSvc - ok
17:40:24.0609 1552 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:40:24.0765 1552 ClipSrv - ok
17:40:24.0812 1552 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:40:24.0953 1552 clr_optimization_v2.0.50727_32 - ok
17:40:24.0953 1552 CmdIde - ok
17:40:24.0984 1552 COMSysApp - ok
17:40:25.0000 1552 Cpqarray - ok
17:40:25.0062 1552 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:40:25.0203 1552 CryptSvc - ok
17:40:25.0203 1552 dac2w2k - ok
17:40:25.0218 1552 dac960nt - ok
17:40:25.0265 1552 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:40:25.0390 1552 DcomLaunch - ok
17:40:25.0421 1552 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:40:25.0562 1552 Dhcp - ok
17:40:25.0578 1552 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:40:25.0734 1552 Disk - ok
17:40:25.0750 1552 dmadmin - ok
17:40:25.0796 1552 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:40:26.0015 1552 dmboot - ok
17:40:26.0046 1552 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:40:26.0218 1552 dmio - ok
17:40:26.0265 1552 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:40:26.0406 1552 dmload - ok
17:40:26.0421 1552 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:40:26.0562 1552 dmserver - ok
17:40:26.0593 1552 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:40:26.0750 1552 DMusic - ok
17:40:26.0765 1552 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:40:26.0859 1552 Dnscache - ok
17:40:26.0890 1552 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:40:27.0062 1552 Dot3svc - ok
17:40:27.0062 1552 dpti2o - ok
17:40:27.0093 1552 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:40:27.0234 1552 drmkaud - ok
17:40:27.0265 1552 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:40:27.0437 1552 EapHost - ok
17:40:27.0453 1552 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:40:27.0593 1552 ERSvc - ok
17:40:27.0625 1552 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
17:40:27.0656 1552 Eventlog - ok
17:40:27.0687 1552 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
17:40:27.0734 1552 EventSystem - ok
17:40:27.0765 1552 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:40:27.0906 1552 Fastfat - ok
17:40:27.0937 1552 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:40:28.0046 1552 FastUserSwitchingCompatibility - ok
17:40:28.0125 1552 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:40:28.0281 1552 Fdc - ok
17:40:28.0312 1552 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:40:28.0468 1552 Fips - ok
17:40:28.0515 1552 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:40:28.0593 1552 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
17:40:28.0593 1552 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
17:40:28.0609 1552 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:40:28.0781 1552 Flpydisk - ok
17:40:28.0828 1552 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:40:28.0968 1552 FltMgr - ok
17:40:29.0078 1552 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:40:29.0093 1552 FontCache3.0.0.0 - ok
17:40:29.0093 1552 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:40:29.0250 1552 Fs_Rec - ok
17:40:29.0281 1552 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:40:29.0421 1552 Ftdisk - ok
17:40:29.0453 1552 [ C6E3105B8C68C35CC1EB26A00FD1A8C6 ] gdrv C:\WINDOWS\gdrv.sys
17:40:30.0437 1552 gdrv - ok
17:40:30.0500 1552 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:40:30.0656 1552 Gpc - ok
17:40:30.0734 1552 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:40:30.0750 1552 gupdate - ok
17:40:30.0765 1552 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:40:30.0781 1552 gupdatem - ok
17:40:30.0828 1552 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:40:30.0984 1552 HDAudBus - ok
17:40:31.0046 1552 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:40:31.0218 1552 helpsvc - ok
17:40:31.0234 1552 HidServ - ok
17:40:31.0265 1552 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:40:31.0421 1552 HidUsb - ok
17:40:31.0468 1552 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:40:31.0625 1552 hkmsvc - ok
17:40:31.0640 1552 hpn - ok
17:40:31.0687 1552 [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:40:31.0796 1552 HPZid412 - ok
17:40:31.0796 1552 [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:40:31.0875 1552 HPZipr12 - ok
17:40:31.0921 1552 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:40:31.0984 1552 HPZius12 - ok
17:40:32.0062 1552 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:40:32.0093 1552 HTTP - ok
17:40:32.0156 1552 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:40:32.0328 1552 HTTPFilter - ok
17:40:32.0328 1552 i2omgmt - ok
17:40:32.0343 1552 i2omp - ok
17:40:32.0375 1552 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:40:32.0531 1552 i8042prt - ok
17:40:32.0640 1552 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:40:32.0703 1552 idsvc - ok
17:40:32.0718 1552 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:40:32.0890 1552 Imapi - ok
17:40:32.0921 1552 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:40:33.0078 1552 ImapiService - ok
17:40:33.0078 1552 ini910u - ok
17:40:33.0312 1552 [ 0CACDCBBC8E6F11E2865C47BFC509848 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:40:33.0687 1552 IntcAzAudAddService - ok
17:40:33.0703 1552 IntelIde - ok
17:40:33.0734 1552 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:40:33.0890 1552 Ip6Fw - ok
17:40:33.0906 1552 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:40:34.0078 1552 IpFilterDriver - ok
17:40:34.0109 1552 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:40:34.0250 1552 IpInIp - ok
17:40:34.0296 1552 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:40:34.0421 1552 IpNat - ok
17:40:34.0484 1552 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:40:34.0625 1552 IPSec - ok
17:40:34.0671 1552 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:40:34.0734 1552 IRENUM - ok
17:40:34.0765 1552 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:40:34.0906 1552 isapnp - ok
17:40:34.0937 1552 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:40:35.0093 1552 Kbdclass - ok
17:40:35.0125 1552 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:40:35.0265 1552 kbdhid - ok
17:40:35.0281 1552 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:40:35.0437 1552 kmixer - ok
17:40:35.0468 1552 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:40:35.0562 1552 KSecDD - ok
17:40:35.0609 1552 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
17:40:35.0656 1552 LanmanServer - ok
17:40:35.0687 1552 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:40:35.0750 1552 lanmanworkstation - ok
17:40:35.0765 1552 lbrtfdc - ok
17:40:35.0812 1552 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:40:35.0968 1552 LmHosts - ok
17:40:36.0296 1552 [ DABB24407D4EB8F1DF9F818683624176 ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
17:40:36.0375 1552 LMIGuardianSvc - ok
17:40:36.0437 1552 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
17:40:36.0453 1552 LMIInfo - ok
17:40:36.0500 1552 [ 24597000FB888EE0558F24EC391732C4 ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
17:40:36.0515 1552 LMIMaint - ok
17:40:36.0562 1552 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
17:40:36.0578 1552 lmimirr - ok
17:40:36.0578 1552 LMIRfsClientNP - ok
17:40:36.0625 1552 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
17:40:36.0640 1552 LMIRfsDriver - ok
17:40:36.0718 1552 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
17:40:36.0750 1552 LogMeIn - ok
17:40:36.0796 1552 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:40:36.0843 1552 MDM - ok
17:40:36.0859 1552 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:40:37.0031 1552 Messenger - ok
17:40:37.0093 1552 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:40:37.0234 1552 mnmdd - ok
17:40:37.0281 1552 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:40:37.0437 1552 mnmsrvc - ok
17:40:37.0453 1552 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:40:37.0609 1552 Modem - ok
17:40:37.0687 1552 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
17:40:37.0796 1552 Monfilt - ok
17:40:37.0859 1552 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:40:38.0046 1552 Mouclass - ok
17:40:38.0062 1552 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:40:38.0218 1552 mouhid - ok
17:40:38.0234 1552 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:40:38.0375 1552 MountMgr - ok
17:40:38.0390 1552 mraid35x - ok
17:40:38.0421 1552 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:40:38.0546 1552 MRxDAV - ok
17:40:38.0593 1552 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:40:38.0687 1552 MRxSmb - ok
17:40:38.0718 1552 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:40:38.0859 1552 MSDTC - ok
17:40:38.0875 1552 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:40:39.0031 1552 Msfs - ok
17:40:39.0031 1552 MSIServer - ok
17:40:39.0078 1552 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:40:39.0250 1552 MSKSSRV - ok
17:40:39.0281 1552 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:40:39.0421 1552 MSPCLOCK - ok
17:40:39.0453 1552 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:40:39.0593 1552 MSPQM - ok
17:40:39.0640 1552 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:40:39.0765 1552 mssmbios - ok
17:40:39.0781 1552 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:40:39.0843 1552 Mup - ok
17:40:39.0875 1552 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:40:40.0062 1552 napagent - ok
17:40:40.0093 1552 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:40:40.0234 1552 NDIS - ok
17:40:40.0265 1552 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:40:40.0312 1552 NdisTapi - ok
17:40:40.0343 1552 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:40:40.0500 1552 Ndisuio - ok
17:40:40.0531 1552 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:40:40.0656 1552 NdisWan - ok
17:40:40.0687 1552 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:40:40.0734 1552 NDProxy - ok
17:40:40.0781 1552 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:40:40.0953 1552 NetBIOS - ok
17:40:40.0984 1552 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:40:41.0140 1552 NetBT - ok
17:40:41.0187 1552 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
17:40:41.0328 1552 NetDDE - ok
17:40:41.0343 1552 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:40:41.0484 1552 NetDDEdsdm - ok
17:40:41.0515 1552 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:40:41.0671 1552 Netlogon - ok
17:40:41.0687 1552 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
17:40:41.0859 1552 Netman - ok
17:40:41.0890 1552 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:40:41.0906 1552 NetTcpPortSharing - ok
17:40:41.0953 1552 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
17:40:41.0984 1552 Nla - ok
17:40:41.0984 1552 NMSAccessU - ok
17:40:42.0031 1552 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:40:42.0171 1552 Npfs - ok
17:40:42.0203 1552 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:40:42.0421 1552 Ntfs - ok
17:40:42.0437 1552 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:40:42.0578 1552 NtLmSsp - ok
17:40:42.0625 1552 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:40:42.0796 1552 NtmsSvc - ok
17:40:42.0828 1552 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:40:42.0984 1552 Null - ok
17:40:43.0015 1552 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:40:43.0171 1552 NwlnkFlt - ok
17:40:43.0187 1552 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:40:43.0328 1552 NwlnkFwd - ok
17:40:43.0375 1552 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:40:43.0515 1552 Parport - ok
17:40:43.0531 1552 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:40:43.0671 1552 PartMgr - ok
17:40:43.0718 1552 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:40:43.0843 1552 ParVdm - ok
17:40:43.0890 1552 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:40:44.0062 1552 PCI - ok
17:40:44.0062 1552 PCIDump - ok
17:40:44.0093 1552 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:40:44.0234 1552 PCIIde - ok
17:40:44.0265 1552 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:40:44.0437 1552 Pcmcia - ok
17:40:44.0453 1552 PDCOMP - ok
17:40:44.0453 1552 PDFRAME - ok
17:40:44.0468 1552 PDRELI - ok
17:40:44.0484 1552 PDRFRAME - ok
17:40:44.0484 1552 perc2 - ok
17:40:44.0500 1552 perc2hib - ok
17:40:44.0531 1552 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
17:40:44.0562 1552 PlugPlay - ok
17:40:44.0578 1552 [ D31F88C5F19EEFA366A415D6BC5F2ABC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
17:40:44.0640 1552 Pml Driver HPZ12 - ok
17:40:44.0656 1552 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:40:44.0765 1552 PolicyAgent - ok
17:40:44.0781 1552 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:40:44.0953 1552 PptpMiniport - ok
17:40:45.0000 1552 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:40:45.0140 1552 Processor - ok
17:40:45.0187 1552 [ 4AA86B6F5FDF5ED32ADC723B0E5B052D ] prodrv04 C:\WINDOWS\System32\drivers\prodrv04.sys
17:40:45.0203 1552 prodrv04 ( UnsignedFile.Multi.Generic ) - warning
17:40:45.0203 1552 prodrv04 - detected UnsignedFile.Multi.Generic (1)
17:40:45.0203 1552 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:40:45.0359 1552 ProtectedStorage - ok
17:40:45.0375 1552 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:40:45.0531 1552 PSched - ok
17:40:45.0546 1552 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:40:45.0703 1552 Ptilink - ok
17:40:45.0765 1552 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:40:45.0781 1552 PxHelp20 - ok
17:40:45.0781 1552 ql1080 - ok
17:40:45.0796 1552 Ql10wnt - ok
17:40:45.0796 1552 ql12160 - ok
17:40:45.0812 1552 ql1240 - ok
17:40:45.0828 1552 ql1280 - ok
17:40:45.0843 1552 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:40:46.0000 1552 RasAcd - ok
17:40:46.0031 1552 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:40:46.0171 1552 RasAuto - ok
17:40:46.0203 1552 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:40:46.0359 1552 Rasl2tp - ok
17:40:46.0390 1552 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:40:46.0531 1552 RasMan - ok
17:40:46.0562 1552 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:40:46.0703 1552 RasPppoe - ok
17:40:46.0718 1552 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:40:46.0859 1552 Raspti - ok
17:40:46.0875 1552 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:40:47.0015 1552 Rdbss - ok
17:40:47.0031 1552 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:40:47.0187 1552 RDPCDD - ok
17:40:47.0250 1552 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:40:47.0390 1552 rdpdr - ok
17:40:47.0421 1552 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:40:47.0484 1552 RDPWD - ok
17:40:47.0515 1552 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:40:47.0671 1552 RDSessMgr - ok
17:40:47.0703 1552 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:40:47.0843 1552 redbook - ok
17:40:47.0859 1552 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:40:48.0031 1552 RemoteAccess - ok
17:40:48.0046 1552 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:40:48.0203 1552 RemoteRegistry - ok
17:40:48.0234 1552 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:40:48.0390 1552 RpcLocator - ok
17:40:48.0421 1552 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:40:48.0437 1552 RpcSs - ok
17:40:48.0484 1552 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:40:48.0640 1552 RSVP - ok
17:40:48.0671 1552 [ 6FC7DDF3B8D94FBA7AC664452D6478D4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:40:48.0796 1552 RTLE8023xp - ok
17:40:48.0843 1552 [ 9F6B9F66223B1265ED66D005D93E539D ] RTLTEAMING C:\WINDOWS\system32\DRIVERS\RTLTEAMING.SYS
17:40:48.0843 1552 RTLTEAMING ( UnsignedFile.Multi.Generic ) - warning
17:40:48.0843 1552 RTLTEAMING - detected UnsignedFile.Multi.Generic (1)
17:40:48.0875 1552 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
17:40:49.0015 1552 SamSs - ok
17:40:49.0062 1552 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:40:49.0234 1552 SCardSvr - ok
17:40:49.0281 1552 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:40:49.0437 1552 Schedule - ok
17:40:49.0453 1552 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:40:49.0531 1552 Secdrv - ok
17:40:49.0578 1552 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
17:40:49.0718 1552 seclogon - ok
17:40:49.0750 1552 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
17:40:49.0906 1552 SENS - ok
17:40:49.0921 1552 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:40:50.0062 1552 serenum - ok
17:40:50.0093 1552 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:40:50.0265 1552 Serial - ok
17:40:50.0296 1552 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:40:50.0421 1552 Sfloppy - ok
17:40:50.0453 1552 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:40:50.0609 1552 SharedAccess - ok
17:40:50.0625 1552 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:40:50.0656 1552 ShellHWDetection - ok
17:40:50.0656 1552 Simbad - ok
17:40:50.0671 1552 Sparrow - ok
17:40:50.0703 1552 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:40:50.0828 1552 splitter - ok
17:40:50.0859 1552 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:40:50.0906 1552 Spooler - ok
17:40:50.0953 1552 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
17:40:50.0953 1552 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
17:40:50.0984 1552 sptd ( LockedFile.Multi.Generic ) - warning
17:40:50.0984 1552 sptd - detected LockedFile.Multi.Generic (1)
17:40:51.0015 1552 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:40:51.0062 1552 sr - ok
17:40:51.0109 1552 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
17:40:51.0171 1552 srservice - ok
17:40:51.0218 1552 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:40:51.0328 1552 Srv - ok
17:40:51.0359 1552 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:40:51.0437 1552 SSDPSRV - ok
17:40:51.0437 1552 Steam Client Service - ok
17:40:51.0484 1552 [ 06CDA2A5A549BC455D004461E6BC5B33 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
17:40:51.0625 1552 StillCam - ok
17:40:51.0687 1552 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:40:51.0890 1552 stisvc - ok
17:40:51.0906 1552 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:40:52.0046 1552 swenum - ok
17:40:52.0078 1552 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:40:52.0234 1552 swmidi - ok
17:40:52.0250 1552 SwPrv - ok
17:40:52.0250 1552 symc810 - ok
17:40:52.0265 1552 symc8xx - ok
17:40:52.0281 1552 sym_hi - ok
17:40:52.0281 1552 sym_u3 - ok
17:40:52.0328 1552 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:40:52.0484 1552 sysaudio - ok
17:40:52.0515 1552 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:40:52.0640 1552 SysmonLog - ok
17:40:52.0687 1552 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:40:52.0859 1552 TapiSrv - ok
17:40:52.0906 1552 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:40:52.0937 1552 Tcpip - ok
17:40:52.0968 1552 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:40:53.0140 1552 TDPIPE - ok
17:40:53.0171 1552 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:40:53.0312 1552 TDTCP - ok
17:40:53.0359 1552 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:40:53.0500 1552 TermDD - ok
17:40:53.0531 1552 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
17:40:53.0687 1552 TermService - ok
17:40:53.0703 1552 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:40:53.0718 1552 Themes - ok
17:40:53.0750 1552 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:40:53.0812 1552 TlntSvr - ok
17:40:53.0812 1552 TosIde - ok
17:40:53.0843 1552 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:40:53.0984 1552 TrkWks - ok
17:40:54.0046 1552 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:40:54.0218 1552 Udfs - ok
17:40:54.0265 1552 [ 4BD2C322118A2470B450492A0C3302F9 ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
17:40:54.0281 1552 UleadBurningHelper - ok
17:40:54.0312 1552 ultra - ok
17:40:54.0375 1552 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:40:54.0562 1552 Update - ok
17:40:54.0593 1552 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
17:40:54.0671 1552 upnphost - ok
17:40:54.0703 1552 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
17:40:54.0859 1552 UPS - ok
17:40:54.0921 1552 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:40:55.0062 1552 usbccgp - ok
17:40:55.0093 1552 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:40:55.0265 1552 usbehci - ok
17:40:55.0281 1552 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:40:55.0406 1552 usbhub - ok
17:40:55.0453 1552 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:40:55.0609 1552 usbohci - ok
17:40:55.0640 1552 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:40:55.0781 1552 usbprint - ok
17:40:55.0828 1552 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:40:55.0968 1552 usbscan - ok
17:40:56.0015 1552 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:40:56.0156 1552 USBSTOR - ok
17:40:56.0171 1552 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:40:56.0328 1552 VgaSave - ok
17:40:56.0328 1552 ViaIde - ok
17:40:56.0390 1552 [ 622FCF264119F7DF127BE353F796B319 ] VideoDownloadConverter_4zService C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe
17:40:56.0406 1552 VideoDownloadConverter_4zService - ok
17:40:56.0421 1552 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:40:56.0562 1552 VolSnap - ok
17:40:56.0609 1552 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
17:40:56.0671 1552 VSS - ok
17:40:56.0718 1552 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
17:40:56.0843 1552 W32Time - ok
17:40:56.0859 1552 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:40:57.0031 1552 Wanarp - ok
17:40:57.0031 1552 WDICA - ok
17:40:57.0078 1552 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:40:57.0265 1552 wdmaud - ok
17:40:57.0296 1552 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:40:57.0500 1552 WebClient - ok
17:40:57.0578 1552 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:40:57.0718 1552 winmgmt - ok
17:40:57.0781 1552 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:40:57.0875 1552 WmdmPmSN - ok
17:40:57.0921 1552 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:40:58.0000 1552 Wmi - ok
17:40:58.0031 1552 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:40:58.0187 1552 WmiAcpi - ok
17:40:58.0218 1552 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:40:58.0359 1552 WmiApSrv - ok
17:40:58.0468 1552 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
17:40:58.0562 1552 WMPNetworkSvc - ok
17:40:58.0593 1552 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:40:58.0625 1552 WpdUsb - ok
17:40:58.0687 1552 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:40:58.0859 1552 wscsvc - ok
17:40:58.0906 1552 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:40:59.0046 1552 wuauserv - ok
17:40:59.0078 1552 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:40:59.0109 1552 WudfPf - ok
17:40:59.0140 1552 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:40:59.0156 1552 WudfRd - ok
17:40:59.0187 1552 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:40:59.0234 1552 WudfSvc - ok
17:40:59.0265 1552 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:40:59.0484 1552 WZCSVC - ok
17:40:59.0531 1552 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:40:59.0687 1552 xmlprov - ok
17:40:59.0703 1552 ================ Scan global ===============================
17:40:59.0750 1552 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
17:40:59.0796 1552 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
17:40:59.0812 1552 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
17:40:59.0843 1552 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
17:40:59.0843 1552 [Global] - ok
17:40:59.0843 1552 ================ Scan MBR ==================================
17:40:59.0859 1552 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
17:41:00.0859 1552 \Device\Harddisk0\DR0 - ok
17:41:00.0859 1552 ================ Scan VBR ==================================
17:41:00.0859 1552 [ A9BE46D5D655B44C1B69DB056854334C ] \Device\Harddisk0\DR0\Partition1
17:41:00.0859 1552 \Device\Harddisk0\DR0\Partition1 - ok
17:41:00.0859 1552 ============================================================
17:41:00.0859 1552 Scan finished
17:41:00.0859 1552 ============================================================
17:41:01.0000 3308 Detected object count: 6
17:41:01.0000 3308 Actual detected object count: 6
17:41:18.0234 3308 ACPI ( Virus.Win32.Rloader.a ) - skipped by user
17:41:18.0234 3308 ACPI ( Virus.Win32.Rloader.a ) - User select action: Skip
17:41:18.0234 3308 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:18.0234 3308 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:18.0234 3308 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:18.0234 3308 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:18.0250 3308 prodrv04 ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:18.0250 3308 prodrv04 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:18.0250 3308 RTLTEAMING ( UnsignedFile.Multi.Generic ) - skipped by user
17:41:18.0250 3308 RTLTEAMING ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:41:18.0250 3308 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:41:18.0250 3308 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
Re: Prosím o kontrolu logu
Spustte znovu TDSSKiller, provedte sken ale u polozky ACPI ( Virus.Win32.Rloader.a ) nechte tu akci co tam bude predvolena..Zrejme bude nutny restart a pak se objevi log, ten rad uvidim
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
Znovu po restartu a znovuspuštění:
17:49:23.0375 2668 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:49:25.0375 2668 ============================================================
17:49:25.0375 2668 Current date / time: 2013/01/03 17:49:25.0375
17:49:25.0375 2668 SystemInfo:
17:49:25.0375 2668
17:49:25.0375 2668 OS Version: 5.1.2600 ServicePack: 3.0
17:49:25.0375 2668 Product type: Workstation
17:49:25.0375 2668 ComputerName: AMDX2
17:49:25.0375 2668 UserName: uživatel
17:49:25.0375 2668 Windows directory: C:\WINDOWS
17:49:25.0375 2668 System windows directory: C:\WINDOWS
17:49:25.0375 2668 Processor architecture: Intel x86
17:49:25.0375 2668 Number of processors: 2
17:49:25.0375 2668 Page size: 0x1000
17:49:25.0375 2668 Boot type: Normal boot
17:49:25.0375 2668 ============================================================
17:49:48.0906 2668 BG loaded
17:50:00.0984 2668 Drive \Device\Harddisk0\DR0 - Size: 0x12A1E0DE00 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:50:01.0312 2668 ============================================================
17:50:01.0312 2668 \Device\Harddisk0\DR0:
17:50:01.0375 2668 MBR partitions:
17:50:01.0375 2668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
17:50:01.0375 2668 ============================================================
17:50:02.0687 2668 C: <-> \Device\Harddisk0\DR0\Partition1
17:50:02.0859 2668 ============================================================
17:50:02.0859 2668 Initialize success
17:50:02.0859 2668 ============================================================
17:51:01.0781 4012 ============================================================
17:51:01.0781 4012 Scan started
17:51:01.0781 4012 Mode: Manual; SigCheck; TDLFS;
17:51:01.0781 4012 ============================================================
17:51:04.0375 4012 ================ Scan system memory ========================
17:51:04.0375 4012 System memory - ok
17:51:04.0375 4012 ================ Scan services =============================
17:51:05.0640 4012 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
17:51:06.0140 4012 Aavmker4 - ok
17:51:06.0156 4012 Abiosdsk - ok
17:51:06.0156 4012 abp480n5 - ok
17:51:06.0484 4012 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:51:12.0484 4012 ACPI - ok
17:51:12.0531 4012 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:51:12.0843 4012 ACPIEC - ok
17:51:12.0859 4012 adpu160m - ok
17:51:12.0921 4012 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:51:13.0093 4012 aec - ok
17:51:13.0140 4012 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:51:13.0234 4012 AFD - ok
17:51:13.0250 4012 Aha154x - ok
17:51:13.0265 4012 aic78u2 - ok
17:51:13.0265 4012 aic78xx - ok
17:51:13.0328 4012 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:51:13.0500 4012 Alerter - ok
17:51:13.0546 4012 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
17:51:13.0625 4012 ALG - ok
17:51:13.0625 4012 AliIde - ok
17:51:13.0968 4012 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
17:51:15.0062 4012 Ambfilt - ok
17:51:15.0109 4012 [ 6E58654CB25730B2579E45E1FD116A47 ] amdide C:\WINDOWS\system32\DRIVERS\amdide.sys
17:51:15.0140 4012 amdide - ok
17:51:15.0187 4012 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
17:51:15.0250 4012 AmdPPM - ok
17:51:15.0250 4012 amsint - ok
17:51:15.0359 4012 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:51:15.0484 4012 AppMgmt - ok
17:51:15.0484 4012 asc - ok
17:51:15.0500 4012 asc3350p - ok
17:51:15.0500 4012 asc3550 - ok
17:51:15.0828 4012 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:51:16.0046 4012 aspnet_state - ok
17:51:16.0093 4012 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
17:51:16.0140 4012 aswFsBlk - ok
17:51:16.0187 4012 [ 31E0D16EB06D09A248AFF20C76F9091B ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
17:51:16.0203 4012 aswKbd - ok
17:51:16.0281 4012 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
17:51:16.0296 4012 aswMon2 - ok
17:51:16.0343 4012 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
17:51:16.0375 4012 AswRdr - ok
17:51:16.0609 4012 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
17:51:17.0109 4012 aswSnx - ok
17:51:17.0203 4012 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
17:51:17.0515 4012 aswSP - ok
17:51:17.0546 4012 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
17:51:17.0593 4012 aswTdi - ok
17:51:17.0625 4012 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:51:17.0765 4012 AsyncMac - ok
17:51:17.0828 4012 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:51:18.0015 4012 atapi - ok
17:51:18.0015 4012 Atdisk - ok
17:51:18.0156 4012 [ ECA673779ECD27D674953D692FE070F6 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:51:18.0750 4012 Ati HotKey Poller - ok
17:51:19.0109 4012 [ 1428C586BB318E1404575834E428ADDD ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
17:51:19.0328 4012 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
17:51:19.0328 4012 ATI Smart - detected UnsignedFile.Multi.Generic (1)
17:51:25.0250 4012 [ 15B2FE76E2ECEB98C49ED52311A6F26F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:51:28.0875 4012 ati2mtag - ok
17:51:29.0953 4012 [ D9BC8892B9440A2551B8148C57AA039E ] AtiHdmiService C:\WINDOWS\system32\drivers\AtiHdmi.sys
17:51:30.0046 4012 AtiHdmiService - ok
17:51:31.0500 4012 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:51:31.0734 4012 Atmarpc - ok
17:51:32.0312 4012 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:51:32.0515 4012 AudioSrv - ok
17:51:34.0375 4012 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:51:34.0562 4012 audstub - ok
17:51:41.0125 4012 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:51:41.0140 4012 avast! Antivirus - ok
17:51:41.0859 4012 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:51:42.0062 4012 Beep - ok
17:51:45.0734 4012 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
17:51:47.0375 4012 BITS - ok
17:51:47.0375 4012 Bonjour Service - ok
17:51:49.0015 4012 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
17:51:49.0187 4012 Browser - ok
17:51:51.0921 4012 [ 1778EBA872274C1226D869CD9486847E ] Capture Device Service C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
17:51:52.0140 4012 Capture Device Service - ok
17:51:52.0343 4012 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:51:52.0546 4012 cbidf2k - ok
17:51:52.0562 4012 cd20xrnt - ok
17:51:52.0671 4012 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:51:52.0890 4012 Cdaudio - ok
17:51:53.0171 4012 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:51:53.0406 4012 Cdfs - ok
17:51:53.0500 4012 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:51:53.0718 4012 Cdrom - ok
17:51:53.0718 4012 Changer - ok
17:51:53.0781 4012 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:51:53.0984 4012 CiSvc - ok
17:51:54.0484 4012 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:51:54.0734 4012 ClipSrv - ok
17:51:55.0203 4012 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:51:55.0796 4012 clr_optimization_v2.0.50727_32 - ok
17:51:55.0796 4012 CmdIde - ok
17:51:55.0812 4012 COMSysApp - ok
17:51:55.0828 4012 Cpqarray - ok
17:51:56.0468 4012 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:51:56.0640 4012 CryptSvc - ok
17:51:56.0640 4012 dac2w2k - ok
17:51:56.0656 4012 dac960nt - ok
17:51:57.0328 4012 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:51:57.0796 4012 DcomLaunch - ok
17:51:58.0171 4012 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:51:58.0406 4012 Dhcp - ok
17:51:58.0421 4012 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:51:58.0625 4012 Disk - ok
17:51:58.0625 4012 dmadmin - ok
17:51:59.0671 4012 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:52:00.0015 4012 dmboot - ok
17:52:00.0109 4012 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:52:00.0359 4012 dmio - ok
17:52:00.0406 4012 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:52:00.0578 4012 dmload - ok
17:52:00.0640 4012 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:52:00.0812 4012 dmserver - ok
17:52:00.0875 4012 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:52:01.0062 4012 DMusic - ok
17:52:01.0406 4012 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:52:01.0593 4012 Dnscache - ok
17:52:01.0890 4012 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:52:02.0140 4012 Dot3svc - ok
17:52:02.0140 4012 dpti2o - ok
17:52:02.0187 4012 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:52:02.0375 4012 drmkaud - ok
17:52:02.0406 4012 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:52:02.0593 4012 EapHost - ok
17:52:02.0875 4012 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:52:03.0062 4012 ERSvc - ok
17:52:03.0421 4012 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
17:52:03.0468 4012 Eventlog - ok
17:52:03.0625 4012 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
17:52:03.0843 4012 EventSystem - ok
17:52:03.0921 4012 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:52:04.0093 4012 Fastfat - ok
17:52:04.0171 4012 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:52:04.0250 4012 FastUserSwitchingCompatibility - ok
17:52:04.0312 4012 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:52:04.0546 4012 Fdc - ok
17:52:04.0593 4012 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:52:04.0765 4012 Fips - ok
17:52:04.0812 4012 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:52:04.0921 4012 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
17:52:04.0921 4012 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
17:52:04.0953 4012 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:52:05.0125 4012 Flpydisk - ok
17:52:05.0218 4012 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:52:05.0390 4012 FltMgr - ok
17:52:05.0484 4012 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:52:05.0515 4012 FontCache3.0.0.0 - ok
17:52:05.0546 4012 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:52:05.0703 4012 Fs_Rec - ok
17:52:05.0734 4012 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:52:05.0890 4012 Ftdisk - ok
17:52:05.0937 4012 [ C6E3105B8C68C35CC1EB26A00FD1A8C6 ] gdrv C:\WINDOWS\gdrv.sys
17:52:07.0421 4012 gdrv - ok
17:52:07.0468 4012 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:52:07.0656 4012 Gpc - ok
17:52:07.0734 4012 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:52:07.0750 4012 gupdate - ok
17:52:07.0750 4012 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:52:07.0765 4012 gupdatem - ok
17:52:07.0828 4012 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:52:07.0984 4012 HDAudBus - ok
17:52:08.0062 4012 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:52:08.0218 4012 helpsvc - ok
17:52:08.0218 4012 HidServ - ok
17:52:08.0250 4012 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:52:08.0406 4012 HidUsb - ok
17:52:08.0437 4012 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:52:08.0593 4012 hkmsvc - ok
17:52:08.0593 4012 hpn - ok
17:52:08.0640 4012 [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:52:09.0000 4012 HPZid412 - ok
17:52:09.0062 4012 [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:52:09.0125 4012 HPZipr12 - ok
17:52:09.0171 4012 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:52:09.0250 4012 HPZius12 - ok
17:52:09.0296 4012 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:52:09.0328 4012 HTTP - ok
17:52:09.0375 4012 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:52:09.0531 4012 HTTPFilter - ok
17:52:09.0546 4012 i2omgmt - ok
17:52:09.0546 4012 i2omp - ok
17:52:09.0593 4012 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:52:09.0750 4012 i8042prt - ok
17:52:09.0937 4012 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:52:10.0390 4012 idsvc - ok
17:52:10.0437 4012 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:52:10.0609 4012 Imapi - ok
17:52:10.0656 4012 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:52:10.0843 4012 ImapiService - ok
17:52:10.0859 4012 ini910u - ok
17:52:11.0296 4012 [ 0CACDCBBC8E6F11E2865C47BFC509848 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:52:11.0703 4012 IntcAzAudAddService - ok
17:52:11.0718 4012 IntelIde - ok
17:52:11.0750 4012 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:52:11.0921 4012 Ip6Fw - ok
17:52:11.0953 4012 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:52:12.0140 4012 IpFilterDriver - ok
17:52:12.0171 4012 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:52:12.0312 4012 IpInIp - ok
17:52:12.0343 4012 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:52:12.0500 4012 IpNat - ok
17:52:12.0546 4012 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:52:12.0687 4012 IPSec - ok
17:52:12.0734 4012 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:52:12.0796 4012 IRENUM - ok
17:52:12.0828 4012 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:52:12.0968 4012 isapnp - ok
17:52:13.0000 4012 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:52:13.0156 4012 Kbdclass - ok
17:52:13.0187 4012 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:52:13.0343 4012 kbdhid - ok
17:52:13.0390 4012 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:52:13.0531 4012 kmixer - ok
17:52:13.0562 4012 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:52:13.0625 4012 KSecDD - ok
17:52:13.0656 4012 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
17:52:13.0703 4012 LanmanServer - ok
17:52:13.0750 4012 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:52:13.0828 4012 lanmanworkstation - ok
17:52:13.0828 4012 lbrtfdc - ok
17:52:13.0875 4012 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:52:14.0015 4012 LmHosts - ok
17:52:14.0187 4012 [ DABB24407D4EB8F1DF9F818683624176 ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
17:52:14.0218 4012 LMIGuardianSvc - ok
17:52:14.0265 4012 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
17:52:14.0281 4012 LMIInfo - ok
17:52:14.0312 4012 [ 24597000FB888EE0558F24EC391732C4 ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
17:52:14.0359 4012 LMIMaint - ok
17:52:14.0406 4012 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
17:52:14.0437 4012 lmimirr - ok
17:52:14.0437 4012 LMIRfsClientNP - ok
17:52:14.0484 4012 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
17:52:14.0500 4012 LMIRfsDriver - ok
17:52:14.0546 4012 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
17:52:14.0609 4012 LogMeIn - ok
17:52:14.0671 4012 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:52:14.0687 4012 MDM - ok
17:52:14.0718 4012 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:52:14.0890 4012 Messenger - ok
17:52:14.0921 4012 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:52:15.0062 4012 mnmdd - ok
17:52:15.0093 4012 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:52:15.0250 4012 mnmsrvc - ok
17:52:15.0281 4012 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:52:15.0437 4012 Modem - ok
17:52:15.0500 4012 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
17:52:15.0593 4012 Monfilt - ok
17:52:15.0671 4012 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:52:15.0828 4012 Mouclass - ok
17:52:15.0843 4012 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:52:15.0984 4012 mouhid - ok
17:52:16.0015 4012 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:52:16.0156 4012 MountMgr - ok
17:52:16.0171 4012 mraid35x - ok
17:52:16.0187 4012 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:52:16.0328 4012 MRxDAV - ok
17:52:16.0359 4012 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:52:16.0468 4012 MRxSmb - ok
17:52:16.0500 4012 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:52:16.0640 4012 MSDTC - ok
17:52:16.0656 4012 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:52:16.0812 4012 Msfs - ok
17:52:16.0812 4012 MSIServer - ok
17:52:16.0859 4012 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:52:17.0000 4012 MSKSSRV - ok
17:52:17.0015 4012 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:52:17.0171 4012 MSPCLOCK - ok
17:52:17.0218 4012 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:52:17.0343 4012 MSPQM - ok
17:52:17.0375 4012 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:52:17.0515 4012 mssmbios - ok
17:52:17.0546 4012 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:52:17.0593 4012 Mup - ok
17:52:17.0625 4012 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:52:17.0781 4012 napagent - ok
17:52:17.0812 4012 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:52:17.0968 4012 NDIS - ok
17:52:18.0000 4012 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:52:18.0031 4012 NdisTapi - ok
17:52:18.0078 4012 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:52:18.0203 4012 Ndisuio - ok
17:52:18.0218 4012 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:52:18.0656 4012 NdisWan - ok
17:52:18.0687 4012 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:52:18.0734 4012 NDProxy - ok
17:52:18.0750 4012 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:52:18.0890 4012 NetBIOS - ok
17:52:18.0921 4012 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:52:19.0078 4012 NetBT - ok
17:52:19.0125 4012 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
17:52:19.0250 4012 NetDDE - ok
17:52:19.0265 4012 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:52:19.0406 4012 NetDDEdsdm - ok
17:52:19.0421 4012 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:52:19.0562 4012 Netlogon - ok
17:52:19.0593 4012 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
17:52:19.0734 4012 Netman - ok
17:52:19.0781 4012 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:52:19.0812 4012 NetTcpPortSharing - ok
17:52:19.0859 4012 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
17:52:19.0875 4012 Nla - ok
17:52:19.0890 4012 NMSAccessU - ok
17:52:19.0921 4012 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:52:20.0062 4012 Npfs - ok
17:52:20.0093 4012 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:52:20.0312 4012 Ntfs - ok
17:52:20.0328 4012 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:52:20.0468 4012 NtLmSsp - ok
17:52:20.0500 4012 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:52:20.0656 4012 NtmsSvc - ok
17:52:20.0687 4012 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:52:20.0843 4012 Null - ok
17:52:20.0890 4012 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:52:21.0031 4012 NwlnkFlt - ok
17:52:21.0062 4012 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:52:21.0218 4012 NwlnkFwd - ok
17:52:21.0234 4012 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:52:21.0375 4012 Parport - ok
17:52:21.0390 4012 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:52:21.0531 4012 PartMgr - ok
17:52:21.0546 4012 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:52:21.0687 4012 ParVdm - ok
17:52:21.0734 4012 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:52:21.0906 4012 PCI - ok
17:52:21.0906 4012 PCIDump - ok
17:52:21.0953 4012 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:52:22.0078 4012 PCIIde - ok
17:52:22.0109 4012 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:52:22.0281 4012 Pcmcia - ok
17:52:22.0281 4012 PDCOMP - ok
17:52:22.0296 4012 PDFRAME - ok
17:52:22.0312 4012 PDRELI - ok
17:52:22.0312 4012 PDRFRAME - ok
17:52:22.0328 4012 perc2 - ok
17:52:22.0343 4012 perc2hib - ok
17:52:22.0375 4012 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
17:52:22.0406 4012 PlugPlay - ok
17:52:22.0421 4012 [ D31F88C5F19EEFA366A415D6BC5F2ABC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
17:52:22.0500 4012 Pml Driver HPZ12 - ok
17:52:22.0515 4012 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:52:22.0656 4012 PolicyAgent - ok
17:52:22.0671 4012 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:52:22.0843 4012 PptpMiniport - ok
17:52:22.0875 4012 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:52:23.0031 4012 Processor - ok
17:52:23.0062 4012 [ 4AA86B6F5FDF5ED32ADC723B0E5B052D ] prodrv04 C:\WINDOWS\System32\drivers\prodrv04.sys
17:52:23.0062 4012 prodrv04 ( UnsignedFile.Multi.Generic ) - warning
17:52:23.0062 4012 prodrv04 - detected UnsignedFile.Multi.Generic (1)
17:52:23.0078 4012 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:52:23.0234 4012 ProtectedStorage - ok
17:52:23.0250 4012 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:52:23.0390 4012 PSched - ok
17:52:23.0406 4012 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:52:23.0562 4012 Ptilink - ok
17:52:23.0609 4012 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:52:23.0625 4012 PxHelp20 - ok
17:52:23.0625 4012 ql1080 - ok
17:52:23.0640 4012 Ql10wnt - ok
17:52:23.0640 4012 ql12160 - ok
17:52:23.0656 4012 ql1240 - ok
17:52:23.0671 4012 ql1280 - ok
17:52:23.0687 4012 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:52:23.0828 4012 RasAcd - ok
17:52:23.0875 4012 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:52:24.0000 4012 RasAuto - ok
17:52:24.0031 4012 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:52:24.0171 4012 Rasl2tp - ok
17:52:24.0187 4012 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:52:24.0328 4012 RasMan - ok
17:52:24.0343 4012 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:52:24.0484 4012 RasPppoe - ok
17:52:24.0500 4012 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:52:24.0640 4012 Raspti - ok
17:52:24.0656 4012 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:52:24.0796 4012 Rdbss - ok
17:52:24.0796 4012 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:52:24.0937 4012 RDPCDD - ok
17:52:25.0000 4012 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:52:25.0140 4012 rdpdr - ok
17:52:25.0203 4012 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:52:25.0250 4012 RDPWD - ok
17:52:25.0281 4012 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:52:25.0421 4012 RDSessMgr - ok
17:52:25.0437 4012 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:52:25.0593 4012 redbook - ok
17:52:25.0625 4012 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:52:25.0750 4012 RemoteAccess - ok
17:52:25.0781 4012 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:52:25.0921 4012 RemoteRegistry - ok
17:52:25.0937 4012 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:52:26.0109 4012 RpcLocator - ok
17:52:26.0140 4012 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:52:26.0203 4012 RpcSs - ok
17:52:26.0234 4012 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:52:26.0406 4012 RSVP - ok
17:52:26.0437 4012 [ 6FC7DDF3B8D94FBA7AC664452D6478D4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:52:26.0500 4012 RTLE8023xp - ok
17:52:26.0562 4012 [ 9F6B9F66223B1265ED66D005D93E539D ] RTLTEAMING C:\WINDOWS\system32\DRIVERS\RTLTEAMING.SYS
17:52:26.0562 4012 RTLTEAMING ( UnsignedFile.Multi.Generic ) - warning
17:52:26.0562 4012 RTLTEAMING - detected UnsignedFile.Multi.Generic (1)
17:52:26.0593 4012 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
17:52:26.0734 4012 SamSs - ok
17:52:26.0765 4012 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:52:26.0921 4012 SCardSvr - ok
17:52:26.0968 4012 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:52:27.0109 4012 Schedule - ok
17:52:27.0125 4012 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:52:27.0187 4012 Secdrv - ok
17:52:27.0218 4012 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
17:52:27.0359 4012 seclogon - ok
17:52:27.0375 4012 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
17:52:27.0531 4012 SENS - ok
17:52:27.0546 4012 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:52:27.0671 4012 serenum - ok
17:52:27.0687 4012 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:52:27.0828 4012 Serial - ok
17:52:27.0859 4012 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:52:28.0000 4012 Sfloppy - ok
17:52:28.0046 4012 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:52:28.0171 4012 SharedAccess - ok
17:52:28.0203 4012 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:52:28.0234 4012 ShellHWDetection - ok
17:52:28.0234 4012 Simbad - ok
17:52:28.0250 4012 Sparrow - ok
17:52:28.0281 4012 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:52:28.0421 4012 splitter - ok
17:52:28.0453 4012 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:52:28.0500 4012 Spooler - ok
17:52:28.0546 4012 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
17:52:28.0562 4012 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
17:52:28.0578 4012 sptd ( LockedFile.Multi.Generic ) - warning
17:52:28.0578 4012 sptd - detected LockedFile.Multi.Generic (1)
17:52:28.0625 4012 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:52:28.0671 4012 sr - ok
17:52:28.0703 4012 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
17:52:28.0765 4012 srservice - ok
17:52:28.0812 4012 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:52:28.0875 4012 Srv - ok
17:52:28.0921 4012 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:52:29.0015 4012 SSDPSRV - ok
17:52:29.0046 4012 Steam Client Service - ok
17:52:29.0078 4012 [ 06CDA2A5A549BC455D004461E6BC5B33 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
17:52:29.0203 4012 StillCam - ok
17:52:29.0265 4012 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:52:29.0453 4012 stisvc - ok
17:52:29.0468 4012 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:52:29.0593 4012 swenum - ok
17:52:29.0625 4012 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:52:29.0781 4012 swmidi - ok
17:52:29.0781 4012 SwPrv - ok
17:52:29.0796 4012 symc810 - ok
17:52:29.0796 4012 symc8xx - ok
17:52:29.0812 4012 sym_hi - ok
17:52:29.0828 4012 sym_u3 - ok
17:52:29.0843 4012 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:52:29.0968 4012 sysaudio - ok
17:52:30.0000 4012 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:52:30.0140 4012 SysmonLog - ok
17:52:30.0171 4012 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:52:30.0312 4012 TapiSrv - ok
17:52:30.0359 4012 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:52:30.0437 4012 Tcpip - ok
17:52:30.0468 4012 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:52:30.0609 4012 TDPIPE - ok
17:52:30.0609 4012 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:52:30.0750 4012 TDTCP - ok
17:52:30.0781 4012 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:52:30.0937 4012 TermDD - ok
17:52:30.0968 4012 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
17:52:31.0109 4012 TermService - ok
17:52:31.0125 4012 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:52:31.0156 4012 Themes - ok
17:52:31.0187 4012 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:52:31.0250 4012 TlntSvr - ok
17:52:31.0250 4012 TosIde - ok
17:52:31.0281 4012 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:52:31.0421 4012 TrkWks - ok
17:52:31.0453 4012 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:52:31.0625 4012 Udfs - ok
17:52:31.0687 4012 [ 4BD2C322118A2470B450492A0C3302F9 ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
17:52:31.0703 4012 UleadBurningHelper - ok
17:52:31.0703 4012 ultra - ok
17:52:31.0765 4012 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:52:31.0937 4012 Update - ok
17:52:31.0968 4012 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
17:52:32.0031 4012 upnphost - ok
17:52:32.0046 4012 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
17:52:32.0203 4012 UPS - ok
17:52:32.0250 4012 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:52:32.0406 4012 usbccgp - ok
17:52:32.0421 4012 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:52:32.0562 4012 usbehci - ok
17:52:32.0578 4012 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:52:32.0734 4012 usbhub - ok
17:52:32.0781 4012 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:52:32.0921 4012 usbohci - ok
17:52:32.0937 4012 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:52:33.0062 4012 usbprint - ok
17:52:33.0125 4012 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:52:33.0265 4012 usbscan - ok
17:52:33.0312 4012 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:52:33.0437 4012 USBSTOR - ok
17:52:33.0468 4012 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:52:33.0625 4012 VgaSave - ok
17:52:33.0640 4012 ViaIde - ok
17:52:33.0687 4012 [ 622FCF264119F7DF127BE353F796B319 ] VideoDownloadConverter_4zService C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe
17:52:33.0703 4012 VideoDownloadConverter_4zService - ok
17:52:33.0718 4012 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:52:33.0859 4012 VolSnap - ok
17:52:33.0890 4012 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
17:52:34.0015 4012 VSS - ok
17:52:34.0078 4012 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
17:52:34.0250 4012 W32Time - ok
17:52:34.0281 4012 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:52:34.0890 4012 Wanarp - ok
17:52:34.0906 4012 WDICA - ok
17:52:34.0937 4012 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:52:35.0078 4012 wdmaud - ok
17:52:35.0093 4012 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:52:35.0312 4012 WebClient - ok
17:52:35.0453 4012 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:52:35.0578 4012 winmgmt - ok
17:52:35.0687 4012 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:52:35.0734 4012 WmdmPmSN - ok
17:52:35.0937 4012 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:52:36.0281 4012 Wmi - ok
17:52:36.0328 4012 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:52:36.0562 4012 WmiAcpi - ok
17:52:36.0625 4012 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:52:36.0812 4012 WmiApSrv - ok
17:52:37.0109 4012 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
17:52:37.0625 4012 WMPNetworkSvc - ok
17:52:37.0671 4012 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:52:37.0734 4012 WpdUsb - ok
17:52:37.0796 4012 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:52:38.0015 4012 wscsvc - ok
17:52:38.0062 4012 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:52:38.0203 4012 wuauserv - ok
17:52:38.0234 4012 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:52:38.0250 4012 WudfPf - ok
17:52:38.0281 4012 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:52:38.0359 4012 WudfRd - ok
17:52:38.0390 4012 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:52:38.0546 4012 WudfSvc - ok
17:52:38.0640 4012 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:52:38.0843 4012 WZCSVC - ok
17:52:38.0906 4012 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:52:39.0421 4012 xmlprov - ok
17:52:39.0421 4012 ================ Scan global ===============================
17:52:39.0578 4012 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
17:52:40.0312 4012 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
17:52:40.0578 4012 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
17:52:40.0593 4012 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
17:52:40.0593 4012 [Global] - ok
17:52:40.0593 4012 ================ Scan MBR ==================================
17:52:40.0656 4012 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
17:52:44.0062 4012 \Device\Harddisk0\DR0 - ok
17:52:44.0062 4012 ================ Scan VBR ==================================
17:52:44.0078 4012 [ A9BE46D5D655B44C1B69DB056854334C ] \Device\Harddisk0\DR0\Partition1
17:52:44.0078 4012 \Device\Harddisk0\DR0\Partition1 - ok
17:52:44.0078 4012 ============================================================
17:52:44.0078 4012 Scan finished
17:52:44.0078 4012 ============================================================
17:52:44.0203 4004 Detected object count: 5
17:52:44.0203 4004 Actual detected object count: 5
17:53:05.0234 4004 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
17:53:05.0234 4004 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:53:05.0234 4004 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:53:05.0234 4004 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:53:05.0234 4004 prodrv04 ( UnsignedFile.Multi.Generic ) - skipped by user
17:53:05.0234 4004 prodrv04 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:53:05.0250 4004 RTLTEAMING ( UnsignedFile.Multi.Generic ) - skipped by user
17:53:05.0250 4004 RTLTEAMING ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:53:05.0250 4004 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:53:05.0250 4004 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:49:23.0375 2668 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:49:25.0375 2668 ============================================================
17:49:25.0375 2668 Current date / time: 2013/01/03 17:49:25.0375
17:49:25.0375 2668 SystemInfo:
17:49:25.0375 2668
17:49:25.0375 2668 OS Version: 5.1.2600 ServicePack: 3.0
17:49:25.0375 2668 Product type: Workstation
17:49:25.0375 2668 ComputerName: AMDX2
17:49:25.0375 2668 UserName: uživatel
17:49:25.0375 2668 Windows directory: C:\WINDOWS
17:49:25.0375 2668 System windows directory: C:\WINDOWS
17:49:25.0375 2668 Processor architecture: Intel x86
17:49:25.0375 2668 Number of processors: 2
17:49:25.0375 2668 Page size: 0x1000
17:49:25.0375 2668 Boot type: Normal boot
17:49:25.0375 2668 ============================================================
17:49:48.0906 2668 BG loaded
17:50:00.0984 2668 Drive \Device\Harddisk0\DR0 - Size: 0x12A1E0DE00 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:50:01.0312 2668 ============================================================
17:50:01.0312 2668 \Device\Harddisk0\DR0:
17:50:01.0375 2668 MBR partitions:
17:50:01.0375 2668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
17:50:01.0375 2668 ============================================================
17:50:02.0687 2668 C: <-> \Device\Harddisk0\DR0\Partition1
17:50:02.0859 2668 ============================================================
17:50:02.0859 2668 Initialize success
17:50:02.0859 2668 ============================================================
17:51:01.0781 4012 ============================================================
17:51:01.0781 4012 Scan started
17:51:01.0781 4012 Mode: Manual; SigCheck; TDLFS;
17:51:01.0781 4012 ============================================================
17:51:04.0375 4012 ================ Scan system memory ========================
17:51:04.0375 4012 System memory - ok
17:51:04.0375 4012 ================ Scan services =============================
17:51:05.0640 4012 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
17:51:06.0140 4012 Aavmker4 - ok
17:51:06.0156 4012 Abiosdsk - ok
17:51:06.0156 4012 abp480n5 - ok
17:51:06.0484 4012 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:51:12.0484 4012 ACPI - ok
17:51:12.0531 4012 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:51:12.0843 4012 ACPIEC - ok
17:51:12.0859 4012 adpu160m - ok
17:51:12.0921 4012 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:51:13.0093 4012 aec - ok
17:51:13.0140 4012 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:51:13.0234 4012 AFD - ok
17:51:13.0250 4012 Aha154x - ok
17:51:13.0265 4012 aic78u2 - ok
17:51:13.0265 4012 aic78xx - ok
17:51:13.0328 4012 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:51:13.0500 4012 Alerter - ok
17:51:13.0546 4012 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
17:51:13.0625 4012 ALG - ok
17:51:13.0625 4012 AliIde - ok
17:51:13.0968 4012 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
17:51:15.0062 4012 Ambfilt - ok
17:51:15.0109 4012 [ 6E58654CB25730B2579E45E1FD116A47 ] amdide C:\WINDOWS\system32\DRIVERS\amdide.sys
17:51:15.0140 4012 amdide - ok
17:51:15.0187 4012 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
17:51:15.0250 4012 AmdPPM - ok
17:51:15.0250 4012 amsint - ok
17:51:15.0359 4012 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:51:15.0484 4012 AppMgmt - ok
17:51:15.0484 4012 asc - ok
17:51:15.0500 4012 asc3350p - ok
17:51:15.0500 4012 asc3550 - ok
17:51:15.0828 4012 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:51:16.0046 4012 aspnet_state - ok
17:51:16.0093 4012 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
17:51:16.0140 4012 aswFsBlk - ok
17:51:16.0187 4012 [ 31E0D16EB06D09A248AFF20C76F9091B ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
17:51:16.0203 4012 aswKbd - ok
17:51:16.0281 4012 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
17:51:16.0296 4012 aswMon2 - ok
17:51:16.0343 4012 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
17:51:16.0375 4012 AswRdr - ok
17:51:16.0609 4012 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
17:51:17.0109 4012 aswSnx - ok
17:51:17.0203 4012 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
17:51:17.0515 4012 aswSP - ok
17:51:17.0546 4012 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
17:51:17.0593 4012 aswTdi - ok
17:51:17.0625 4012 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:51:17.0765 4012 AsyncMac - ok
17:51:17.0828 4012 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:51:18.0015 4012 atapi - ok
17:51:18.0015 4012 Atdisk - ok
17:51:18.0156 4012 [ ECA673779ECD27D674953D692FE070F6 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:51:18.0750 4012 Ati HotKey Poller - ok
17:51:19.0109 4012 [ 1428C586BB318E1404575834E428ADDD ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
17:51:19.0328 4012 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
17:51:19.0328 4012 ATI Smart - detected UnsignedFile.Multi.Generic (1)
17:51:25.0250 4012 [ 15B2FE76E2ECEB98C49ED52311A6F26F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:51:28.0875 4012 ati2mtag - ok
17:51:29.0953 4012 [ D9BC8892B9440A2551B8148C57AA039E ] AtiHdmiService C:\WINDOWS\system32\drivers\AtiHdmi.sys
17:51:30.0046 4012 AtiHdmiService - ok
17:51:31.0500 4012 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:51:31.0734 4012 Atmarpc - ok
17:51:32.0312 4012 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:51:32.0515 4012 AudioSrv - ok
17:51:34.0375 4012 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:51:34.0562 4012 audstub - ok
17:51:41.0125 4012 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:51:41.0140 4012 avast! Antivirus - ok
17:51:41.0859 4012 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:51:42.0062 4012 Beep - ok
17:51:45.0734 4012 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
17:51:47.0375 4012 BITS - ok
17:51:47.0375 4012 Bonjour Service - ok
17:51:49.0015 4012 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
17:51:49.0187 4012 Browser - ok
17:51:51.0921 4012 [ 1778EBA872274C1226D869CD9486847E ] Capture Device Service C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
17:51:52.0140 4012 Capture Device Service - ok
17:51:52.0343 4012 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:51:52.0546 4012 cbidf2k - ok
17:51:52.0562 4012 cd20xrnt - ok
17:51:52.0671 4012 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:51:52.0890 4012 Cdaudio - ok
17:51:53.0171 4012 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:51:53.0406 4012 Cdfs - ok
17:51:53.0500 4012 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:51:53.0718 4012 Cdrom - ok
17:51:53.0718 4012 Changer - ok
17:51:53.0781 4012 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:51:53.0984 4012 CiSvc - ok
17:51:54.0484 4012 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:51:54.0734 4012 ClipSrv - ok
17:51:55.0203 4012 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:51:55.0796 4012 clr_optimization_v2.0.50727_32 - ok
17:51:55.0796 4012 CmdIde - ok
17:51:55.0812 4012 COMSysApp - ok
17:51:55.0828 4012 Cpqarray - ok
17:51:56.0468 4012 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:51:56.0640 4012 CryptSvc - ok
17:51:56.0640 4012 dac2w2k - ok
17:51:56.0656 4012 dac960nt - ok
17:51:57.0328 4012 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:51:57.0796 4012 DcomLaunch - ok
17:51:58.0171 4012 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:51:58.0406 4012 Dhcp - ok
17:51:58.0421 4012 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:51:58.0625 4012 Disk - ok
17:51:58.0625 4012 dmadmin - ok
17:51:59.0671 4012 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:52:00.0015 4012 dmboot - ok
17:52:00.0109 4012 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:52:00.0359 4012 dmio - ok
17:52:00.0406 4012 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:52:00.0578 4012 dmload - ok
17:52:00.0640 4012 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:52:00.0812 4012 dmserver - ok
17:52:00.0875 4012 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:52:01.0062 4012 DMusic - ok
17:52:01.0406 4012 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:52:01.0593 4012 Dnscache - ok
17:52:01.0890 4012 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:52:02.0140 4012 Dot3svc - ok
17:52:02.0140 4012 dpti2o - ok
17:52:02.0187 4012 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:52:02.0375 4012 drmkaud - ok
17:52:02.0406 4012 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:52:02.0593 4012 EapHost - ok
17:52:02.0875 4012 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:52:03.0062 4012 ERSvc - ok
17:52:03.0421 4012 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
17:52:03.0468 4012 Eventlog - ok
17:52:03.0625 4012 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
17:52:03.0843 4012 EventSystem - ok
17:52:03.0921 4012 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:52:04.0093 4012 Fastfat - ok
17:52:04.0171 4012 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:52:04.0250 4012 FastUserSwitchingCompatibility - ok
17:52:04.0312 4012 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:52:04.0546 4012 Fdc - ok
17:52:04.0593 4012 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:52:04.0765 4012 Fips - ok
17:52:04.0812 4012 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:52:04.0921 4012 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
17:52:04.0921 4012 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
17:52:04.0953 4012 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:52:05.0125 4012 Flpydisk - ok
17:52:05.0218 4012 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:52:05.0390 4012 FltMgr - ok
17:52:05.0484 4012 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:52:05.0515 4012 FontCache3.0.0.0 - ok
17:52:05.0546 4012 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:52:05.0703 4012 Fs_Rec - ok
17:52:05.0734 4012 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:52:05.0890 4012 Ftdisk - ok
17:52:05.0937 4012 [ C6E3105B8C68C35CC1EB26A00FD1A8C6 ] gdrv C:\WINDOWS\gdrv.sys
17:52:07.0421 4012 gdrv - ok
17:52:07.0468 4012 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:52:07.0656 4012 Gpc - ok
17:52:07.0734 4012 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:52:07.0750 4012 gupdate - ok
17:52:07.0750 4012 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:52:07.0765 4012 gupdatem - ok
17:52:07.0828 4012 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:52:07.0984 4012 HDAudBus - ok
17:52:08.0062 4012 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:52:08.0218 4012 helpsvc - ok
17:52:08.0218 4012 HidServ - ok
17:52:08.0250 4012 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:52:08.0406 4012 HidUsb - ok
17:52:08.0437 4012 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:52:08.0593 4012 hkmsvc - ok
17:52:08.0593 4012 hpn - ok
17:52:08.0640 4012 [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:52:09.0000 4012 HPZid412 - ok
17:52:09.0062 4012 [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:52:09.0125 4012 HPZipr12 - ok
17:52:09.0171 4012 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:52:09.0250 4012 HPZius12 - ok
17:52:09.0296 4012 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:52:09.0328 4012 HTTP - ok
17:52:09.0375 4012 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:52:09.0531 4012 HTTPFilter - ok
17:52:09.0546 4012 i2omgmt - ok
17:52:09.0546 4012 i2omp - ok
17:52:09.0593 4012 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:52:09.0750 4012 i8042prt - ok
17:52:09.0937 4012 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:52:10.0390 4012 idsvc - ok
17:52:10.0437 4012 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:52:10.0609 4012 Imapi - ok
17:52:10.0656 4012 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:52:10.0843 4012 ImapiService - ok
17:52:10.0859 4012 ini910u - ok
17:52:11.0296 4012 [ 0CACDCBBC8E6F11E2865C47BFC509848 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:52:11.0703 4012 IntcAzAudAddService - ok
17:52:11.0718 4012 IntelIde - ok
17:52:11.0750 4012 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:52:11.0921 4012 Ip6Fw - ok
17:52:11.0953 4012 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:52:12.0140 4012 IpFilterDriver - ok
17:52:12.0171 4012 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:52:12.0312 4012 IpInIp - ok
17:52:12.0343 4012 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:52:12.0500 4012 IpNat - ok
17:52:12.0546 4012 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:52:12.0687 4012 IPSec - ok
17:52:12.0734 4012 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:52:12.0796 4012 IRENUM - ok
17:52:12.0828 4012 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:52:12.0968 4012 isapnp - ok
17:52:13.0000 4012 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:52:13.0156 4012 Kbdclass - ok
17:52:13.0187 4012 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:52:13.0343 4012 kbdhid - ok
17:52:13.0390 4012 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:52:13.0531 4012 kmixer - ok
17:52:13.0562 4012 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:52:13.0625 4012 KSecDD - ok
17:52:13.0656 4012 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
17:52:13.0703 4012 LanmanServer - ok
17:52:13.0750 4012 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:52:13.0828 4012 lanmanworkstation - ok
17:52:13.0828 4012 lbrtfdc - ok
17:52:13.0875 4012 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:52:14.0015 4012 LmHosts - ok
17:52:14.0187 4012 [ DABB24407D4EB8F1DF9F818683624176 ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
17:52:14.0218 4012 LMIGuardianSvc - ok
17:52:14.0265 4012 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
17:52:14.0281 4012 LMIInfo - ok
17:52:14.0312 4012 [ 24597000FB888EE0558F24EC391732C4 ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
17:52:14.0359 4012 LMIMaint - ok
17:52:14.0406 4012 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
17:52:14.0437 4012 lmimirr - ok
17:52:14.0437 4012 LMIRfsClientNP - ok
17:52:14.0484 4012 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
17:52:14.0500 4012 LMIRfsDriver - ok
17:52:14.0546 4012 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
17:52:14.0609 4012 LogMeIn - ok
17:52:14.0671 4012 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:52:14.0687 4012 MDM - ok
17:52:14.0718 4012 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:52:14.0890 4012 Messenger - ok
17:52:14.0921 4012 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:52:15.0062 4012 mnmdd - ok
17:52:15.0093 4012 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:52:15.0250 4012 mnmsrvc - ok
17:52:15.0281 4012 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:52:15.0437 4012 Modem - ok
17:52:15.0500 4012 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
17:52:15.0593 4012 Monfilt - ok
17:52:15.0671 4012 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:52:15.0828 4012 Mouclass - ok
17:52:15.0843 4012 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:52:15.0984 4012 mouhid - ok
17:52:16.0015 4012 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:52:16.0156 4012 MountMgr - ok
17:52:16.0171 4012 mraid35x - ok
17:52:16.0187 4012 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:52:16.0328 4012 MRxDAV - ok
17:52:16.0359 4012 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:52:16.0468 4012 MRxSmb - ok
17:52:16.0500 4012 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:52:16.0640 4012 MSDTC - ok
17:52:16.0656 4012 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:52:16.0812 4012 Msfs - ok
17:52:16.0812 4012 MSIServer - ok
17:52:16.0859 4012 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:52:17.0000 4012 MSKSSRV - ok
17:52:17.0015 4012 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:52:17.0171 4012 MSPCLOCK - ok
17:52:17.0218 4012 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:52:17.0343 4012 MSPQM - ok
17:52:17.0375 4012 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:52:17.0515 4012 mssmbios - ok
17:52:17.0546 4012 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:52:17.0593 4012 Mup - ok
17:52:17.0625 4012 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:52:17.0781 4012 napagent - ok
17:52:17.0812 4012 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:52:17.0968 4012 NDIS - ok
17:52:18.0000 4012 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:52:18.0031 4012 NdisTapi - ok
17:52:18.0078 4012 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:52:18.0203 4012 Ndisuio - ok
17:52:18.0218 4012 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:52:18.0656 4012 NdisWan - ok
17:52:18.0687 4012 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:52:18.0734 4012 NDProxy - ok
17:52:18.0750 4012 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:52:18.0890 4012 NetBIOS - ok
17:52:18.0921 4012 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:52:19.0078 4012 NetBT - ok
17:52:19.0125 4012 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
17:52:19.0250 4012 NetDDE - ok
17:52:19.0265 4012 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:52:19.0406 4012 NetDDEdsdm - ok
17:52:19.0421 4012 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:52:19.0562 4012 Netlogon - ok
17:52:19.0593 4012 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
17:52:19.0734 4012 Netman - ok
17:52:19.0781 4012 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:52:19.0812 4012 NetTcpPortSharing - ok
17:52:19.0859 4012 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
17:52:19.0875 4012 Nla - ok
17:52:19.0890 4012 NMSAccessU - ok
17:52:19.0921 4012 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:52:20.0062 4012 Npfs - ok
17:52:20.0093 4012 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:52:20.0312 4012 Ntfs - ok
17:52:20.0328 4012 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:52:20.0468 4012 NtLmSsp - ok
17:52:20.0500 4012 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:52:20.0656 4012 NtmsSvc - ok
17:52:20.0687 4012 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:52:20.0843 4012 Null - ok
17:52:20.0890 4012 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:52:21.0031 4012 NwlnkFlt - ok
17:52:21.0062 4012 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:52:21.0218 4012 NwlnkFwd - ok
17:52:21.0234 4012 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:52:21.0375 4012 Parport - ok
17:52:21.0390 4012 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:52:21.0531 4012 PartMgr - ok
17:52:21.0546 4012 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:52:21.0687 4012 ParVdm - ok
17:52:21.0734 4012 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:52:21.0906 4012 PCI - ok
17:52:21.0906 4012 PCIDump - ok
17:52:21.0953 4012 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:52:22.0078 4012 PCIIde - ok
17:52:22.0109 4012 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:52:22.0281 4012 Pcmcia - ok
17:52:22.0281 4012 PDCOMP - ok
17:52:22.0296 4012 PDFRAME - ok
17:52:22.0312 4012 PDRELI - ok
17:52:22.0312 4012 PDRFRAME - ok
17:52:22.0328 4012 perc2 - ok
17:52:22.0343 4012 perc2hib - ok
17:52:22.0375 4012 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
17:52:22.0406 4012 PlugPlay - ok
17:52:22.0421 4012 [ D31F88C5F19EEFA366A415D6BC5F2ABC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
17:52:22.0500 4012 Pml Driver HPZ12 - ok
17:52:22.0515 4012 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:52:22.0656 4012 PolicyAgent - ok
17:52:22.0671 4012 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:52:22.0843 4012 PptpMiniport - ok
17:52:22.0875 4012 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:52:23.0031 4012 Processor - ok
17:52:23.0062 4012 [ 4AA86B6F5FDF5ED32ADC723B0E5B052D ] prodrv04 C:\WINDOWS\System32\drivers\prodrv04.sys
17:52:23.0062 4012 prodrv04 ( UnsignedFile.Multi.Generic ) - warning
17:52:23.0062 4012 prodrv04 - detected UnsignedFile.Multi.Generic (1)
17:52:23.0078 4012 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:52:23.0234 4012 ProtectedStorage - ok
17:52:23.0250 4012 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:52:23.0390 4012 PSched - ok
17:52:23.0406 4012 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:52:23.0562 4012 Ptilink - ok
17:52:23.0609 4012 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:52:23.0625 4012 PxHelp20 - ok
17:52:23.0625 4012 ql1080 - ok
17:52:23.0640 4012 Ql10wnt - ok
17:52:23.0640 4012 ql12160 - ok
17:52:23.0656 4012 ql1240 - ok
17:52:23.0671 4012 ql1280 - ok
17:52:23.0687 4012 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:52:23.0828 4012 RasAcd - ok
17:52:23.0875 4012 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:52:24.0000 4012 RasAuto - ok
17:52:24.0031 4012 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:52:24.0171 4012 Rasl2tp - ok
17:52:24.0187 4012 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:52:24.0328 4012 RasMan - ok
17:52:24.0343 4012 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:52:24.0484 4012 RasPppoe - ok
17:52:24.0500 4012 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:52:24.0640 4012 Raspti - ok
17:52:24.0656 4012 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:52:24.0796 4012 Rdbss - ok
17:52:24.0796 4012 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:52:24.0937 4012 RDPCDD - ok
17:52:25.0000 4012 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:52:25.0140 4012 rdpdr - ok
17:52:25.0203 4012 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:52:25.0250 4012 RDPWD - ok
17:52:25.0281 4012 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:52:25.0421 4012 RDSessMgr - ok
17:52:25.0437 4012 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:52:25.0593 4012 redbook - ok
17:52:25.0625 4012 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:52:25.0750 4012 RemoteAccess - ok
17:52:25.0781 4012 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:52:25.0921 4012 RemoteRegistry - ok
17:52:25.0937 4012 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:52:26.0109 4012 RpcLocator - ok
17:52:26.0140 4012 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:52:26.0203 4012 RpcSs - ok
17:52:26.0234 4012 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:52:26.0406 4012 RSVP - ok
17:52:26.0437 4012 [ 6FC7DDF3B8D94FBA7AC664452D6478D4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:52:26.0500 4012 RTLE8023xp - ok
17:52:26.0562 4012 [ 9F6B9F66223B1265ED66D005D93E539D ] RTLTEAMING C:\WINDOWS\system32\DRIVERS\RTLTEAMING.SYS
17:52:26.0562 4012 RTLTEAMING ( UnsignedFile.Multi.Generic ) - warning
17:52:26.0562 4012 RTLTEAMING - detected UnsignedFile.Multi.Generic (1)
17:52:26.0593 4012 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
17:52:26.0734 4012 SamSs - ok
17:52:26.0765 4012 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:52:26.0921 4012 SCardSvr - ok
17:52:26.0968 4012 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:52:27.0109 4012 Schedule - ok
17:52:27.0125 4012 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:52:27.0187 4012 Secdrv - ok
17:52:27.0218 4012 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
17:52:27.0359 4012 seclogon - ok
17:52:27.0375 4012 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
17:52:27.0531 4012 SENS - ok
17:52:27.0546 4012 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:52:27.0671 4012 serenum - ok
17:52:27.0687 4012 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:52:27.0828 4012 Serial - ok
17:52:27.0859 4012 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:52:28.0000 4012 Sfloppy - ok
17:52:28.0046 4012 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:52:28.0171 4012 SharedAccess - ok
17:52:28.0203 4012 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:52:28.0234 4012 ShellHWDetection - ok
17:52:28.0234 4012 Simbad - ok
17:52:28.0250 4012 Sparrow - ok
17:52:28.0281 4012 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:52:28.0421 4012 splitter - ok
17:52:28.0453 4012 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:52:28.0500 4012 Spooler - ok
17:52:28.0546 4012 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
17:52:28.0562 4012 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
17:52:28.0578 4012 sptd ( LockedFile.Multi.Generic ) - warning
17:52:28.0578 4012 sptd - detected LockedFile.Multi.Generic (1)
17:52:28.0625 4012 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:52:28.0671 4012 sr - ok
17:52:28.0703 4012 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
17:52:28.0765 4012 srservice - ok
17:52:28.0812 4012 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:52:28.0875 4012 Srv - ok
17:52:28.0921 4012 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:52:29.0015 4012 SSDPSRV - ok
17:52:29.0046 4012 Steam Client Service - ok
17:52:29.0078 4012 [ 06CDA2A5A549BC455D004461E6BC5B33 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
17:52:29.0203 4012 StillCam - ok
17:52:29.0265 4012 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:52:29.0453 4012 stisvc - ok
17:52:29.0468 4012 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:52:29.0593 4012 swenum - ok
17:52:29.0625 4012 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:52:29.0781 4012 swmidi - ok
17:52:29.0781 4012 SwPrv - ok
17:52:29.0796 4012 symc810 - ok
17:52:29.0796 4012 symc8xx - ok
17:52:29.0812 4012 sym_hi - ok
17:52:29.0828 4012 sym_u3 - ok
17:52:29.0843 4012 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:52:29.0968 4012 sysaudio - ok
17:52:30.0000 4012 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:52:30.0140 4012 SysmonLog - ok
17:52:30.0171 4012 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:52:30.0312 4012 TapiSrv - ok
17:52:30.0359 4012 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:52:30.0437 4012 Tcpip - ok
17:52:30.0468 4012 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:52:30.0609 4012 TDPIPE - ok
17:52:30.0609 4012 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:52:30.0750 4012 TDTCP - ok
17:52:30.0781 4012 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:52:30.0937 4012 TermDD - ok
17:52:30.0968 4012 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
17:52:31.0109 4012 TermService - ok
17:52:31.0125 4012 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:52:31.0156 4012 Themes - ok
17:52:31.0187 4012 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:52:31.0250 4012 TlntSvr - ok
17:52:31.0250 4012 TosIde - ok
17:52:31.0281 4012 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:52:31.0421 4012 TrkWks - ok
17:52:31.0453 4012 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:52:31.0625 4012 Udfs - ok
17:52:31.0687 4012 [ 4BD2C322118A2470B450492A0C3302F9 ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
17:52:31.0703 4012 UleadBurningHelper - ok
17:52:31.0703 4012 ultra - ok
17:52:31.0765 4012 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:52:31.0937 4012 Update - ok
17:52:31.0968 4012 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
17:52:32.0031 4012 upnphost - ok
17:52:32.0046 4012 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
17:52:32.0203 4012 UPS - ok
17:52:32.0250 4012 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:52:32.0406 4012 usbccgp - ok
17:52:32.0421 4012 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:52:32.0562 4012 usbehci - ok
17:52:32.0578 4012 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:52:32.0734 4012 usbhub - ok
17:52:32.0781 4012 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:52:32.0921 4012 usbohci - ok
17:52:32.0937 4012 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:52:33.0062 4012 usbprint - ok
17:52:33.0125 4012 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:52:33.0265 4012 usbscan - ok
17:52:33.0312 4012 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:52:33.0437 4012 USBSTOR - ok
17:52:33.0468 4012 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:52:33.0625 4012 VgaSave - ok
17:52:33.0640 4012 ViaIde - ok
17:52:33.0687 4012 [ 622FCF264119F7DF127BE353F796B319 ] VideoDownloadConverter_4zService C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe
17:52:33.0703 4012 VideoDownloadConverter_4zService - ok
17:52:33.0718 4012 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:52:33.0859 4012 VolSnap - ok
17:52:33.0890 4012 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
17:52:34.0015 4012 VSS - ok
17:52:34.0078 4012 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
17:52:34.0250 4012 W32Time - ok
17:52:34.0281 4012 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:52:34.0890 4012 Wanarp - ok
17:52:34.0906 4012 WDICA - ok
17:52:34.0937 4012 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:52:35.0078 4012 wdmaud - ok
17:52:35.0093 4012 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:52:35.0312 4012 WebClient - ok
17:52:35.0453 4012 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:52:35.0578 4012 winmgmt - ok
17:52:35.0687 4012 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:52:35.0734 4012 WmdmPmSN - ok
17:52:35.0937 4012 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:52:36.0281 4012 Wmi - ok
17:52:36.0328 4012 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:52:36.0562 4012 WmiAcpi - ok
17:52:36.0625 4012 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:52:36.0812 4012 WmiApSrv - ok
17:52:37.0109 4012 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
17:52:37.0625 4012 WMPNetworkSvc - ok
17:52:37.0671 4012 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:52:37.0734 4012 WpdUsb - ok
17:52:37.0796 4012 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:52:38.0015 4012 wscsvc - ok
17:52:38.0062 4012 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:52:38.0203 4012 wuauserv - ok
17:52:38.0234 4012 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:52:38.0250 4012 WudfPf - ok
17:52:38.0281 4012 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:52:38.0359 4012 WudfRd - ok
17:52:38.0390 4012 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:52:38.0546 4012 WudfSvc - ok
17:52:38.0640 4012 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:52:38.0843 4012 WZCSVC - ok
17:52:38.0906 4012 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:52:39.0421 4012 xmlprov - ok
17:52:39.0421 4012 ================ Scan global ===============================
17:52:39.0578 4012 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
17:52:40.0312 4012 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
17:52:40.0578 4012 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
17:52:40.0593 4012 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
17:52:40.0593 4012 [Global] - ok
17:52:40.0593 4012 ================ Scan MBR ==================================
17:52:40.0656 4012 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
17:52:44.0062 4012 \Device\Harddisk0\DR0 - ok
17:52:44.0062 4012 ================ Scan VBR ==================================
17:52:44.0078 4012 [ A9BE46D5D655B44C1B69DB056854334C ] \Device\Harddisk0\DR0\Partition1
17:52:44.0078 4012 \Device\Harddisk0\DR0\Partition1 - ok
17:52:44.0078 4012 ============================================================
17:52:44.0078 4012 Scan finished
17:52:44.0078 4012 ============================================================
17:52:44.0203 4004 Detected object count: 5
17:52:44.0203 4004 Actual detected object count: 5
17:53:05.0234 4004 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
17:53:05.0234 4004 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:53:05.0234 4004 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:53:05.0234 4004 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:53:05.0234 4004 prodrv04 ( UnsignedFile.Multi.Generic ) - skipped by user
17:53:05.0234 4004 prodrv04 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:53:05.0250 4004 RTLTEAMING ( UnsignedFile.Multi.Generic ) - skipped by user
17:53:05.0250 4004 RTLTEAMING ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:53:05.0250 4004 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:53:05.0250 4004 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
Re: Prosím o kontrolu logu
Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe
Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe
Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe - Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- Na plose vznikne log Rkill.txt ten mi sem vlozte
- Ted nerestartujte PC - prisli byste o ucinek RKillu
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 01/03/2013 07:41:57 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.
* HOSTS file entries found:
127.0.0.1 localhost
::1 localhost
Program finished at: 01/03/2013 07:42:38 PM
Execution time: 0 hours(s), 0 minute(s), and 41 seconds(s)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 01/03/2013 07:41:57 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.
* HOSTS file entries found:
127.0.0.1 localhost
::1 localhost
Program finished at: 01/03/2013 07:42:38 PM
Execution time: 0 hours(s), 0 minute(s), and 41 seconds(s)
Re: Prosím o kontrolu logu
ComboFix 13-01-03.05 - Administrator 03.01.2013 20:50:23.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.266 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator.AMDX2\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\Install.exe
C:\readme.rtf
C:\SETUP.BAT
C:\WA6P
C:\WA7P
c:\windows\EventSystem.log
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\SET7E.tmp
c:\windows\system32\SET7F.tmp
c:\windows\system32\TZLog.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\UA000079.DLL
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-03 do 2013-01-03 )))))))))))))))))))))))))))))))
.
.
2013-01-03 18:47 . 2013-01-03 18:47 -------- d-----w- c:\documents and settings\Administrator.AMDX2
2013-01-03 18:38 . 2013-01-03 18:38 -------- d-----w- c:\documents and settings\LogMeInRemoteUser
2013-01-03 16:46 . 2013-01-03 16:46 -------- d-----w- C:\TDSSKiller_Quarantine
2013-01-03 16:14 . 2012-12-18 08:33 53240 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2013-01-03 16:14 . 2012-12-18 08:33 31736 ----a-w- c:\windows\system32\LMIport.dll
2013-01-03 16:14 . 2012-12-18 08:33 84504 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2013-01-03 16:14 . 2012-11-29 10:56 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2013-01-03 16:14 . 2012-12-18 08:33 92664 ----a-w- c:\windows\system32\LMIinit.dll
2013-01-03 16:13 . 2013-01-03 18:38 -------- d-----w- c:\program files\LogMeIn
2013-01-03 15:47 . 2013-01-03 15:52 -------- d-----w- c:\program files\trend micro
2013-01-03 15:47 . 2013-01-03 15:52 -------- d-----w- C:\rsit
2013-01-03 08:58 . 2013-01-03 20:03 1409 ----a-w- c:\windows\QTFont.for
2013-01-02 17:05 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-01-02 17:05 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-01-02 17:05 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-01-02 17:05 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-01-02 17:05 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-01-02 17:05 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2013-01-02 17:05 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2013-01-02 17:05 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2013-01-02 17:04 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-01-02 17:04 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-02 17:03 . 2013-01-02 17:03 -------- d-----w- c:\program files\AVAST Software
2012-12-31 14:17 . 2012-12-31 14:17 -------- d-----w- c:\program files\Cenega Czech
2012-12-31 14:17 . 2002-12-05 13:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-12-31 14:17 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-12-31 14:17 . 2002-12-02 12:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-12-31 14:17 . 2002-12-02 12:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-12-31 14:17 . 2012-12-31 14:17 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-12-31 14:17 . 2002-12-05 13:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-12-31 14:17 . 2012-12-31 14:17 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-12-26 19:41 . 2012-12-26 19:44 -------- d-----w- c:\program files\PhotoFiltre Studio X
2012-12-26 19:35 . 2012-12-26 19:35 -------- d-----w- c:\program files\Video Download Converter
2012-12-26 19:35 . 2012-12-26 19:37 -------- d-----w- c:\program files\VideoDownloadConverter_4z
2012-12-16 06:02 . 2012-12-16 06:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikac
2012-12-09 08:34 . 2012-12-09 08:34 -------- d-----w- c:\windows\Profiles
2012-12-08 19:01 . 2012-12-08 19:01 114496 ----a-w- c:\windows\system32\drivers\prodrv04.sys
2012-12-08 18:56 . 2012-12-16 06:14 -------- d-----w- c:\program files\Red Storm Entertainment
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-03 16:47 . 2008-04-14 05:35 188288 ----a-w- c:\windows\system32\drivers\acpi.sys
2012-12-16 12:23 . 2008-04-14 06:37 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-29 10:56 . 2012-11-29 10:56 25248 ----a-w- c:\windows\system32\lmimirr.dll
2012-11-29 10:56 . 2012-11-29 10:56 11552 ----a-w- c:\windows\system32\lmimirr2.dll
2012-11-29 10:56 . 2012-11-29 10:56 10144 ----a-w- c:\windows\system32\drivers\lmimirr.sys
2012-11-13 11:55 . 2008-04-14 05:45 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-02 02:03 . 2008-04-14 06:51 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:12 . 2008-04-14 06:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 12:12 . 2008-04-14 06:52 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:12 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 00:35 . 2008-04-14 05:50 385024 ----a-w- c:\windows\system32\html.iec
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-12 37888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 77824]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-11-08 188416]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"VideoDownloadConverter Search Scope Monitor"="c:\progra~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" [2012-12-26 42536]
"VideoDownloadConverter_4z Browser Plugin Loader"="c:\progra~1\VIDEOD~2\bar\1.bin\4zbrmon.exe" [2012-12-26 30096]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2012-11-29 63048]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\x\Nabídka Start\Programy\Po spuštění\
Quick Office.lnk - c:\windows\system32\portmap.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2012-12-18 08:33 92664 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Grand Prix 4\\GP4.exe"=
"c:\\WINDOWS\\system32\\mshta.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Documents and Settings\\All Users.WINDOWS\\Dokumenty\\Norton\\{NISADO-B185-4abb-B07C-C084B04B4F12}\\Age Of Empires 2 & The Conquerors(cz)no instal\\age2_x1.exe"=
"c:\\Documents and Settings\\All Users.WINDOWS\\Dokumenty\\Norton\\{NISADO-B185-4abb-B07C-C084B04B4F12}\\Age Of Empires 2 & The Conquerors(cz)no instal\\empires2.exe"=
"c:\\Program Files\\Counter-Strike 1.6 Non-Steam\\hl.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.2.2010 17:22 691696]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [12.8.2012 16:40 18544]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2.1.2013 18:05 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.1.2013 18:05 361032]
R1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [8.12.2012 20:01 114496]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.1.2013 18:05 21256]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [18.12.2012 9:32 375296]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [29.11.2012 11:56 12856]
S2 VideoDownloadConverter_4zService;VideoDownloadConverterService;c:\progra~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [26.12.2012 20:35 42504]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9.2.2010 17:40 1684736]
S3 RTLTEAMING;Realtek Intermediate Driver for Ethernet Extended Features;c:\windows\system32\drivers\RTLTEAMING.SYS [9.2.2010 18:11 28800]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-03 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-01-03 22:50]
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-01 00:48]
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-01 00:48]
.
2013-01-03 c:\windows\Tasks\User_Feed_Synchronization-{19946800-5297-4F1C-AB0B-19F5B7CEEC0B}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-StartCCC - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
SafeBoot-45453658.sys
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0405.EXE
AddRemove-All ATI Software - c:\program files\ATI Technologies\UninstallAll\AtiCimUn.exe
AddRemove-CCleaner - c:\program files\CCleaner\uninst.exe
AddRemove-Clovece3D - c:\documents and settings\uživatel.AMDX2\Plocha\hry\Clovece3D\uninstall.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-iMesh - c:\program files\iMesh Applications\iMesh\UninstallSurvey.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-03 21:11
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(816)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
.
- - - - - - - > 'explorer.exe'(3828)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\HPZipm12.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Celkový čas: 2013-01-03 21:18:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-03 20:18
.
Před spuštěním: Volných bajtů: 17 512 955 904
Po spuštění: Volných bajtů: 17 462 444 032
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /usepmtimer /noexecute=optin
.
- - End Of File - - 4E40BB2AC8C488D30AE149FC9A27828C
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.266 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator.AMDX2\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\Install.exe
C:\readme.rtf
C:\SETUP.BAT
C:\WA6P
C:\WA7P
c:\windows\EventSystem.log
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\SET7E.tmp
c:\windows\system32\SET7F.tmp
c:\windows\system32\TZLog.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\UA000079.DLL
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-03 do 2013-01-03 )))))))))))))))))))))))))))))))
.
.
2013-01-03 18:47 . 2013-01-03 18:47 -------- d-----w- c:\documents and settings\Administrator.AMDX2
2013-01-03 18:38 . 2013-01-03 18:38 -------- d-----w- c:\documents and settings\LogMeInRemoteUser
2013-01-03 16:46 . 2013-01-03 16:46 -------- d-----w- C:\TDSSKiller_Quarantine
2013-01-03 16:14 . 2012-12-18 08:33 53240 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2013-01-03 16:14 . 2012-12-18 08:33 31736 ----a-w- c:\windows\system32\LMIport.dll
2013-01-03 16:14 . 2012-12-18 08:33 84504 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2013-01-03 16:14 . 2012-11-29 10:56 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2013-01-03 16:14 . 2012-12-18 08:33 92664 ----a-w- c:\windows\system32\LMIinit.dll
2013-01-03 16:13 . 2013-01-03 18:38 -------- d-----w- c:\program files\LogMeIn
2013-01-03 15:47 . 2013-01-03 15:52 -------- d-----w- c:\program files\trend micro
2013-01-03 15:47 . 2013-01-03 15:52 -------- d-----w- C:\rsit
2013-01-03 08:58 . 2013-01-03 20:03 1409 ----a-w- c:\windows\QTFont.for
2013-01-02 17:05 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-01-02 17:05 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-01-02 17:05 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-01-02 17:05 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-01-02 17:05 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-01-02 17:05 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2013-01-02 17:05 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2013-01-02 17:05 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2013-01-02 17:04 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-01-02 17:04 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-02 17:03 . 2013-01-02 17:03 -------- d-----w- c:\program files\AVAST Software
2012-12-31 14:17 . 2012-12-31 14:17 -------- d-----w- c:\program files\Cenega Czech
2012-12-31 14:17 . 2002-12-05 13:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-12-31 14:17 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-12-31 14:17 . 2002-12-02 12:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-12-31 14:17 . 2002-12-02 12:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-12-31 14:17 . 2012-12-31 14:17 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-12-31 14:17 . 2002-12-05 13:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-12-31 14:17 . 2012-12-31 14:17 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-12-26 19:41 . 2012-12-26 19:44 -------- d-----w- c:\program files\PhotoFiltre Studio X
2012-12-26 19:35 . 2012-12-26 19:35 -------- d-----w- c:\program files\Video Download Converter
2012-12-26 19:35 . 2012-12-26 19:37 -------- d-----w- c:\program files\VideoDownloadConverter_4z
2012-12-16 06:02 . 2012-12-16 06:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikac
2012-12-09 08:34 . 2012-12-09 08:34 -------- d-----w- c:\windows\Profiles
2012-12-08 19:01 . 2012-12-08 19:01 114496 ----a-w- c:\windows\system32\drivers\prodrv04.sys
2012-12-08 18:56 . 2012-12-16 06:14 -------- d-----w- c:\program files\Red Storm Entertainment
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-03 16:47 . 2008-04-14 05:35 188288 ----a-w- c:\windows\system32\drivers\acpi.sys
2012-12-16 12:23 . 2008-04-14 06:37 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-29 10:56 . 2012-11-29 10:56 25248 ----a-w- c:\windows\system32\lmimirr.dll
2012-11-29 10:56 . 2012-11-29 10:56 11552 ----a-w- c:\windows\system32\lmimirr2.dll
2012-11-29 10:56 . 2012-11-29 10:56 10144 ----a-w- c:\windows\system32\drivers\lmimirr.sys
2012-11-13 11:55 . 2008-04-14 05:45 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-02 02:03 . 2008-04-14 06:51 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:12 . 2008-04-14 06:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 12:12 . 2008-04-14 06:52 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:12 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 00:35 . 2008-04-14 05:50 385024 ----a-w- c:\windows\system32\html.iec
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-12 37888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 77824]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-11-08 188416]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"VideoDownloadConverter Search Scope Monitor"="c:\progra~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" [2012-12-26 42536]
"VideoDownloadConverter_4z Browser Plugin Loader"="c:\progra~1\VIDEOD~2\bar\1.bin\4zbrmon.exe" [2012-12-26 30096]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2012-11-29 63048]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\x\Nabídka Start\Programy\Po spuštění\
Quick Office.lnk - c:\windows\system32\portmap.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2012-12-18 08:33 92664 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Grand Prix 4\\GP4.exe"=
"c:\\WINDOWS\\system32\\mshta.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Documents and Settings\\All Users.WINDOWS\\Dokumenty\\Norton\\{NISADO-B185-4abb-B07C-C084B04B4F12}\\Age Of Empires 2 & The Conquerors(cz)no instal\\age2_x1.exe"=
"c:\\Documents and Settings\\All Users.WINDOWS\\Dokumenty\\Norton\\{NISADO-B185-4abb-B07C-C084B04B4F12}\\Age Of Empires 2 & The Conquerors(cz)no instal\\empires2.exe"=
"c:\\Program Files\\Counter-Strike 1.6 Non-Steam\\hl.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.2.2010 17:22 691696]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [12.8.2012 16:40 18544]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2.1.2013 18:05 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.1.2013 18:05 361032]
R1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [8.12.2012 20:01 114496]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.1.2013 18:05 21256]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [18.12.2012 9:32 375296]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [29.11.2012 11:56 12856]
S2 VideoDownloadConverter_4zService;VideoDownloadConverterService;c:\progra~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [26.12.2012 20:35 42504]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9.2.2010 17:40 1684736]
S3 RTLTEAMING;Realtek Intermediate Driver for Ethernet Extended Features;c:\windows\system32\drivers\RTLTEAMING.SYS [9.2.2010 18:11 28800]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-03 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-01-03 22:50]
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-01 00:48]
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-01 00:48]
.
2013-01-03 c:\windows\Tasks\User_Feed_Synchronization-{19946800-5297-4F1C-AB0B-19F5B7CEEC0B}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-StartCCC - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
SafeBoot-45453658.sys
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0405.EXE
AddRemove-All ATI Software - c:\program files\ATI Technologies\UninstallAll\AtiCimUn.exe
AddRemove-CCleaner - c:\program files\CCleaner\uninst.exe
AddRemove-Clovece3D - c:\documents and settings\uživatel.AMDX2\Plocha\hry\Clovece3D\uninstall.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-iMesh - c:\program files\iMesh Applications\iMesh\UninstallSurvey.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-03 21:11
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(816)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
.
- - - - - - - > 'explorer.exe'(3828)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\HPZipm12.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Celkový čas: 2013-01-03 21:18:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-03 20:18
.
Před spuštěním: Volných bajtů: 17 512 955 904
Po spuštění: Volných bajtů: 17 462 444 032
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /usepmtimer /noexecute=optin
.
- - End Of File - - 4E40BB2AC8C488D30AE149FC9A27828C
Re: Prosím o kontrolu logu
Prosím jak to vypadá po ComboFixu podle logu?
Re: Prosím o kontrolu logu
Date log a za pul hodiny jste uz nervozni proc se tomu nikdo nevenuje...My jsme tu zdarma a ve svem volnem case, ja si docela rad po praci kdyz prijdu domu dam sprchu a jidlo... Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Search
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
Dobré ráno,
já ten log poslal hned jak se udělal scan Combofixem. Trvalo to opravdu tak dlouho.. Jinak nervózní nejsem, protože jsem rád že mi pomůžete
níže posílám log z AdwCleaner:
# AdwCleaner v2.104 - Logfile created 01/04/2013 at 10:40:10
# Updated 29/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : uživatel - AMDX2
# Boot Mode : Normal
# Running from : C:\Documents and Settings\uživatel.AMDX2\Plocha\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\WINDOWS\system32\conduitEngine.tmp
Folder Found : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ\ICQToolbar
Folder Found : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Winamp Toolbar
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\iMesh Applications\Mediabar
***** [Registry] *****
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKCU\Software\PriceGong
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Winamp Toolbar
Key Found : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Found : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Found : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Found : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Found : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Found : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Found : HKLM\Software\Winamp Toolbar
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^HJ^xdm007^YY^cz&ptb=F70352B0-4C51-4559-A3BC-5E73E55153AE&si=CLeC8KPouLQCFUxY3god5n8ANA
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www.crawler.com/search/dispatcher.aspx? ... tbid=60040
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
-\\ Opera v12.12.1707.0
*************************
AdwCleaner[R1].txt - [13761 octets] - [04/01/2013 10:40:10]
########## EOF - C:\AdwCleaner[R1].txt - [13822 octets] ##########
já ten log poslal hned jak se udělal scan Combofixem. Trvalo to opravdu tak dlouho.. Jinak nervózní nejsem, protože jsem rád že mi pomůžete níže posílám log z AdwCleaner:# AdwCleaner v2.104 - Logfile created 01/04/2013 at 10:40:10
# Updated 29/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : uživatel - AMDX2
# Boot Mode : Normal
# Running from : C:\Documents and Settings\uživatel.AMDX2\Plocha\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\WINDOWS\system32\conduitEngine.tmp
Folder Found : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ\ICQToolbar
Folder Found : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Winamp Toolbar
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\iMesh Applications\Mediabar
***** [Registry] *****
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKCU\Software\PriceGong
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Winamp Toolbar
Key Found : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Found : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Found : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Found : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Found : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Found : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Found : HKLM\Software\Winamp Toolbar
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKU\S-1-5-21-1606980848-1547161642-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^HJ^xdm007^YY^cz&ptb=F70352B0-4C51-4559-A3BC-5E73E55153AE&si=CLeC8KPouLQCFUxY3god5n8ANA
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www.crawler.com/search/dispatcher.aspx? ... tbid=60040
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
-\\ Opera v12.12.1707.0
*************************
AdwCleaner[R1].txt - [13761 octets] - [04/01/2013 10:40:10]
########## EOF - C:\AdwCleaner[R1].txt - [13822 octets] ##########
Re: Prosím o kontrolu logu
Dal jste log a uz za pul hodiny jste se ptal, jak to s nim vypada 
Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Delete
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
ahaa tak jste to myslel, no ale v tu chvili jsem nebyl nervozni , jen jsem prosil o kontrolu logu...log po delete:
# AdwCleaner v2.104 - Logfile created 01/04/2013 at 11:48:32
# Updated 29/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : uživatel - AMDX2
# Boot Mode : Normal
# Running from : C:\Documents and Settings\uživatel.AMDX2\Plocha\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\WINDOWS\system32\conduitEngine.tmp
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Winamp Toolbar
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\iMesh Applications\Mediabar
***** [Registry] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Deleted : HKLM\Software\Winamp Toolbar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^HJ^xdm007^YY^cz&ptb=F70352B0-4C51-4559-A3BC-5E73E55153AE&si=CLeC8KPouLQCFUxY3god5n8ANA --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www.crawler.com/search/dispatcher.aspx? ... tbid=60040 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
-\\ Opera v12.12.1707.0
*************************
AdwCleaner[R1].txt - [13892 octets] - [04/01/2013 10:40:10]
AdwCleaner[S1].txt - [12979 octets] - [04/01/2013 11:48:32]
########## EOF - C:\AdwCleaner[S1].txt - [13040 octets] ##########
Přispějete na provoz fóra?