Eset hlásí trojáka v operační paměti

Zpráva

feraf · #1 Příspěvek od **feraf** » 06 lis 2013 14:09

Dobrý den, tento troják eset nedokáže vyléčit a nechce se mi zrovna odinstalovávat framework. jak hotedy mám odstranit?

#2 Příspěvek od **vyosek** » 06 lis 2013 14:13

Zdravim

Predpokladam, ze ten ESET jak ma byt = zakoupena licence

Ten log jste nemusel odmazavat

Pouzivate legalni Microsoft Office??

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Kliknete na volbu Change parametrs
V okne Additional Option zakliknete vsechny moznosti
Kliknete na OK
Utilite prikazte, at skenuje - klik na Start Scan
Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Pokud mate vsude Skip, kliknete na Continue
Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

feraf · #3 Příspěvek od **feraf** » 06 lis 2013 14:23

Ano eset je koupený a office jsem odinstalnul.
14:20:34.0142 6700 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:20:36.0226 6700 ============================================================
14:20:36.0226 6700 Current date / time: 2013/11/06 14:20:36.0226
14:20:36.0226 6700 SystemInfo:
14:20:36.0226 6700
14:20:36.0226 6700 OS Version: 6.1.7601 ServicePack: 1.0
14:20:36.0226 6700 Product type: Workstation
14:20:36.0226 6700 ComputerName: FERAF-NB
14:20:36.0227 6700 UserName: Admin
14:20:36.0227 6700 Windows directory: C:\Windows
14:20:36.0227 6700 System windows directory: C:\Windows
14:20:36.0227 6700 Running under WOW64
14:20:36.0227 6700 Processor architecture: Intel x64
14:20:36.0227 6700 Number of processors: 8
14:20:36.0227 6700 Page size: 0x1000
14:20:36.0227 6700 Boot type: Normal boot
14:20:36.0227 6700 ============================================================
14:20:36.0886 6700 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:20:36.0938 6700 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:20:36.0987 6700 ============================================================
14:20:36.0987 6700 \Device\Harddisk0\DR0:
14:20:36.0987 6700 MBR partitions:
14:20:36.0987 6700 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x26357000
14:20:37.0001 6700 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x29558000, BlocksNum 0x2DFEE000
14:20:37.0001 6700 \Device\Harddisk1\DR1:
14:20:37.0002 6700 MBR partitions:
14:20:37.0002 6700 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
14:20:37.0002 6700 ============================================================
14:20:37.0034 6700 C: <-> \Device\Harddisk0\DR0\Partition1
14:20:37.0070 6700 D: <-> \Device\Harddisk0\DR0\Partition2
14:20:37.0088 6700 E: <-> \Device\Harddisk1\DR1\Partition1
14:20:37.0089 6700 ============================================================
14:20:37.0089 6700 Initialize success
14:20:37.0089 6700 ============================================================
14:21:05.0404 2776 ============================================================
14:21:05.0404 2776 Scan started
14:21:05.0404 2776 Mode: Manual; SigCheck; TDLFS;
14:21:05.0404 2776 ============================================================
14:21:05.0821 2776 ================ Scan system memory ========================
14:21:05.0821 2776 System memory - ok
14:21:05.0822 2776 ================ Scan services =============================
14:21:05.0951 2776 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:21:06.0029 2776 1394ohci - ok
14:21:06.0060 2776 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:21:06.0073 2776 ACPI - ok
14:21:06.0086 2776 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:21:06.0099 2776 AcpiPmi - ok
14:21:06.0184 2776 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:21:06.0214 2776 AdobeARMservice - ok
14:21:06.0274 2776 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:21:06.0290 2776 AdobeFlashPlayerUpdateSvc - ok
14:21:06.0312 2776 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:21:06.0327 2776 adp94xx - ok
14:21:06.0340 2776 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:21:06.0353 2776 adpahci - ok
14:21:06.0367 2776 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:21:06.0378 2776 adpu320 - ok
14:21:06.0396 2776 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:21:06.0426 2776 AeLookupSvc - ok
14:21:06.0452 2776 [ 69FD46FAC0D9C4A8ECD522AC6A7481F5 ] AFBAgent C:\Windows\system32\FBAgent.exe
14:21:06.0603 2776 AFBAgent - ok
14:21:06.0651 2776 [ 314C17917AC8523EC77A710215012A65 ] AFD C:\Windows\system32\drivers\afd.sys
14:21:06.0680 2776 AFD - ok
14:21:06.0699 2776 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:21:06.0716 2776 agp440 - ok
14:21:06.0733 2776 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:21:06.0745 2776 ALG - ok
14:21:06.0762 2776 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:21:06.0770 2776 aliide - ok
14:21:06.0780 2776 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:21:06.0788 2776 amdide - ok
14:21:06.0804 2776 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:21:06.0813 2776 AmdK8 - ok
14:21:06.0825 2776 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:21:06.0835 2776 AmdPPM - ok
14:21:06.0858 2776 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:21:06.0867 2776 amdsata - ok
14:21:06.0884 2776 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:21:06.0895 2776 amdsbs - ok
14:21:06.0904 2776 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:21:06.0912 2776 amdxata - ok
14:21:06.0937 2776 [ 9C7F164B49CADC658D1B3C575782F346 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
14:21:06.0946 2776 AmUStor - ok
14:21:06.0958 2776 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:21:06.0986 2776 AppID - ok
14:21:07.0011 2776 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:21:07.0040 2776 AppIDSvc - ok
14:21:07.0067 2776 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
14:21:07.0078 2776 Appinfo - ok
14:21:07.0087 2776 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:21:07.0099 2776 AppMgmt - ok
14:21:07.0110 2776 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:21:07.0119 2776 arc - ok
14:21:07.0133 2776 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:21:07.0143 2776 arcsas - ok
14:21:07.0178 2776 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
14:21:07.0204 2776 ASLDRService - ok
14:21:07.0212 2776 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
14:21:07.0221 2776 ASMMAP64 - ok
14:21:07.0321 2776 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:21:07.0354 2776 aspnet_state - ok
14:21:07.0367 2776 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:21:07.0403 2776 AsyncMac - ok
14:21:07.0416 2776 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:21:07.0424 2776 atapi - ok
14:21:07.0449 2776 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
14:21:07.0459 2776 AthBTPort - ok
14:21:07.0491 2776 [ A6307F356D778E18A76E7783EF98C6AA ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
14:21:07.0496 2776 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
14:21:07.0496 2776 Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic (1)
14:21:07.0515 2776 [ 749FF240DEDAFAFF94288E0307104DF3 ] AtherosSvc C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
14:21:07.0519 2776 AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
14:21:07.0520 2776 AtherosSvc - detected UnsignedFile.Multi.Generic (1)
14:21:07.0575 2776 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:21:07.0614 2776 athr - ok
14:21:07.0636 2776 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
14:21:07.0646 2776 ATKGFNEXSrv - ok
14:21:07.0669 2776 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
14:21:07.0677 2776 ATKWMIACPIIO - ok
14:21:07.0705 2776 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:21:07.0740 2776 AudioEndpointBuilder - ok
14:21:07.0763 2776 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:21:07.0796 2776 AudioSrv - ok
14:21:07.0849 2776 [ 1992C2A1867D95AA3A0802539358D162 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
14:21:07.0870 2776 Autodesk Content Service - ok
14:21:07.0887 2776 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:21:07.0921 2776 AxInstSV - ok
14:21:07.0953 2776 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:21:07.0977 2776 b06bdrv - ok
14:21:08.0002 2776 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:21:08.0022 2776 b57nd60a - ok
14:21:08.0042 2776 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:21:08.0059 2776 BDESVC - ok
14:21:08.0067 2776 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:21:08.0100 2776 Beep - ok
14:21:08.0117 2776 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:21:08.0150 2776 BFE - ok
14:21:08.0188 2776 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:21:08.0224 2776 BITS - ok
14:21:08.0239 2776 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:21:08.0250 2776 blbdrive - ok
14:21:08.0275 2776 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:21:08.0286 2776 bowser - ok
14:21:08.0294 2776 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:21:08.0306 2776 BrFiltLo - ok
14:21:08.0320 2776 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:21:08.0331 2776 BrFiltUp - ok
14:21:08.0343 2776 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:21:08.0373 2776 BridgeMP - ok
14:21:08.0393 2776 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:21:08.0404 2776 Browser - ok
14:21:08.0422 2776 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:21:08.0434 2776 Brserid - ok
14:21:08.0449 2776 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:21:08.0460 2776 BrSerWdm - ok
14:21:08.0467 2776 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:21:08.0478 2776 BrUsbMdm - ok
14:21:08.0484 2776 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:21:08.0495 2776 BrUsbSer - ok
14:21:08.0520 2776 [ 227C8F308DE4AF4808E587465CEAB838 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
14:21:08.0532 2776 BTATH_A2DP - ok
14:21:08.0545 2776 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
14:21:08.0554 2776 BTATH_BUS - ok
14:21:08.0572 2776 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
14:21:08.0582 2776 BTATH_HCRP - ok
14:21:08.0593 2776 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
14:21:08.0603 2776 BTATH_LWFLT - ok
14:21:08.0617 2776 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
14:21:08.0627 2776 BTATH_RCP - ok
14:21:08.0641 2776 [ 486720DA2B3BB13D1080C83140C18B56 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
14:21:08.0654 2776 BtFilter - ok
14:21:08.0673 2776 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:21:08.0682 2776 BthEnum - ok
14:21:08.0708 2776 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:21:08.0720 2776 BTHMODEM - ok
14:21:08.0730 2776 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:21:08.0742 2776 BthPan - ok
14:21:08.0778 2776 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:21:08.0792 2776 BTHPORT - ok
14:21:08.0819 2776 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:21:08.0869 2776 bthserv - ok
14:21:08.0882 2776 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:21:08.0891 2776 BTHUSB - ok
14:21:08.0911 2776 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:21:08.0940 2776 cdfs - ok
14:21:08.0950 2776 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:21:08.0962 2776 cdrom - ok
14:21:08.0973 2776 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:21:09.0003 2776 CertPropSvc - ok
14:21:09.0011 2776 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:21:09.0023 2776 circlass - ok
14:21:09.0040 2776 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:21:09.0053 2776 CLFS - ok
14:21:09.0133 2776 [ DB26C2BA2AC0AB6BE1CFA59F61CE22DA ] CLHNServiceForPowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
14:21:09.0155 2776 CLHNServiceForPowerDVD - ok
14:21:09.0197 2776 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:21:09.0210 2776 clr_optimization_v2.0.50727_32 - ok
14:21:09.0242 2776 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:21:09.0264 2776 clr_optimization_v2.0.50727_64 - ok
14:21:09.0311 2776 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:21:09.0340 2776 clr_optimization_v4.0.30319_32 - ok
14:21:09.0350 2776 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:21:09.0366 2776 clr_optimization_v4.0.30319_64 - ok
14:21:09.0390 2776 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:21:09.0399 2776 CmBatt - ok
14:21:09.0419 2776 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:21:09.0427 2776 cmdide - ok
14:21:09.0451 2776 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
14:21:09.0470 2776 CNG - ok
14:21:09.0477 2776 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:21:09.0486 2776 Compbatt - ok
14:21:09.0494 2776 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:21:09.0506 2776 CompositeBus - ok
14:21:09.0509 2776 COMSysApp - ok
14:21:09.0608 2776 [ DFA689CFD323F38FD12F3AC22ED4C5B6 ] CoordinatorServiceHost C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
14:21:09.0634 2776 CoordinatorServiceHost - ok
14:21:09.0702 2776 [ 815F3180B5117E42E422188E9CCC89C6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:21:09.0722 2776 cphs - ok
14:21:09.0763 2776 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:21:09.0775 2776 crcdisk - ok
14:21:09.0815 2776 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:21:09.0849 2776 CryptSvc - ok
14:21:09.0875 2776 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:21:09.0899 2776 CSC - ok
14:21:09.0925 2776 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:21:09.0941 2776 CscService - ok
14:21:10.0046 2776 [ CB56D5F30199C35C37D9297B4D8CC3F7 ] CyberLink PowerDVD 11.0 Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
14:21:10.0058 2776 CyberLink PowerDVD 11.0 Monitor Service - ok
14:21:10.0075 2776 [ 6E65964F36E7E881A7C4533CD1F99E23 ] CyberLink PowerDVD 11.0 Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
14:21:10.0085 2776 CyberLink PowerDVD 11.0 Service - ok
14:21:10.0111 2776 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:21:10.0144 2776 DcomLaunch - ok
14:21:10.0165 2776 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:21:10.0198 2776 defragsvc - ok
14:21:10.0208 2776 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:21:10.0237 2776 DfsC - ok
14:21:10.0249 2776 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:21:10.0262 2776 Dhcp - ok
14:21:10.0282 2776 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:21:10.0311 2776 discache - ok
14:21:10.0326 2776 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:21:10.0334 2776 Disk - ok
14:21:10.0375 2776 [ 651DFF519ABF9464CEDAF8F1F0913E39 ] DlinkUDSMBus C:\Windows\syswow64\Drivers\DlinkUDSMBus.sys
14:21:10.0385 2776 DlinkUDSMBus - ok
14:21:10.0399 2776 [ CA1C992760EABB6E5F5511D88745C4A3 ] DlinkUDSTcpBus C:\Windows\syswow64\Drivers\DlinkUDSTcpBus.sys
14:21:10.0409 2776 DlinkUDSTcpBus - ok
14:21:10.0421 2776 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:21:10.0430 2776 dmvsc - ok
14:21:10.0449 2776 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:21:10.0460 2776 Dnscache - ok
14:21:10.0482 2776 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:21:10.0514 2776 dot3svc - ok
14:21:10.0525 2776 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:21:10.0555 2776 DPS - ok
14:21:10.0568 2776 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:21:10.0579 2776 drmkaud - ok
14:21:10.0617 2776 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:21:10.0629 2776 dtsoftbus01 - ok
14:21:10.0675 2776 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:21:10.0696 2776 DXGKrnl - ok
14:21:10.0722 2776 [ FE96AA1A36E76588C80DF1040286DDE1 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
14:21:10.0735 2776 eamonm - ok
14:21:10.0754 2776 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:21:10.0784 2776 EapHost - ok
14:21:10.0871 2776 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:21:10.0921 2776 ebdrv - ok
14:21:10.0942 2776 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:21:10.0954 2776 EFS - ok
14:21:10.0975 2776 [ 807BA90D47F8885C09E1D6AFBB706E18 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
14:21:10.0987 2776 ehdrv - ok
14:21:11.0031 2776 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:21:11.0055 2776 ehRecvr - ok
14:21:11.0067 2776 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:21:11.0077 2776 ehSched - ok
14:21:11.0187 2776 [ 4CB575D97653FA91FFB02DA3105EB084 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
14:21:11.0232 2776 ekrn - ok
14:21:11.0268 2776 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:21:11.0282 2776 elxstor - ok
14:21:11.0304 2776 [ 00A81DC02BA17FB4BFCFA026DC47458F ] epfw C:\Windows\system32\DRIVERS\epfw.sys
14:21:11.0316 2776 epfw - ok
14:21:11.0336 2776 [ 3B085449438B2BCFD09CC84A0B90D1DB ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
14:21:11.0345 2776 EpfwLWF - ok
14:21:11.0364 2776 [ 91D54747A07F56ADCE1B6CFD3387AF60 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
14:21:11.0374 2776 epfwwfp - ok
14:21:11.0387 2776 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:21:11.0396 2776 ErrDev - ok
14:21:11.0420 2776 [ 05B0DCDA418E297A1B4CD8D7B8ADE403 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
14:21:11.0429 2776 ETD - ok
14:21:11.0457 2776 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:21:11.0490 2776 EventSystem - ok
14:21:11.0506 2776 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:21:11.0536 2776 exfat - ok
14:21:11.0557 2776 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:21:11.0589 2776 fastfat - ok
14:21:11.0606 2776 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:21:11.0621 2776 Fax - ok
14:21:11.0636 2776 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:21:11.0646 2776 fdc - ok
14:21:11.0656 2776 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:21:11.0685 2776 fdPHost - ok
14:21:11.0689 2776 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:21:11.0718 2776 FDResPub - ok
14:21:11.0727 2776 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:21:11.0736 2776 FileInfo - ok
14:21:11.0750 2776 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:21:11.0780 2776 Filetrace - ok
14:21:11.0843 2776 [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:21:11.0877 2776 FLEXnet Licensing Service - ok
14:21:11.0942 2776 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
14:21:11.0979 2776 FLEXnet Licensing Service 64 - ok
14:21:11.0989 2776 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:21:11.0998 2776 flpydisk - ok
14:21:12.0021 2776 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:21:12.0033 2776 FltMgr - ok
14:21:12.0056 2776 [ 7DE8A770487FC4B5E3A168AD97E1D370 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
14:21:12.0068 2776 FLxHCIc - ok
14:21:12.0083 2776 [ 2D54A3319FC955029E4B371CDC088FF4 ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
14:21:12.0100 2776 FLxHCIh - ok
14:21:12.0136 2776 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
14:21:12.0169 2776 FontCache - ok
14:21:12.0227 2776 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:21:12.0249 2776 FontCache3.0.0.0 - ok
14:21:12.0263 2776 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:21:12.0282 2776 FsDepends - ok
14:21:12.0302 2776 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
14:21:12.0313 2776 fssfltr - ok
14:21:12.0393 2776 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:21:12.0432 2776 fsssvc - ok
14:21:12.0453 2776 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:21:12.0461 2776 Fs_Rec - ok
14:21:12.0485 2776 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:21:12.0499 2776 fvevol - ok
14:21:12.0519 2776 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:21:12.0528 2776 gagp30kx - ok
14:21:12.0543 2776 [ 14908F4F9005C29DE8F5587E271390EE ] gfibto C:\Windows\system32\drivers\gfibto.sys
14:21:12.0556 2776 gfibto - ok
14:21:12.0559 2776 gHidPnp - ok
14:21:12.0564 2776 gMouUsb - ok
14:21:12.0596 2776 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:21:12.0630 2776 gpsvc - ok
14:21:12.0678 2776 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:21:12.0686 2776 gupdate - ok
14:21:12.0691 2776 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:21:12.0699 2776 gupdatem - ok
14:21:12.0725 2776 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:21:12.0734 2776 gusvc - ok
14:21:12.0756 2776 [ F8F0851D336C3B88DBD7232B6348E09A ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:21:12.0766 2776 hamachi - ok
14:21:12.0768 2776 Hardlock - ok
14:21:12.0790 2776 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:21:12.0799 2776 hcw85cir - ok
14:21:12.0812 2776 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:21:12.0827 2776 HdAudAddService - ok
14:21:12.0839 2776 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:21:12.0852 2776 HDAudBus - ok
14:21:12.0866 2776 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:21:12.0876 2776 HidBatt - ok
14:21:12.0888 2776 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:21:12.0901 2776 HidBth - ok
14:21:12.0913 2776 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:21:12.0926 2776 HidIr - ok
14:21:12.0944 2776 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:21:12.0974 2776 hidserv - ok
14:21:13.0012 2776 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:21:13.0023 2776 HidUsb - ok
14:21:13.0035 2776 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:21:13.0064 2776 hkmsvc - ok
14:21:13.0081 2776 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:21:13.0093 2776 HomeGroupListener - ok
14:21:13.0124 2776 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:21:13.0136 2776 HomeGroupProvider - ok
14:21:13.0152 2776 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:21:13.0161 2776 HpSAMD - ok
14:21:13.0176 2776 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
14:21:13.0192 2776 HTCAND64 - ok
14:21:13.0241 2776 [ 5C8BC8A28798FD010E7ABC4E0D588CAA ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
14:21:13.0263 2776 HTCMonitorService - ok
14:21:13.0277 2776 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
14:21:13.0291 2776 htcnprot - ok
14:21:13.0318 2776 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:21:13.0352 2776 HTTP - ok
14:21:13.0372 2776 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:21:13.0381 2776 hwpolicy - ok
14:21:13.0390 2776 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:21:13.0400 2776 i8042prt - ok
14:21:13.0434 2776 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:21:13.0449 2776 iaStor - ok
14:21:13.0481 2776 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:21:13.0494 2776 iaStorV - ok
14:21:13.0548 2776 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:21:13.0580 2776 idsvc - ok
14:21:13.0679 2776 [ 348214F96642FD4FEF630DE021BA3540 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:21:13.0738 2776 igfx - ok
14:21:13.0780 2776 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:21:13.0806 2776 iirsp - ok
14:21:13.0894 2776 [ CE1EE31FFF730CA975A5535D8A71AF61 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
14:21:13.0906 2776 IJPLMSVC - ok
14:21:13.0953 2776 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:21:13.0998 2776 IKEEXT - ok
14:21:14.0077 2776 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:21:14.0137 2776 IntcAzAudAddService - ok
14:21:14.0159 2776 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:21:14.0171 2776 IntcDAud - ok
14:21:14.0185 2776 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:21:14.0193 2776 intelide - ok
14:21:14.0213 2776 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:21:14.0224 2776 intelppm - ok
14:21:14.0246 2776 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:21:14.0276 2776 IPBusEnum - ok
14:21:14.0292 2776 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:21:14.0320 2776 IpFilterDriver - ok
14:21:14.0351 2776 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:21:14.0365 2776 iphlpsvc - ok
14:21:14.0381 2776 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:21:14.0392 2776 IPMIDRV - ok
14:21:14.0403 2776 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:21:14.0433 2776 IPNAT - ok
14:21:14.0443 2776 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:21:14.0456 2776 IRENUM - ok
14:21:14.0470 2776 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:21:14.0479 2776 isapnp - ok
14:21:14.0496 2776 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:21:14.0508 2776 iScsiPrt - ok
14:21:14.0531 2776 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:21:14.0540 2776 kbdclass - ok
14:21:14.0557 2776 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:21:14.0567 2776 kbdhid - ok
14:21:14.0588 2776 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
14:21:14.0597 2776 kbfiltr - ok
14:21:14.0607 2776 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:21:14.0616 2776 KeyIso - ok
14:21:14.0647 2776 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:21:14.0656 2776 KSecDD - ok
14:21:14.0677 2776 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:21:14.0687 2776 KSecPkg - ok
14:21:14.0708 2776 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:21:14.0737 2776 ksthunk - ok
14:21:14.0777 2776 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:21:14.0809 2776 KtmRm - ok
14:21:14.0827 2776 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
14:21:14.0836 2776 L1C - ok
14:21:14.0860 2776 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:21:14.0891 2776 LanmanServer - ok
14:21:14.0916 2776 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:21:14.0946 2776 LanmanWorkstation - ok
14:21:14.0969 2776 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:21:14.0999 2776 lltdio - ok
14:21:15.0028 2776 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:21:15.0059 2776 lltdsvc - ok
14:21:15.0070 2776 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:21:15.0101 2776 lmhosts - ok
14:21:15.0118 2776 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:21:15.0127 2776 LSI_FC - ok
14:21:15.0144 2776 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:21:15.0154 2776 LSI_SAS - ok
14:21:15.0171 2776 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:21:15.0179 2776 LSI_SAS2 - ok
14:21:15.0193 2776 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:21:15.0202 2776 LSI_SCSI - ok
14:21:15.0213 2776 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:21:15.0243 2776 luafv - ok
14:21:15.0262 2776 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
14:21:15.0273 2776 MarvinBus - ok
14:21:15.0299 2776 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:21:15.0310 2776 Mcx2Svc - ok
14:21:15.0318 2776 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:21:15.0326 2776 megasas - ok
14:21:15.0345 2776 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:21:15.0357 2776 MegaSR - ok
14:21:15.0375 2776 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:21:15.0384 2776 MEIx64 - ok
14:21:15.0473 2776 [ 867345C9FC3C937D17CB1FAF15CB540C ] mitsijm2012 C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
14:21:15.0491 2776 mitsijm2012 - ok
14:21:15.0522 2776 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:21:15.0552 2776 MMCSS - ok
14:21:15.0568 2776 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:21:15.0598 2776 Modem - ok
14:21:15.0612 2776 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:21:15.0623 2776 monitor - ok
14:21:15.0636 2776 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:21:15.0645 2776 mouclass - ok
14:21:15.0660 2776 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:21:15.0671 2776 mouhid - ok
14:21:15.0684 2776 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:21:15.0693 2776 mountmgr - ok
14:21:15.0723 2776 [ F9359ADA531A75FB98FA7A864B97D30B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:21:15.0753 2776 MozillaMaintenance - ok
14:21:15.0770 2776 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:21:15.0783 2776 mpio - ok
14:21:15.0801 2776 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:21:15.0834 2776 mpsdrv - ok
14:21:15.0867 2776 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:21:15.0904 2776 MpsSvc - ok
14:21:15.0942 2776 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:21:15.0972 2776 MRxDAV - ok
14:21:15.0999 2776 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:21:16.0017 2776 mrxsmb - ok
14:21:16.0026 2776 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:21:16.0037 2776 mrxsmb10 - ok
14:21:16.0042 2776 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:21:16.0052 2776 mrxsmb20 - ok
14:21:16.0075 2776 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:21:16.0083 2776 msahci - ok
14:21:16.0104 2776 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:21:16.0114 2776 msdsm - ok
14:21:16.0129 2776 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:21:16.0141 2776 MSDTC - ok
14:21:16.0157 2776 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:21:16.0186 2776 Msfs - ok
14:21:16.0195 2776 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:21:16.0224 2776 mshidkmdf - ok
14:21:16.0232 2776 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:21:16.0239 2776 msisadrv - ok
14:21:16.0261 2776 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:21:16.0292 2776 MSiSCSI - ok
14:21:16.0296 2776 msiserver - ok
14:21:16.0311 2776 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:21:16.0339 2776 MSKSSRV - ok
14:21:16.0353 2776 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:21:16.0381 2776 MSPCLOCK - ok
14:21:16.0393 2776 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:21:16.0422 2776 MSPQM - ok
14:21:16.0438 2776 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:21:16.0451 2776 MsRPC - ok
14:21:16.0468 2776 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:21:16.0476 2776 mssmbios - ok
14:21:16.0526 2776 MSSQL$ECSQLEXPRESS - ok
14:21:16.0564 2776 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
14:21:16.0584 2776 MSSQLServerADHelper - ok
14:21:16.0604 2776 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:21:16.0637 2776 MSTEE - ok
14:21:16.0652 2776 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:21:16.0662 2776 MTConfig - ok
14:21:16.0678 2776 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:21:16.0687 2776 Mup - ok
14:21:16.0716 2776 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:21:16.0749 2776 napagent - ok
14:21:16.0763 2776 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:21:16.0778 2776 NativeWifiP - ok
14:21:16.0809 2776 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:21:16.0828 2776 NDIS - ok
14:21:16.0844 2776 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:21:16.0873 2776 NdisCap - ok
14:21:16.0883 2776 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:21:16.0913 2776 NdisTapi - ok
14:21:16.0926 2776 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:21:16.0954 2776 Ndisuio - ok
14:21:16.0965 2776 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:21:16.0994 2776 NdisWan - ok
14:21:17.0009 2776 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:21:17.0037 2776 NDProxy - ok
14:21:17.0047 2776 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:21:17.0076 2776 NetBIOS - ok
14:21:17.0095 2776 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:21:17.0125 2776 NetBT - ok
14:21:17.0135 2776 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:21:17.0145 2776 Netlogon - ok
14:21:17.0177 2776 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:21:17.0211 2776 Netman - ok
14:21:17.0271 2776 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:21:17.0282 2776 NetMsmqActivator - ok
14:21:17.0289 2776 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:21:17.0300 2776 NetPipeActivator - ok
14:21:17.0309 2776 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:21:17.0342 2776 netprofm - ok
14:21:17.0347 2776 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:21:17.0357 2776 NetTcpActivator - ok
14:21:17.0362 2776 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:21:17.0373 2776 NetTcpPortSharing - ok
14:21:17.0392 2776 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:21:17.0401 2776 nfrd960 - ok
14:21:17.0447 2776 [ 2C3D3486627418CE512AC6185D0793CF ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
14:21:17.0456 2776 NitroDriverReadSpool8 - ok
14:21:17.0477 2776 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:21:17.0489 2776 NlaSvc - ok
14:21:17.0544 2776 [ 60EF6771E349EB9173142AB34AFC5A4C ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
14:21:17.0552 2776 nlsX86cc - ok
14:21:17.0565 2776 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
14:21:17.0586 2776 nmwcd - ok
14:21:17.0610 2776 [ 41C1AC1F3613435EB32D67BCB80A5FA5 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
14:21:17.0630 2776 nmwcdc - ok
14:21:17.0643 2776 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:21:17.0672 2776 Npfs - ok
14:21:17.0703 2776 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:21:17.0758 2776 nsi - ok
14:21:17.0779 2776 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:21:17.0809 2776 nsiproxy - ok
14:21:17.0847 2776 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:21:17.0876 2776 Ntfs - ok
14:21:17.0947 2776 [ 7420B2E1F65642129B6E23BD42F752AA ] ntk_PowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys
14:21:17.0976 2776 ntk_PowerDVD - ok
14:21:17.0991 2776 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:21:18.0031 2776 Null - ok
14:21:18.0240 2776 [ EE6B7B6A54BCAFF516E30B1C15467495 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:21:18.0390 2776 nvlddmkm - ok
14:21:18.0415 2776 [ 4086D655D237E091ECC34BEC94E55C3E ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
14:21:18.0425 2776 nvpciflt - ok
14:21:18.0441 2776 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:21:18.0451 2776 nvraid - ok
14:21:18.0473 2776 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:21:18.0484 2776 nvstor - ok
14:21:18.0518 2776 [ 25626309AD2F81D47C829CCB5E46E478 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:21:18.0539 2776 nvsvc - ok
14:21:18.0636 2776 [ 7BAB808957880CF38EFC6816FEF7276E ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:21:18.0680 2776 nvUpdatusService - ok
14:21:18.0702 2776 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:21:18.0712 2776 nv_agp - ok
14:21:18.0725 2776 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:21:18.0736 2776 ohci1394 - ok
14:21:18.0763 2776 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:21:18.0776 2776 p2pimsvc - ok
14:21:18.0795 2776 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:21:18.0809 2776 p2psvc - ok
14:21:18.0823 2776 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:21:18.0834 2776 Parport - ok
14:21:18.0856 2776 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:21:18.0865 2776 partmgr - ok
14:21:18.0904 2776 [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
14:21:18.0909 2776 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
14:21:18.0909 2776 PassThru Service - detected UnsignedFile.Multi.Generic (1)
14:21:18.0936 2776 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:21:18.0951 2776 PcaSvc - ok
14:21:18.0967 2776 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
14:21:18.0976 2776 pccsmcfd - ok
14:21:19.0002 2776 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:21:19.0013 2776 pci - ok
14:21:19.0029 2776 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:21:19.0036 2776 pciide - ok
14:21:19.0055 2776 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:21:19.0066 2776 pcmcia - ok
14:21:19.0081 2776 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:21:19.0090 2776 pcw - ok
14:21:19.0112 2776 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:21:19.0147 2776 PEAUTH - ok
14:21:19.0188 2776 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:21:19.0211 2776 PeerDistSvc - ok
14:21:19.0235 2776 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:21:19.0246 2776 PerfHost - ok
14:21:19.0283 2776 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:21:19.0323 2776 pla - ok
14:21:19.0351 2776 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:21:19.0365 2776 PlugPlay - ok
14:21:19.0369 2776 PnkBstrA - ok
14:21:19.0377 2776 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:21:19.0386 2776 PNRPAutoReg - ok
14:21:19.0405 2776 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:21:19.0418 2776 PNRPsvc - ok
14:21:19.0442 2776 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:21:19.0474 2776 PolicyAgent - ok
14:21:19.0495 2776 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:21:19.0528 2776 Power - ok
14:21:19.0551 2776 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:21:19.0580 2776 PptpMiniport - ok
14:21:19.0605 2776 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:21:19.0615 2776 Processor - ok
14:21:19.0644 2776 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:21:19.0656 2776 ProfSvc - ok
14:21:19.0680 2776 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:21:19.0690 2776 ProtectedStorage - ok
14:21:19.0702 2776 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:21:19.0731 2776 Psched - ok
14:21:19.0789 2776 [ 07D57B890DD5693A6AB660CBAE8F91B4 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:21:19.0814 2776 PxHlpa64 - ok
14:21:19.0861 2776 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:21:19.0905 2776 ql2300 - ok
14:21:19.0911 2776 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:21:19.0920 2776 ql40xx - ok
14:21:19.0943 2776 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:21:19.0959 2776 QWAVE - ok
14:21:19.0971 2776 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:21:19.0985 2776 QWAVEdrv - ok
14:21:19.0998 2776 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:21:20.0027 2776 RasAcd - ok
14:21:20.0048 2776 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:21:20.0078 2776 RasAgileVpn - ok
14:21:20.0088 2776 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:21:20.0120 2776 RasAuto - ok
14:21:20.0133 2776 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:21:20.0161 2776 Rasl2tp - ok
14:21:20.0179 2776 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:21:20.0210 2776 RasMan - ok
14:21:20.0224 2776 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:21:20.0253 2776 RasPppoe - ok
14:21:20.0268 2776 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:21:20.0298 2776 RasSstp - ok
14:21:20.0317 2776 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:21:20.0347 2776 rdbss - ok
14:21:20.0371 2776 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:21:20.0383 2776 rdpbus - ok
14:21:20.0391 2776 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:21:20.0422 2776 RDPCDD - ok
14:21:20.0442 2776 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:21:20.0452 2776 RDPDR - ok
14:21:20.0467 2776 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:21:20.0496 2776 RDPENCDD - ok
14:21:20.0512 2776 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:21:20.0541 2776 RDPREFMP - ok
14:21:20.0566 2776 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:21:20.0575 2776 RdpVideoMiniport - ok
14:21:20.0596 2776 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:21:20.0607 2776 RDPWD - ok
14:21:20.0627 2776 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:21:20.0637 2776 rdyboost - ok
14:21:20.0720 2776 [ A72DA88FE7AD7A9483015787FEC8B6BA ] Remote Solver for Flow Simulation 2012 C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
14:21:20.0738 2776 Remote Solver for Flow Simulation 2012 ( UnsignedFile.Multi.Generic ) - warning
14:21:20.0738 2776 Remote Solver for Flow Simulation 2012 - detected UnsignedFile.Multi.Generic (1)
14:21:20.0777 2776 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:21:20.0835 2776 RemoteAccess - ok
14:21:20.0857 2776 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:21:20.0888 2776 RemoteRegistry - ok
14:21:20.0912 2776 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:21:20.0925 2776 RFCOMM - ok
14:21:20.0968 2776 [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
14:21:20.0977 2776 RichVideo - ok
14:21:20.0995 2776 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:21:21.0025 2776 RpcEptMapper - ok
14:21:21.0040 2776 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:21:21.0052 2776 RpcLocator - ok
14:21:21.0072 2776 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:21:21.0105 2776 RpcSs - ok
14:21:21.0123 2776 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:21:21.0152 2776 rspndr - ok
14:21:21.0169 2776 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:21:21.0178 2776 s3cap - ok
14:21:21.0187 2776 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:21:21.0196 2776 SamSs - ok
14:21:21.0218 2776 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:21:21.0227 2776 sbp2port - ok
14:21:21.0248 2776 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:21:21.0280 2776 SCardSvr - ok
14:21:21.0293 2776 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:21:21.0321 2776 scfilter - ok
14:21:21.0345 2776 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:21:21.0383 2776 Schedule - ok
14:21:21.0408 2776 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:21:21.0436 2776 SCPolicySvc - ok
14:21:21.0449 2776 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:21:21.0461 2776 SDRSVC - ok
14:21:21.0477 2776 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:21:21.0506 2776 secdrv - ok
14:21:21.0521 2776 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:21:21.0551 2776 seclogon - ok
14:21:21.0604 2776 [ CFB11072D2F15D3C8DC497544DDF950B ] SENADB C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmdb.exe
14:21:21.0629 2776 SENADB - ok
14:21:21.0646 2776 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:21:21.0681 2776 SENS - ok
14:21:21.0703 2776 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:21:21.0713 2776 SensrSvc - ok
14:21:21.0717 2776 Sentinel - ok
14:21:21.0740 2776 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
14:21:21.0749 2776 Serenum - ok
14:21:21.0755 2776 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
14:21:21.0764 2776 Serial - ok
14:21:21.0770 2776 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:21:21.0780 2776 sermouse - ok
14:21:21.0830 2776 [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
14:21:21.0852 2776 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
14:21:21.0852 2776 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
14:21:21.0909 2776 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:21:21.0976 2776 SessionEnv - ok
14:21:21.0981 2776 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:21:21.0993 2776 sffdisk - ok
14:21:21.0997 2776 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:21:22.0009 2776 sffp_mmc - ok
14:21:22.0014 2776 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:21:22.0025 2776 sffp_sd - ok
14:21:22.0029 2776 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:21:22.0039 2776 sfloppy - ok
14:21:22.0067 2776 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:21:22.0099 2776 SharedAccess - ok
14:21:22.0113 2776 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:21:22.0144 2776 ShellHWDetection - ok
14:21:22.0149 2776 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
14:21:22.0160 2776 SiSGbeLH - ok
14:21:22.0164 2776 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:21:22.0173 2776 SiSRaid2 - ok
14:21:22.0178 2776 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:21:22.0188 2776 SiSRaid4 - ok
14:21:22.0250 2776 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:21:22.0283 2776 SkypeUpdate - ok
14:21:22.0296 2776 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:21:22.0333 2776 Smb - ok
14:21:22.0354 2776 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:21:22.0365 2776 SNMPTRAP - ok
14:21:22.0426 2776 [ 4945020BC094C322571184A6E8056B3A ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
14:21:22.0437 2776 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:21:22.0437 2776 SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:21:22.0464 2776 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:21:22.0481 2776 spldr - ok
14:21:22.0522 2776 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:21:22.0551 2776 Spooler - ok
14:21:22.0634 2776 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:21:22.0699 2776 sppsvc - ok
14:21:22.0715 2776 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:21:22.0747 2776 sppuinotify - ok
14:21:22.0771 2776 [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd C:\Windows\System32\Drivers\sptd.sys
14:21:22.0823 2776 sptd - ok
14:21:22.0880 2776 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:21:22.0902 2776 SQLBrowser - ok
14:21:22.0941 2776 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:21:22.0954 2776 SQLWriter - ok
14:21:22.0983 2776 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:21:23.0003 2776 srv - ok
14:21:23.0016 2776 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:21:23.0029 2776 srv2 - ok
14:21:23.0046 2776 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:21:23.0057 2776 srvnet - ok
14:21:23.0091 2776 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:21:23.0122 2776 SSDPSRV - ok
14:21:23.0135 2776 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:21:23.0166 2776 SstpSvc - ok
14:21:23.0176 2776 Steam Client Service - ok
14:21:23.0270 2776 [ 2222073BE0232E70A397B8302293AA9D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:21:23.0302 2776 Stereo Service - ok
14:21:23.0325 2776 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:21:23.0339 2776 stexstor - ok
14:21:23.0369 2776 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:21:23.0390 2776 stisvc - ok
14:21:23.0410 2776 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:21:23.0418 2776 storflt - ok
14:21:23.0450 2776 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:21:23.0461 2776 StorSvc - ok
14:21:23.0475 2776 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:21:23.0483 2776 storvsc - ok
14:21:23.0502 2776 [ 6F715D00024CB60C2B60278425AD6EC2 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
14:21:23.0512 2776 SWDUMon - ok
14:21:23.0522 2776 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:21:23.0530 2776 swenum - ok
14:21:23.0548 2776 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:21:23.0584 2776 swprv - ok
14:21:23.0616 2776 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:21:23.0646 2776 SysMain - ok
14:21:23.0661 2776 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:21:23.0676 2776 TabletInputService - ok
14:21:23.0691 2776 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
14:21:23.0701 2776 taphss - ok
14:21:23.0715 2776 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:21:23.0747 2776 TapiSrv - ok
14:21:23.0764 2776 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:21:23.0794 2776 TBS - ok
14:21:23.0851 2776 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:21:23.0884 2776 Tcpip - ok
14:21:23.0918 2776 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:21:23.0949 2776 TCPIP6 - ok
14:21:23.0981 2776 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:21:23.0990 2776 tcpipreg - ok
14:21:24.0026 2776 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:21:24.0035 2776 TDPIPE - ok
14:21:24.0058 2776 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:21:24.0067 2776 TDTCP - ok
14:21:24.0079 2776 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:21:24.0108 2776 tdx - ok
14:21:24.0122 2776 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:21:24.0131 2776 TermDD - ok
14:21:24.0160 2776 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:21:24.0196 2776 TermService - ok
14:21:24.0211 2776 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:21:24.0225 2776 Themes - ok
14:21:24.0251 2776 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:21:24.0280 2776 THREADORDER - ok
14:21:24.0294 2776 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:21:24.0324 2776 TrkWks - ok
14:21:24.0368 2776 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:21:24.0424 2776 TrustedInstaller - ok
14:21:24.0460 2776 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:21:24.0469 2776 tssecsrv - ok
14:21:24.0497 2776 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:21:24.0507 2776 TsUsbFlt - ok
14:21:24.0538 2776 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:21:24.0555 2776 TsUsbGD - ok
14:21:24.0659 2776 [ CFA80E9C4D744C8BC3C403D49E5DAC11 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
14:21:24.0694 2776 TuneUp.UtilitiesSvc - ok
14:21:24.0738 2776 [ 45427C4B8CAC6B241478F149B935CD80 ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
14:21:24.0749 2776 TuneUpUtilitiesDrv - ok
14:21:24.0769 2776 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:21:24.0799 2776 tunnel - ok
14:21:24.0817 2776 [ B355581A9DA34C92E2DBAFA410D2F829 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
14:21:24.0826 2776 TurboB - ok
14:21:24.0853 2776 [ 6564E84B1522C12EA1C3A181ED03276F ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
14:21:24.0860 2776 TurboBoost - ok
14:21:24.0873 2776 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:21:24.0882 2776 uagp35 - ok
14:21:24.0898 2776 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:21:24.0929 2776 udfs - ok
14:21:24.0954 2776 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:21:24.0965 2776 UI0Detect - ok
14:21:24.0975 2776 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:21:24.0985 2776 uliagpkx - ok
14:21:24.0990 2776 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:21:25.0000 2776 umbus - ok
14:21:25.0014 2776 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:21:25.0023 2776 UmPass - ok
14:21:25.0043 2776 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:21:25.0055 2776 UmRdpService - ok
14:21:25.0073 2776 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:21:25.0105 2776 upnphost - ok
14:21:25.0131 2776 [ 4E93C8496359E97830C75AC36393654D ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
14:21:25.0154 2776 upperdev - ok
14:21:25.0189 2776 [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:21:25.0199 2776 usbccgp - ok
14:21:25.0231 2776 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:21:25.0257 2776 usbcir - ok
14:21:25.0277 2776 [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:21:25.0289 2776 usbehci - ok
14:21:25.0312 2776 [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:21:25.0327 2776 usbhub - ok
14:21:25.0362 2776 [ 9406D801042FAF859CF81B2C886413DC ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:21:25.0374 2776 usbohci - ok
14:21:25.0401 2776 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:21:25.0416 2776 usbprint - ok
14:21:25.0440 2776 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:21:25.0455 2776 usbscan - ok
14:21:25.0486 2776 [ B57B4F0BEC4270A281B9F8537EB2FA04 ] usbser C:\Windows\system32\drivers\usbser.sys
14:21:25.0497 2776 usbser - ok
14:21:25.0522 2776 [ 8844CB19A37B65E27049D4A7786726A9 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
14:21:25.0549 2776 UsbserFilt - ok
14:21:25.0569 2776 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:21:25.0578 2776 USBSTOR - ok
14:21:25.0592 2776 [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:21:25.0601 2776 usbuhci - ok
14:21:25.0614 2776 [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:21:25.0624 2776 usbvideo - ok
14:21:25.0640 2776 [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
14:21:25.0650 2776 usb_rndisx - ok
14:21:25.0673 2776 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:21:25.0704 2776 UxSms - ok
14:21:25.0749 2776 [ 578860D0830386F112989B53A0C2E891 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
14:21:25.0774 2776 UxTuneUp - ok
14:21:25.0790 2776 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:21:25.0805 2776 VaultSvc - ok
14:21:25.0826 2776 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:21:25.0835 2776 vdrvroot - ok
14:21:25.0853 2776 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:21:25.0887 2776 vds - ok
14:21:25.0912 2776 [ 00CAFFC109C09D6F26425F5E0838495B ] VD_FileDisk C:\Windows\system32\drivers\VD_FileDisk.sys
14:21:25.0920 2776 VD_FileDisk - ok
14:21:25.0934 2776 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:21:25.0946 2776 vga - ok
14:21:25.0951 2776 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:21:25.0980 2776 VgaSave - ok
14:21:26.0000 2776 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:21:26.0011 2776 vhdmp - ok
14:21:26.0032 2776 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:21:26.0040 2776 viaide - ok
14:21:26.0072 2776 [ C37CE43FB54066FFB540729C6E6E194E ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
14:21:26.0090 2776 VideAceWindowsService - ok
14:21:26.0120 2776 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:21:26.0136 2776 vmbus - ok
14:21:26.0153 2776 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:21:26.0168 2776 VMBusHID - ok
14:21:26.0187 2776 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:21:26.0201 2776 volmgr - ok
14:21:26.0225 2776 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:21:26.0243 2776 volmgrx - ok
14:21:26.0254 2776 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:21:26.0267 2776 volsnap - ok
14:21:26.0285 2776 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:21:26.0295 2776 vsmraid - ok
14:21:26.0337 2776 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:21:26.0380 2776 VSS - ok
14:21:26.0394 2776 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:21:26.0405 2776 vwifibus - ok
14:21:26.0420 2776 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:21:26.0433 2776 vwififlt - ok
14:21:26.0452 2776 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:21:26.0484 2776 W32Time - ok
14:21:26.0498 2776 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:21:26.0507 2776 WacomPen - ok
14:21:26.0519 2776 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:21:26.0548 2776 WANARP - ok
14:21:26.0560 2776 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:21:26.0590 2776 Wanarpv6 - ok
14:21:26.0630 2776 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:21:26.0653 2776 WatAdminSvc - ok
14:21:26.0694 2776 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:21:26.0717 2776 wbengine - ok
14:21:26.0740 2776 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:21:26.0757 2776 WbioSrvc - ok
14:21:26.0773 2776 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:21:26.0792 2776 wcncsvc - ok
14:21:26.0808 2776 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:21:26.0819 2776 WcsPlugInService - ok
14:21:26.0843 2776 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:21:26.0851 2776 Wd - ok
14:21:26.0874 2776 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
14:21:26.0883 2776 WDC_SAM - ok
14:21:26.0911 2776 [ FA24FBE15A8036387ECC013D06094F3D ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
14:21:26.0915 2776 WDDMService ( UnsignedFile.Multi.Generic ) - warning
14:21:26.0915 2776 WDDMService - detected UnsignedFile.Multi.Generic (1)
14:21:26.0960 2776 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:21:26.0979 2776 Wdf01000 - ok
14:21:26.0998 2776 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:21:27.0014 2776 WdiServiceHost - ok
14:21:27.0029 2776 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:21:27.0045 2776 WdiSystemHost - ok
14:21:27.0069 2776 [ 138AB06ADBBF300AA804D7974A5AEC82 ] WDSmartWareBackgroundService C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
14:21:27.0072 2776 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning
14:21:27.0072 2776 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1)
14:21:27.0112 2776 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\Windows\System32\webclnt.dll
14:21:27.0125 2776 WebClient - ok
14:21:27.0145 2776 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:21:27.0158 2776 Wecsvc - ok
14:21:27.0167 2776 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:21:27.0198 2776 wercplsupport - ok
14:21:27.0211 2776 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:21:27.0241 2776 WerSvc - ok
14:21:27.0263 2776 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:21:27.0291 2776 WfpLwf - ok
14:21:27.0317 2776 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
14:21:27.0328 2776 WimFltr - ok
14:21:27.0341 2776 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:21:27.0349 2776 WIMMount - ok
14:21:27.0372 2776 WinDefend - ok
14:21:27.0383 2776 WinHttpAutoProxySvc - ok
14:21:27.0424 2776 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:21:27.0457 2776 Winmgmt - ok
14:21:27.0529 2776 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll
14:21:27.0570 2776 WinRM - ok
14:21:27.0636 2776 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:21:27.0649 2776 WinUsb - ok
14:21:27.0675 2776 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:21:27.0697 2776 Wlansvc - ok
14:21:27.0737 2776 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files (x86)\Windows Live\Mesh\wlcrasvc.exe
14:21:27.0745 2776 wlcrasvc - ok
14:21:27.0839 2776 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:21:27.0884 2776 wlidsvc - ok
14:21:27.0933 2776 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:21:27.0943 2776 WmiAcpi - ok
14:21:27.0970 2776 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:21:27.0981 2776 wmiApSrv - ok
14:21:27.0997 2776 WMPNetworkSvc - ok
14:21:28.0023 2776 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:21:28.0036 2776 WPCSvc - ok
14:21:28.0050 2776 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:21:28.0063 2776 WPDBusEnum - ok
14:21:28.0088 2776 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:21:28.0118 2776 ws2ifsl - ok
14:21:28.0131 2776 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
14:21:28.0147 2776 wscsvc - ok
14:21:28.0152 2776 WSearch - ok
14:21:28.0208 2776 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:21:28.0247 2776 wuauserv - ok
14:21:28.0286 2776 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:21:28.0296 2776 WudfPf - ok
14:21:28.0314 2776 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:21:28.0324 2776 WUDFRd - ok
14:21:28.0349 2776 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:21:28.0360 2776 wudfsvc - ok
14:21:28.0391 2776 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:21:28.0403 2776 WwanSvc - ok
14:21:28.0477 2776 [ 1870A74EE2901CA09FFBFE79A5EE0E94 ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
14:21:28.0506 2776 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
14:21:28.0529 2776 ================ Scan global ===============================
14:21:28.0606 2776 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:21:28.0634 2776 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
14:21:28.0650 2776 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
14:21:28.0678 2776 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:21:28.0703 2776 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:21:28.0711 2776 [Global] - ok
14:21:28.0712 2776 ================ Scan MBR ==================================
14:21:28.0722 2776 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:21:29.0055 2776 \Device\Harddisk0\DR0 - ok
14:21:29.0100 2776 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
14:21:29.0205 2776 \Device\Harddisk1\DR1 - ok
14:21:29.0206 2776 ================ Scan VBR ==================================
14:21:29.0211 2776 [ 77C7057CB54D33BF1F193DC576265EB5 ] \Device\Harddisk0\DR0\Partition1
14:21:29.0214 2776 \Device\Harddisk0\DR0\Partition1 - ok
14:21:29.0242 2776 [ D37D27B4E186FC0411A2524224440910 ] \Device\Harddisk0\DR0\Partition2
14:21:29.0245 2776 \Device\Harddisk0\DR0\Partition2 - ok
14:21:29.0249 2776 [ 7EEB95B4DA1CF172B37807B59609AE25 ] \Device\Harddisk1\DR1\Partition1
14:21:29.0251 2776 \Device\Harddisk1\DR1\Partition1 - ok
14:21:29.0252 2776 ============================================================
14:21:29.0252 2776 Scan finished
14:21:29.0252 2776 ============================================================
14:21:29.0264 3008 Detected object count: 8
14:21:29.0264 3008 Actual detected object count: 8
14:21:50.0003 3008 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
14:21:50.0004 3008 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:21:50.0006 3008 AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:21:50.0006 3008 AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:21:50.0008 3008 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:21:50.0008 3008 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:21:50.0011 3008 Remote Solver for Flow Simulation 2012 ( UnsignedFile.Multi.Generic ) - skipped by user
14:21:50.0011 3008 Remote Solver for Flow Simulation 2012 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:21:50.0013 3008 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
14:21:50.0013 3008 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:21:50.0016 3008 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:21:50.0016 3008 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:21:50.0019 3008 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user
14:21:50.0019 3008 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:21:50.0022 3008 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - skipped by user
14:21:50.0022 3008 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - User select action: Skip

#4 Příspěvek od **vyosek** » 06 lis 2013 14:26

Tady to vypada ciste, mrkneme dale

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbar
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

feraf · #5 Příspěvek od **feraf** » 06 lis 2013 15:43

Nic mi to nenašlo. ještě jsem ten soubor našel přez průzkumník a spustil kontrolu toho souboru a nic to nenašlo, ale když dám kontrolovat paměť a boot sektor tak to ukáže ten troják.
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org

Database version: v2013.11.06.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Admin :: FERAF-NB [administrator]

6.11.2013 15:15:54
mbar-log-2013-11-06 (15-15-54).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 367672
Time elapsed: 21 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

#6 Příspěvek od **vyosek** » 06 lis 2013 18:32

Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe

Ulozte nejlepe na plochu
Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Report
Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte

feraf · #7 Příspěvek od **feraf** » 06 lis 2013 18:35

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 7 Service Pack 1 (64 bit)
PROCESSOR      : Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
BOOT           : Normal Boot
DATE           : 2013/11/06 (ISO 8601) at 18:35:14
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST975042 0AS (0002)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk1\DR1 __ST975042 0AS (0002)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	698.6 Go  [Fixed] ==> 7 MBR Code

MBR_MD5   : 36D5F8CF60B4E9F7529D3F2FDF4791B3
MBR_SHA1  : D3CE60494B539AA11A501EC202319FB721F2EECE

Device\Harddisk0\Partition1	25.00 Go  	0x1C Hidden FAT32 [LBA] 
Device\Harddisk0\Partition2	305.7 Go  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition3	368.0 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk1\DR1	698.6 Go  [Fixed] ==> Unknown MBR Code .

MBR_MD5   : A691665FF50E0611D7433373D650EE98
MBR_SHA1  : C270FDCEA703BD0F5B7D9CFF76A7667089784C1C

Device\Harddisk1\Partition1	698.6 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x03407000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00B9C000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00CA3000
SIZE    : 316.0 Ko

DRIVER  : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00D06000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00E68000
SIZE    : 768.0 Ko

DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00F28000
SIZE    : 776.0 Ko

DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00FEA000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\Drivers\sptd.sys => Invisible on the disk
ADDRESS : 0x0107A000
SIZE    : 1.45 Mo

DRIVER  : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE    : 348.0 Ko

DRIVER  : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x01057000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x01060000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x0106A000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE    : 204.0 Ko

DRIVER  : C:\Windows\system32\drivers\gfibto.sys => Invisible on the disk
ADDRESS : 0x011EE000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00E33000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\compbatt.sys => Invisible on the disk
ADDRESS : 0x011F5000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0x00E48000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00D64000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x00D79000
SIZE    : 368.0 Ko

DRIVER  : C:\Windows\system32\drivers\pciide.sys => Invisible on the disk
ADDRESS : 0x00E54000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\system32\drivers\PCIIDEX.SYS => Invisible on the disk
ADDRESS : 0x00DD5000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x00DE5000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\iaStor.sys => Invisible on the disk
ADDRESS : 0x01293000
SIZE    : 1.33 Mo

DRIVER  : C:\Windows\system32\drivers\atapi.sys => Invisible on the disk
ADDRESS : 0x013E7000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\ataport.SYS => Invisible on the disk
ADDRESS : 0x01200000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\system32\drivers\msahci.sys => Invisible on the disk
ADDRESS : 0x0122A000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x01235000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x01240000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x00C00000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\System32\Drivers\PxHlpa64.sys => Invisible on the disk
ADDRESS : 0x013F0000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x0141B000
SIZE    : 1.63 Mo

DRIVER  : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x00C14000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x015BD000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x01668000
SIZE    : 456.0 Ko

DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x016DA000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x016EB000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x016F5000
SIZE    : 968.0 Ko

DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01600000
SIZE    : 384.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x00C72000
SIZE    : 172.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01800000
SIZE    : 2.00 Mo

DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x01A36000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\epfwwfp.sys => Invisible on the disk
ADDRESS : 0x01A7F000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\vmstorfl.sys => Invisible on the disk
ADDRESS : 0x01A94000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x01AA4000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x01AF0000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x01AF8000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nvpciflt.sys => Invisible on the disk
ADDRESS : 0x01B32000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x01B3C000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x01B4E000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x01B57000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\system32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x01B91000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01BA7000
SIZE    : 192.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aoar7e3c.SYS => Invisible on the disk
ADDRESS : 0x044CF000
SIZE    : 324.0 Ko

DRIVER  : C:\Windows\System32\Drivers\SCSIPORT.SYS => Invisible on the disk
ADDRESS : 0x04520000
SIZE    : 188.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x0454F000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\eamonm.sys => Invisible on the disk
ADDRESS : 0x04400000
SIZE    : 824.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x04579000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x04582000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ehdrv.sys => Invisible on the disk
ADDRESS : 0x04589000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x045B6000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x045C4000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x045E9000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x043B1000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x043BA000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x043C3000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x043CC000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x043D7000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x04200000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x04222000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x04647000
SIZE    : 548.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x046D0000
SIZE    : 276.0 Ko

DRIVER  : C:\Windows\system32\drivers\ws2ifsl.sys => Invisible on the disk
ADDRESS : 0x04715000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x04720000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x04729000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x0474F000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\EpfwLWF.sys => Invisible on the disk
ADDRESS : 0x04765000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x04773000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x04782000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\System32\Drivers\VD_FileDisk.SYS => Invisible on the disk
ADDRESS : 0x0479D000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\termdd.sys => Invisible on the disk
ADDRESS : 0x047A7000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x04ABD000
SIZE    : 324.0 Ko

DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x04B0E000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mssmbios.sys => Invisible on the disk
ADDRESS : 0x04B1A000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x04B25000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\csc.sys => Invisible on the disk
ADDRESS : 0x04B34000
SIZE    : 524.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x04BB7000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x04BD5000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x04A00000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nvlddmkm.sys => Invisible on the disk
ADDRESS : 0x058C2000
SIZE    : 10.89 Mo

DRIVER  : C:\Windows\System32\Drivers\nvBridge.kmd => Invisible on the disk
ADDRESS : 0x063A7000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x05070000
SIZE    : 976.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x05164000
SIZE    : 280.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HECIx64.sys => Invisible on the disk
ADDRESS : 0x06BB5000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0x06BC6000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x06600000
SIZE    : 344.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x06656000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\athrx.sys => Invisible on the disk
ADDRESS : 0x05224000
SIZE    : 2.65 Mo

DRIVER  : C:\Windows\system32\DRIVERS\vwifibus.sys => Invisible on the disk
ADDRESS : 0x054CA000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\FLxHCIc.sys => Invisible on the disk
ADDRESS : 0x054D7000
SIZE    : 200.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\i8042prt.sys => Invisible on the disk
ADDRESS : 0x0551E000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ETD.sys => Invisible on the disk
ADDRESS : 0x0553C000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x05561000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\kbfiltr.sys => Invisible on the disk
ADDRESS : 0x05570000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
ADDRESS : 0x05578000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\CmBatt.sys => Invisible on the disk
ADDRESS : 0x05587000
SIZE    : 20.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x0558C000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk
ADDRESS : 0x05595000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x055AB000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x055D3000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x05200000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x055E9000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x051AA000
SIZE    : 188.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x0667A000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x06BD7000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x051D9000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdpbus.sys => Invisible on the disk
ADDRESS : 0x055F5000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\swenum.sys => Invisible on the disk
ADDRESS : 0x06BF8000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ks.sys => Invisible on the disk
ADDRESS : 0x05000000
SIZE    : 268.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\btath_bus.sys => Invisible on the disk
ADDRESS : 0x05043000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\MarvinBus64.sys => Invisible on the disk
ADDRESS : 0x063A9000
SIZE    : 272.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\dtsoftbus01.sys => Invisible on the disk
ADDRESS : 0x05800000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the disk
ADDRESS : 0x0504E000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x05849000
SIZE    : 360.0 Ko

DRIVER  : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x058A3000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x09E0E000
SIZE    : 3.87 Mo

DRIVER  : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x04A26000
SIZE    : 244.0 Ko

DRIVER  : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x04A63000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x0A1ED000
SIZE    : 24.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\FLxHCIh.sys => Invisible on the disk
ADDRESS : 0x09AC6000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\udfs.sys => Invisible on the disk
ADDRESS : 0x09ADB000
SIZE    : 340.0 Ko

DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x000C0000
SIZE    : 3.09 Mo

DRIVER  : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x09B30000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\Drivers\USBD.SYS => Invisible on the disk
ADDRESS : 0x09B9B000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x09B9D000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_iaStor.sys => Invisible on the disk
ADDRESS : 0x0260A000
SIZE    : 1.33 Mo

DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x0275E000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk
ADDRESS : 0x02771000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x0277F000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x02798000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
ADDRESS : 0x027A1000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x027AE000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x027CB000
SIZE    : 184.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rfcomm.sys => Invisible on the disk
ADDRESS : 0x09BAB000
SIZE    : 176.0 Ko

DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00450000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x04A85000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\epfw.sys => Invisible on the disk
ADDRESS : 0x047BB000
SIZE    : 228.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x04AA8000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x098FC000
SIZE    : 332.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x0994F000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x09962000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\TurboB.sys => Invisible on the disk
ADDRESS : 0x0997A000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x09800000
SIZE    : 804.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x098C9000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x09989000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x099A1000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x0A85F000
SIZE    : 312.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x0A8AD000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x0A8F4000
SIZE    : 664.0 Ko

DRIVER  : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x0A99A000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x0A9A5000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x0A9D6000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x1F2AA000
SIZE    : 420.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x1F313000
SIZE    : 608.0 Ko

DRIVER  : C:\Windows\System32\drivers\ipnat.sys => Invisible on the disk
ADDRESS : 0x1F3AB000
SIZE    : 188.0 Ko

DRIVER  : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x1F200000
SIZE    : 216.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\rasacd.sys => Invisible on the disk
ADDRESS : 0x1F3E2000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\asyncmac.sys => Invisible on the disk
ADDRESS : 0x1F3EB000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x1F282000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
ADDRESS : 0x06695000
SIZE    : 5.11 Mo

DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00620000
SIZE    : 156.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x1F236000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\IntcDAud.sys => Invisible on the disk
ADDRESS : 0x09A6C000
SIZE    : 352.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\L1C62x64.sys => Invisible on the disk
ADDRESS : 0x1F25B000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x47970000
SIZE    : 128.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A A7 F6 C6 F3 00 00 00 20   em...c{.§öÆó... 
0x000001C0   21 00 1C FE FF FF 00 08 00 00 00 00 20 03 80 FE   !..þ........ ..þ
0x000001D0   FF FF 07 FE FF FF 00 08 20 03 00 70 35 26 00 FE   ...þ.... ..p5&.þ
0x000001E0   FF FF 0F FE FF FF 00 78 55 29 00 E8 FE 2D 00 00   ...þ...xU).èþ-..
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk1\DR1  

0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 6E 64 EF AC 00 00 00 20   ........ndï¬... 
0x000001C0   21 00 07 FE FF FF 00 08 00 00 00 50 54 57 00 00   !..þ.......PTW..
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

#8 Příspěvek od **vyosek** » 06 lis 2013 18:38

Nejak tusim chybu detekce ESETu

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

feraf · #9 Příspěvek od **feraf** » 06 lis 2013 18:54

tady je ten první log:
Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/06/2013 06:51:01 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ACEngSvr.exe (PID: 3988) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.exe\shell found and deleted!

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

20 out of 15300 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 11/06/2013 06:52:51 PM
Execution time: 0 hours(s), 1 minute(s), and 49 seconds(s)

#10 Příspěvek od **vyosek** » 06 lis 2013 19:11

Pokracujte ComboFixem

feraf · #11 Příspěvek od **feraf** » 06 lis 2013 19:42

ComboFix 13-11-04.01 - Admin 06.11.2013 19:03:58.3.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8103.4994 [GMT 1:00]
Spuštěný z: c:\users\Admin\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 192 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\delete.bat
c:\windows\SysWow64\SET5E56.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-06 do 2013-11-06 )))))))))))))))))))))))))))))))
.
.
2013-11-06 18:25 . 2013-11-06 18:25 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-06 18:25 . 2013-11-06 18:25 -------- d-----w- c:\users\sov2\AppData\Local\temp
2013-11-06 18:25 . 2013-11-06 18:25 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-06 18:25 . 2013-11-06 18:25 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\temp
2013-11-06 18:25 . 2013-11-06 18:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-06 18:25 . 2013-11-06 18:25 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-11-06 16:55 . 2013-11-06 16:55 -------- d-----w- c:\windows\SysWow64\Atheros_L1e
2013-11-06 16:54 . 2000-01-01 00:00 104048 ----a-w- c:\windows\system32\drivers\L1C62x64.sys
2013-11-06 16:53 . 2013-11-06 17:03 -------- d-----w- c:\windows\LastGood
2013-11-06 16:51 . 2000-01-01 00:00 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2013-11-06 16:45 . 2013-11-06 16:45 -------- d-----w- c:\program files (x86)\SlimDrivers
2013-11-06 14:15 . 2013-11-06 14:15 -------- d-----w- c:\programdata\Malwarebytes
2013-11-06 14:15 . 2013-11-06 14:39 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-11-06 14:15 . 2013-11-06 14:15 116440 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-11-06 13:37 . 2013-11-06 14:05 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-11-06 12:57 . 2013-11-06 12:57 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2013-11-06 12:52 . 2013-11-06 12:52 -------- d-----w- C:\rsit
2013-11-06 10:16 . 2013-11-06 10:16 -------- d-----w- c:\program files (x86)\ESET
2013-11-06 09:56 . 2013-11-06 09:56 -------- d-----w- c:\users\Admin\TUFRI
2013-11-06 09:55 . 2013-11-06 14:01 -------- d--h--w- c:\users\Admin\VVETC
2013-11-05 08:45 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{48AF9A46-55C7-4334-9090-F6D33EC27554}\mpengine.dll
2013-11-04 21:55 . 2013-11-04 21:56 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-11-04 21:42 . 2013-11-04 21:42 -------- d-----w- c:\program files\Adobe
2013-11-04 21:42 . 2013-11-04 21:44 -------- d-----w- c:\program files\Common Files\Adobe
2013-11-04 21:41 . 2013-11-04 21:41 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2013-11-04 21:41 . 2013-11-04 21:41 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2013-11-04 21:41 . 2012-06-22 02:01 56336 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2013-11-04 21:41 . 2012-04-24 02:01 11376 ------w- c:\windows\system32\drivers\cdralw2k.sys
2013-11-04 21:41 . 2012-04-24 02:01 10864 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2013-11-04 21:41 . 2013-11-04 21:41 -------- d-----w- c:\program files (x86)\My Company Name
2013-11-04 21:11 . 2013-11-04 21:11 -------- d-----w- c:\program files (x86)\Lame For Audacity
2013-11-04 20:59 . 2013-11-04 21:23 -------- d-----w- c:\users\Admin\AppData\Roaming\Audacity
2013-11-02 20:45 . 2013-11-02 20:45 -------- d-----w- c:\programdata\regid.1995-09.com.example
2013-11-02 20:45 . 2013-11-02 20:45 -------- d-----w- c:\program files (x86)\TV Online
2013-10-31 09:17 . 2013-10-31 09:18 -------- d-----w- c:\program files (x86)\MKVToolNix
2013-10-31 09:01 . 2013-10-31 09:01 -------- d-----w- c:\users\Admin\AppData\Roaming\Media Player Classic
2013-10-25 10:55 . 2013-10-25 10:55 -------- d-----w- c:\program files (x86)\EPSON_P2B
2013-10-25 10:55 . 2013-10-25 10:55 -------- d-----w- c:\users\Public\Epson
2013-10-25 10:55 . 2012-07-09 13:24 21504 ----a-w- c:\windows\system32\seapn1mLM.DLL
2013-10-25 10:55 . 2012-06-21 14:06 21504 ----a-w- c:\windows\system32\sea6n1mlm.dll
2013-10-21 15:21 . 2013-10-08 05:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-18 13:27 . 2013-10-18 13:27 -------- d-----w- c:\programdata\CanonIJ
2013-10-14 16:38 . 2013-10-30 12:46 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-10-09 08:17 . 2013-06-06 05:50 41472 ----a-w- c:\windows\system32\lpk.dll
2013-10-09 08:16 . 2013-08-29 02:17 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-10-09 08:15 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-09 08:15 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-09 08:15 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-09 08:15 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-09 08:15 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-09 08:15 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-09 08:15 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-02 06:22 . 2011-08-14 01:40 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-10-09 08:23 . 2011-12-07 18:14 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-08 20:39 . 2012-12-15 07:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-08 20:39 . 2012-12-15 07:05 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-16 15:15 . 2013-09-16 15:15 62136 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2013-09-16 15:15 . 2013-09-16 15:15 44120 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2013-09-16 15:15 . 2013-09-16 15:15 239320 ----a-w- c:\windows\system32\drivers\eamonm.sys
2013-09-16 15:15 . 2013-09-16 15:15 239296 ----a-w- c:\windows\system32\drivers\edevmon.sys
2013-09-16 15:15 . 2013-09-16 15:15 220232 ----a-w- c:\windows\system32\drivers\epfw.sys
2013-09-16 15:15 . 2013-09-16 15:15 168256 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2013-09-09 08:36 . 2013-09-20 12:44 40248 ----a-w- c:\windows\system32\TURegOpt.exe
2013-09-09 08:35 . 2013-09-20 12:47 42808 ----a-w- c:\windows\system32\uxtuneup.dll
2013-09-09 08:35 . 2013-09-20 12:47 35640 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2013-09-09 08:35 . 2013-02-21 06:39 29496 ----a-w- c:\windows\system32\authuitu.dll
2013-09-09 08:35 . 2013-02-21 06:39 25400 ----a-w- c:\windows\SysWow64\authuitu.dll
2013-09-03 12:35 . 2011-12-07 22:32 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-09 08:16 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Clipboard Recorder"="c:\program files (x86)\LW-WORKS Software\Clipboard Recorder\clipboard_recorder.exe" [2007-07-09 1843200]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-05-02 802136]
"Thunderbird"="c:\program files (x86)\Mozilla Thunderbird\thunderbird.exe" [2013-10-30 390256]
"Svátky a výročí"="c:\program files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe" [2006-04-28 1019904]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-02 20472992]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-04-29 3093624]
"WeatherWatcherLive"="c:\program files (x86)\Weather Watcher Live\ww.exe" [2013-06-05 1968296]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-04-26 3111744]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2013-04-11 89600]
"NERO"="c:\users\Admin\VVETC\PJMOCCCWLE-XUEWZ-FRDXYTBRCM.vbe" [2013-10-14 1713162]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-04-08 45448]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-08-24 230696]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-03-31 2018032]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
"LauncherM200DN"="c:\program files (x86)\EPSON_P2B\Printer Software\Launcher\selaunch.exe" [2012-09-13 2587056]
"M200DN RUN"="c:\program files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmRun.exe" [2012-09-13 362928]
"StatusAutoRunM200DN"="c:\program files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmpl.exe" [2012-09-13 4277680]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-10-17 2237328]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-3-31 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d [2011-8-14 12862]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-10-14 2111296]
WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe View=show_in_tray [2009-10-14 9085760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"D-Link SharePort"=c:\program files (x86)\D-Link\SharePort\SharePort.exe -mini
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
"CanonSolutionMenuEx"=c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [x]
R3 DlinkUDSTcpBus;DlinkUDSTcpBus;SysWOW64\Drivers\DlinkUDSTcpBus.sys;SysWOW64\Drivers\DlinkUDSTcpBus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys;c:\windows\SYSNATIVE\Drivers\gHidPnp.Sys [x]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys;c:\windows\SYSNATIVE\DRIVERS\gMouUsb.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Remote Solver for Flow Simulation 2012;Remote Solver for Flow Simulation 2012;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files (x86)\Windows Live\Mesh\wlcrasvc.exe;c:\program files (x86)\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 VD_FileDisk;VD_FileDisk; [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/12/07 22:51];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Atheros\Ath_CoexAgent.exe;c:\program files (x86)\Atheros\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [x]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [x]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 mitsijm2012;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2012;c:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [x]
S2 MSSQL$ECSQLEXPRESS;SQL Server (ECSQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 SENADB;SEcnStatutsDatabase;c:\program files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmdb.exe;c:\program files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmdb.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe;c:\expressgateutil\VAWinService.exe [x]
S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [x]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 DlinkUDSMBus;UDS Master Bus of Kernel USB Software Bus by TCP;SysWOW64\Drivers\DlinkUDSMBus.sys;SysWOW64\Drivers\DlinkUDSMBus.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - SWDUMon
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-15 20:39]
.
2013-11-06 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2013-08-31 17:06]
.
2013-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cec45facc60b31.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-04 08:41]
.
2013-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cec45fad956c2a.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-04 08:41]
.
2013-04-17 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20 20:52]
.
2013-07-29 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20 20:52]
.
2013-11-06 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24 11:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-10-16 17:02 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-10-16 17:02 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-10-16 17:02 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2000-01-01 1278024]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536]
"AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-03 1028896]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-09-25 472984]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2000-01-01 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2000-01-01 13425224]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.3.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\l0kb9nzi.default-1345666384894\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - about:newtab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-RunOnce-WinSat - winsat dwm -xml results.xml
AddRemove-Rainbow Sentinel Driver - c:\windows\SYSTEM32\RNBOSENT\SETUPX86.EXE
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2013-11-06 19:29:33
ComboFix-quarantined-files.txt 2013-11-06 18:29
.
Před spuštěním: Volných bajtů: 32 467 419 136
Po spuštění: Volných bajtů: 32 718 270 464
.
- - End Of File - - 84703596E9ECA03E54218B1EF5BBB5C1

feraf · #12 Příspěvek od **feraf** » 06 lis 2013 23:26

Jenom přikládám další výsledek kontroly PC.

feraf · #13 Příspěvek od **feraf** » 08 lis 2013 10:35

tak už se mi to podařilo odstranit tím že jsem šel na účet administrátora a spustil eset kontrolu a eset ten vir vymazal, ale ještě mi to zobrazuje při startu následující okno:

feraf · #14 Příspěvek od **feraf** » 08 lis 2013 10:37

ještě přikládám rist log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2013-11-08 10:33:45
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 27 GB (9%) free of 313 GB
Total RAM: 8103 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:33:54, on 8.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\LW-WORKS Software\Clipboard Recorder\clipboard_recorder.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Weather Watcher Live\ww.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\EPSON_P2B\Printer Software\Launcher\selaunch.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
O4 - HKLM\..\Run: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [LauncherM200DN] "C:\Program Files (x86)\EPSON_P2B\Printer Software\Launcher\selaunch.exe" /S EPSON AL-M200DN
O4 - HKLM\..\Run: [M200DN RUN] "C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmRun.exe"
O4 - HKLM\..\Run: [StatusAutoRunM200DN] "C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmpl.exe" EPSON WorkForce AL-M200DN,hide,\S
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [Clipboard Recorder] "C:\Program Files (x86)\LW-WORKS Software\Clipboard Recorder\clipboard_recorder.exe" -startup
O4 - HKCU\..\Run: [Thunderbird] C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe -mail
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [WeatherWatcherLive] "C:\Program Files (x86)\Weather Watcher Live\ww.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [NERO] C:\Users\Admin\VVETC\PJMOCCCWLE-XUEWZ-FRDXYTBRCM.vbe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-21-3139629809-717902037-1496562251-1021\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3139629809-717902037-1496562251-1021\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2012 (mitsijm2012) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Solver for Flow Simulation 2012 - Mentor Graphics Corporation - C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SEcnStatutsDatabase (SENADB) - Unknown owner - C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmdb.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17525 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
taskeng.exe {F7932928-161B-4468-93EF-647419703129}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sECSQLEXPRESS
"C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe"
C:\Windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmdb.exe"
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files\Intel\TurboBoost\TurboBoost.exe"
C:\ExpressGateUtil\VAWinService.exe
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3740
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\wbem\wmiprvse.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:3440
taskeng.exe {E3916495-9516-4699-AEB4-AB1D8F30968A}
ATKOSD.exe
KBFiltr.exe
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {71530ACC-802D-4B2A-B60F-7D1F118DDBBC}
WDC.exe
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\LW-WORKS Software\Clipboard Recorder\clipboard_recorder.exe" -startup
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" -mail
"C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Weather Watcher Live\ww.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
"C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe"
"C:\ExpressGateUtil\VAWinAgent.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe" View=show_in_tray
"C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\EPSON_P2B\Printer Software\Launcher\selaunch.exe" /S EPSON AL-M200DN
"C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmpl.exe" EPSON WorkForce AL-M200DN,hide,\S
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmW.exe"
\??\C:\Windows\system32\conhost.exe "4709500618908153741713984651439030013-8835057314545934331904907783-364110421
"C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" "-launchedbycsxs"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\/../CoreSync/CoreSync.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"D:\Dokumenty\Franta\programy\ochrana počítače\Nová složka\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cec45facc60b31.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cec45fad956c2a.job
C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job
C:\Windows\tasks\ParetoLogic Update Version3.job
C:\Windows\tasks\SlimDrivers Startup.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\l0kb9nzi.default-1345666384894

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:newtab"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nitropdf.com/NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\l0kb9nzi.default-1345666384894\extensions\
foxmarks@kei.com
mintrayr@tn123.ath.cx
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14 175776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll [2010-11-26 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14 4372120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2000-01-01 1278024]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"AtherosBtStack"=C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe [2010-11-26 613536]
"AthBtTray"=C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe [2010-11-26 379040]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-07-03 1028896]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25 472984]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2000-01-01 172016]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2000-01-01 399856]
"Persistence"=C:\Windows\system32\igfxpers.exe [2000-01-01 442352]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Clipboard Recorder"=C:\Program Files (x86)\LW-WORKS Software\Clipboard Recorder\clipboard_recorder.exe [2007-07-09 1843200]
"Thunderbird"=C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [2013-10-30 390256]
"Svátky a výročí"=C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe [2006-04-28 1019904]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02 20472992]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-04-29 3093624]
"WeatherWatcherLive"=C:\Program Files (x86)\Weather Watcher Live\ww.exe [2013-06-05 1968296]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-04-26 3111744]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2013-04-11 89600]
"NERO"=C:\Users\Admin\VVETC\PJMOCCCWLE-XUEWZ-FRDXYTBRCM.vbe [2013-10-14 1713162]
"uTorrent"=C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe [2013-11-07 802136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-08-14 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 13425224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"VAWinAgent"=C:\ExpressGateUtil\VAWinAgent.exe [2011-04-08 45448]
"UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-11-24 222504]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [2010-07-10 984400]
"RemoteControl11"=C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe [2011-08-24 230696]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"FLxHCIm"=C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [2011-04-08 43008]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [2011-02-23 731472]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-03-31 2018032]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"LauncherM200DN"=C:\Program Files (x86)\EPSON_P2B\Printer Software\Launcher\selaunch.exe [2012-09-13 2587056]
"M200DN RUN"=C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmRun.exe [2012-09-13 362928]
"StatusAutoRunM200DN"=C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmpl.exe [2012-09-13 4277680]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2013-10-17 2237328]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2000-01-01 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-11-07 16:49:13 ----D---- C:\ProgramData\ESET
2013-11-07 16:48:51 ----SHD---- C:\Config.Msi
2013-11-06 19:29:40 ----SHD---- C:\$RECYCLE.BIN
2013-11-06 19:29:33 ----A---- C:\ComboFix.txt
2013-11-06 19:01:40 ----A---- C:\Windows\zip.exe
2013-11-06 19:01:40 ----A---- C:\Windows\SWSC.exe
2013-11-06 19:01:40 ----A---- C:\Windows\SWREG.exe
2013-11-06 19:01:40 ----A---- C:\Windows\sed.exe
2013-11-06 19:01:40 ----A---- C:\Windows\PEV.exe
2013-11-06 19:01:40 ----A---- C:\Windows\NIRCMD.exe
2013-11-06 19:01:40 ----A---- C:\Windows\MBR.exe
2013-11-06 19:01:40 ----A---- C:\Windows\grep.exe
2013-11-06 19:01:37 ----D---- C:\ComboFix
2013-11-06 19:01:02 ----D---- C:\Qoobox
2013-11-06 18:02:47 ----A---- C:\Windows\system32\WavesGUILib64.dll
2013-11-06 18:02:46 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-11-06 18:02:46 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-11-06 18:02:46 ----A---- C:\Windows\system32\RtkApi64.dll
2013-11-06 18:02:46 ----A---- C:\Windows\system32\RtDataProc64.dll
2013-11-06 18:02:46 ----A---- C:\Windows\system32\RTCOM64.dll
2013-11-06 18:02:46 ----A---- C:\Windows\system32\RCoRes64.dat
2013-11-06 18:02:46 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-11-06 18:02:46 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-11-06 18:02:46 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2013-11-06 18:02:45 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-11-06 18:02:45 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2013-11-06 18:02:44 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2013-11-06 18:02:44 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2013-11-06 18:02:44 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-11-06 18:02:44 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-11-06 18:02:43 ----A---- C:\Windows\system32\FMAPO64.dll
2013-11-06 18:02:43 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-11-06 18:02:43 ----A---- C:\Windows\system32\AERTAC64.dll
2013-11-06 17:55:16 ----D---- C:\Windows\SYSWOW64\Atheros_L1e
2013-11-06 17:54:44 ----A---- C:\Windows\system32\drivers\L1C62x64.sys
2013-11-06 17:52:28 ----D---- C:\Intel
2013-11-06 17:52:27 ----A---- C:\Windows\system32\drivers\igdkmd64.sys
2013-11-06 17:52:25 ----A---- C:\Windows\system32\igfxCoIn_v3062.dll
2013-11-06 17:52:24 ----A---- C:\Windows\system32\igfxTMM.dll
2013-11-06 17:52:23 ----A---- C:\Windows\SYSWOW64\igfxexps32.dll
2013-11-06 17:52:23 ----A---- C:\Windows\SYSWOW64\igfxdv32.dll
2013-11-06 17:52:23 ----A---- C:\Windows\system32\igfxpph.dll
2013-11-06 17:52:23 ----A---- C:\Windows\system32\igfxexps.dll
2013-11-06 17:52:23 ----A---- C:\Windows\system32\igfxdo.dll
2013-11-06 17:52:23 ----A---- C:\Windows\system32\IGFXDEVLib.dll
2013-11-06 17:52:23 ----A---- C:\Windows\system32\igfxdev.dll
2013-11-06 17:52:23 ----A---- C:\Windows\system32\igfxcmrt64.dll
2013-11-06 17:52:22 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2013-11-06 17:52:22 ----A---- C:\Windows\SYSWOW64\igfxcmjit32.dll
2013-11-06 17:52:22 ----A---- C:\Windows\SYSWOW64\igfx11cmrt32.dll
2013-11-06 17:52:22 ----A---- C:\Windows\system32\igfxcmjit64.dll
2013-11-06 17:52:22 ----A---- C:\Windows\system32\igfx11cmrt64.dll
2013-11-06 17:52:21 ----A---- C:\Windows\system32\igdumd64.dll
2013-11-06 17:52:14 ----A---- C:\Windows\SYSWOW64\igdde32.dll
2013-11-06 17:52:14 ----A---- C:\Windows\system32\igdde64.dll
2013-11-06 17:52:09 ----A---- C:\Windows\system32\ig4icd64.dll
2013-11-06 17:52:08 ----A---- C:\Windows\SYSWOW64\ig4icd32.dll
2013-11-06 17:52:08 ----A---- C:\Windows\system32\gfxSrvc.dll
2013-11-06 17:52:07 ----A---- C:\Windows\SYSWOW64\IntelCpHeciSvc.exe
2013-11-06 17:52:07 ----A---- C:\Windows\system32\igfxtray.exe
2013-11-06 17:52:06 ----A---- C:\Windows\system32\igfxsrvc.exe
2013-11-06 17:52:06 ----A---- C:\Windows\system32\igfxpers.exe
2013-11-06 17:52:06 ----A---- C:\Windows\system32\igfxext.exe
2013-11-06 17:52:06 ----A---- C:\Windows\system32\hkcmd.exe
2013-11-06 17:52:06 ----A---- C:\Windows\system32\GfxUI.exe
2013-11-06 17:52:06 ----A---- C:\Windows\system32\difx64.exe
2013-11-06 17:45:18 ----D---- C:\Program Files (x86)\SlimDrivers
2013-11-06 15:15:54 ----D---- C:\ProgramData\Malwarebytes
2013-11-06 15:15:50 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-06 15:15:49 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2013-11-06 14:37:04 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2013-11-06 14:20:34 ----A---- C:\TDSSKiller.2.8.16.0_06.11.2013_14.20.34_log.txt
2013-11-06 14:15:20 ----A---- C:\TDSSKiller.3.0.0.16_06.11.2013_14.15.20_log.txt
2013-11-06 14:14:33 ----A---- C:\TDSSKiller.2.8.16.0_06.11.2013_14.14.33_log.txt
2013-11-06 13:57:36 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2013-11-06 13:52:41 ----D---- C:\rsit
2013-11-06 11:16:01 ----D---- C:\Program Files (x86)\ESET
2013-11-04 22:55:57 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2013-11-04 22:42:39 ----D---- C:\Program Files\Adobe
2013-11-04 22:42:06 ----D---- C:\Program Files\Common Files\Adobe
2013-11-04 22:41:22 ----N---- C:\Windows\system32\drivers\PxHlpa64.sys
2013-11-04 22:41:22 ----N---- C:\Windows\system32\drivers\cdralw2k.sys
2013-11-04 22:41:22 ----N---- C:\Windows\system32\drivers\cdr4_xp.sys
2013-11-04 22:41:17 ----D---- C:\Program Files (x86)\My Company Name
2013-11-04 22:11:08 ----D---- C:\Program Files (x86)\Lame For Audacity
2013-11-04 21:59:37 ----D---- C:\Users\Admin\AppData\Roaming\Audacity
2013-11-02 21:45:25 ----D---- C:\ProgramData\regid.1995-09.com.example
2013-11-02 21:45:25 ----D---- C:\Program Files (x86)\TV Online
2013-11-01 09:25:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-10-31 16:37:02 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-10-31 10:17:09 ----D---- C:\Program Files (x86)\MKVToolNix
2013-10-31 10:01:56 ----D---- C:\Users\Admin\AppData\Roaming\Media Player Classic
2013-10-30 18:53:25 ----A---- C:\Windows\system32\ff_vfw.dll
2013-10-30 18:53:21 ----A---- C:\Windows\SYSWOW64\x264vfw.dll
2013-10-30 18:53:21 ----A---- C:\Windows\SYSWOW64\lagarith.dll
2013-10-30 18:53:21 ----A---- C:\Windows\system32\x264vfw64.dll
2013-10-30 18:53:21 ----A---- C:\Windows\system32\lagarith.dll
2013-10-30 18:53:20 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2013-10-30 18:53:20 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2013-10-30 18:53:20 ----A---- C:\Windows\system32\xvidvfw.dll
2013-10-30 18:53:20 ----A---- C:\Windows\system32\xvidcore.dll
2013-10-30 18:53:18 ----A---- C:\Windows\system32\unrar64.dll
2013-10-30 18:53:14 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2013-10-25 11:55:51 ----D---- C:\Program Files (x86)\EPSON_P2B
2013-10-25 11:55:01 ----A---- C:\Windows\system32\seapn1mLM.DLL
2013-10-25 11:55:01 ----A---- C:\Windows\system32\sea6n1mlm.dll
2013-10-25 11:53:52 ----A---- C:\Windows\SYSWOW64\CommonSetting.ini
2013-10-25 11:53:52 ----A---- C:\Windows\CommonSetting.ini
2013-10-21 16:21:13 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-21 16:21:07 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-21 16:21:07 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-21 16:21:07 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-18 14:27:15 ----D---- C:\ProgramData\CanonIJ
2013-10-14 17:38:06 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-10-09 09:31:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-09 09:31:13 ----A---- C:\Windows\system32\ieui.dll
2013-10-09 09:31:11 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-09 09:31:11 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-09 09:31:11 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-09 09:31:11 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-09 09:31:11 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-09 09:31:11 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 09:31:11 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-09 09:31:11 ----A---- C:\Windows\system32\iesetup.dll
2013-10-09 09:31:11 ----A---- C:\Windows\system32\iertutil.dll
2013-10-09 09:31:11 ----A---- C:\Windows\system32\iernonce.dll
2013-10-09 09:31:11 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-09 09:31:10 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-09 09:31:09 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-09 09:31:09 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-09 09:31:09 ----A---- C:\Windows\system32\jscript.dll
2013-10-09 09:31:08 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-09 09:31:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-09 09:31:08 ----A---- C:\Windows\system32\jscript9.dll
2013-10-09 09:31:07 ----A---- C:\Windows\system32\urlmon.dll
2013-10-09 09:31:06 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-09 09:31:06 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-09 09:31:06 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-09 09:31:06 ----A---- C:\Windows\system32\wininet.dll
2013-10-09 09:31:06 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-09 09:31:05 ----A---- C:\Windows\system32\ieframe.dll
2013-10-09 09:31:03 ----A---- C:\Windows\system32\mshtml.dll
2013-10-09 09:31:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-09 09:17:10 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-09 09:17:10 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-09 09:17:10 ----A---- C:\Windows\system32\lpk.dll
2013-10-09 09:17:10 ----A---- C:\Windows\system32\dciman32.dll
2013-10-09 09:17:10 ----A---- C:\Windows\system32\atmfd.dll
2013-10-09 09:17:09 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-09 09:17:09 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-09 09:17:09 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-09 09:17:09 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-09 09:17:09 ----A---- C:\Windows\system32\mswsock.dll
2013-10-09 09:17:09 ----A---- C:\Windows\system32\fontsub.dll
2013-10-09 09:17:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-09 09:17:09 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-09 09:17:09 ----A---- C:\Windows\system32\atmlib.dll
2013-10-09 09:17:08 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-09 09:17:07 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-09 09:17:07 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-09 09:17:07 ----A---- C:\Windows\system32\drivers\usbser.sys
2013-10-09 09:17:07 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-09 09:17:07 ----A---- C:\Windows\system32\comctl32.dll
2013-10-09 09:17:06 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-09 09:17:06 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-09 09:17:06 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-09 09:17:06 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-09 09:17:06 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-09 09:17:06 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-09 09:17:06 ----A---- C:\Windows\system32\davclnt.dll
2013-10-09 09:17:05 ----A---- C:\Windows\system32\win32k.sys
2013-10-09 09:16:50 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-09 09:16:50 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-09 09:16:50 ----A---- C:\Windows\system32\tdh.dll
2013-10-09 09:16:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-09 09:16:50 ----A---- C:\Windows\system32\advapi32.dll
2013-10-09 09:16:49 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-09 09:16:49 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-09 09:16:49 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-09 09:16:49 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-09 09:16:49 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-09 09:16:49 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-09 09:16:49 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-09 09:16:49 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-09 09:16:49 ----A---- C:\Windows\system32\wow64.dll
2013-10-09 09:16:49 ----A---- C:\Windows\system32\ntdll.dll
2013-10-09 09:16:17 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-09 09:16:15 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 09:16:15 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 09:16:03 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-09 09:15:58 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-09 09:15:58 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-09 09:15:58 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-10-09 09:15:58 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-09 09:15:58 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-09 09:15:58 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-09 09:15:58 ----A---- C:\Windows\system32\drivers\usbccgp.sys

======List of files/folders modified in the last 1 month======

2013-11-08 10:33:47 ----D---- C:\Windows\Temp
2013-11-08 10:33:47 ----D---- C:\Program Files\trend micro
2013-11-08 10:33:02 ----D---- C:\Users\Admin\AppData\Roaming\uTorrent
2013-11-08 10:31:47 ----D---- C:\Users\Admin\AppData\Roaming\WeatherWatcherLive
2013-11-08 10:31:42 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2013-11-08 10:30:41 ----D---- C:\Windows\system32\Tasks
2013-11-08 10:30:34 ----A---- C:\Windows\system32\acovcnt.exe
2013-11-08 09:45:12 ----D---- C:\Windows\Prefetch
2013-11-08 08:40:34 ----D---- C:\Windows\system32\config
2013-11-08 08:27:50 ----D---- C:\Windows\Tasks
2013-11-08 08:27:13 ----D---- C:\ProgramData\NVIDIA
2013-11-08 05:37:52 ----D---- C:\ProgramData\CanonIJPLM
2013-11-07 17:05:20 ----RD---- C:\Program Files (x86)
2013-11-07 17:05:11 ----SHD---- C:\System Volume Information
2013-11-07 16:52:26 ----D---- C:\Windows\inf
2013-11-07 16:49:39 ----SHD---- C:\Windows\Installer
2013-11-07 16:49:27 ----D---- C:\Windows\system32\DriverStore
2013-11-07 16:49:27 ----D---- C:\Windows\system32\drivers
2013-11-07 16:49:27 ----D---- C:\Windows\system32\catroot
2013-11-07 16:49:13 ----D---- C:\ProgramData
2013-11-07 11:01:37 ----D---- C:\Windows\system32\NDF
2013-11-07 06:29:30 ----D---- C:\Windows\System32
2013-11-07 06:29:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-06 19:36:42 ----AD---- C:\Windows
2013-11-06 19:35:34 ----A---- C:\Windows\system32\ServiceFilter.ini
2013-11-06 19:34:34 ----D---- C:\Windows\SYSWOW64\NV
2013-11-06 19:34:33 ----D---- C:\Windows\system32\NV
2013-11-06 19:32:20 ----D---- C:\Windows\SysWOW64
2013-11-06 19:26:04 ----A---- C:\Windows\system.ini
2013-11-06 19:25:58 ----D---- C:\Windows\system32\drivers\etc
2013-11-06 19:22:03 ----D---- C:\Windows\SYSWOW64\drivers
2013-11-06 19:22:03 ----D---- C:\Windows\AppPatch
2013-11-06 19:22:02 ----D---- C:\Program Files (x86)\Common Files
2013-11-06 19:17:43 ----D---- C:\Windows\Microsoft.NET
2013-11-06 19:00:50 ----D---- C:\Windows\erdnt
2013-11-06 18:03:26 ----HD---- C:\Program Files (x86)\Temp
2013-11-06 18:03:12 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-11-06 18:03:05 ----D---- C:\Windows\system32\catroot2
2013-11-06 17:55:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-11-06 17:53:50 ----D---- C:\Program Files (x86)\Intel
2013-11-06 14:53:08 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-11-06 13:58:14 ----RSD---- C:\Windows\assembly
2013-11-06 13:57:45 ----RSD---- C:\Windows\Fonts
2013-11-06 13:53:37 ----D---- C:\Windows\system32\appmgmt
2013-11-06 13:49:25 ----D---- C:\ProgramData\Microsoft Help
2013-11-06 13:47:51 ----SD---- C:\ProgramData\Microsoft
2013-11-06 13:47:51 ----RD---- C:\Program Files
2013-11-06 13:47:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-11-06 13:47:24 ----D---- C:\Windows\ShellNew
2013-11-06 13:47:24 ----D---- C:\Program Files (x86)\MSBuild
2013-11-06 13:47:22 ----D---- C:\Program Files\Common Files
2013-11-06 13:34:46 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-11-06 13:24:39 ----D---- C:\Windows\SYSWOW64\en-US
2013-11-06 13:24:39 ----D---- C:\Windows\system32\en-US
2013-11-06 12:07:05 ----D---- C:\Program Files (x86)\Nero
2013-11-06 11:37:44 ----D---- C:\Users\Admin\AppData\Roaming\Nero
2013-11-06 11:05:36 ----D---- C:\ProgramData\Nero
2013-11-06 10:56:06 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2013-11-04 22:56:43 ----D---- C:\Users\Admin\AppData\Roaming\Adobe
2013-11-04 22:42:54 ----D---- C:\ProgramData\Adobe
2013-11-04 22:29:48 ----D---- C:\Program Files (x86)\Adobe
2013-11-03 10:02:43 ----D---- C:\Windows\system32\wdi
2013-11-02 21:45:31 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2013-11-02 21:44:49 ----D---- C:\Users\Admin\AppData\Roaming\TV Online
2013-11-02 21:42:26 ----D---- C:\Users\Admin\AppData\Roaming\vlc
2013-11-02 07:21:33 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-31 16:37:12 ----D---- C:\Windows\debug
2013-10-31 10:52:06 ----D---- C:\Windows\Minidump
2013-10-31 10:52:02 ----D---- C:\Windows\Logs
2013-10-31 10:52:01 ----D---- C:\Windows\Panther
2013-10-31 09:40:26 ----D---- C:\Program Files\WinRAR
2013-10-30 18:53:16 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2013-10-21 16:21:20 ----D---- C:\ProgramData\Oracle
2013-10-21 16:21:07 ----D---- C:\Program Files (x86)\Java
2013-10-18 14:26:15 ----HD---- C:\ProgramData\CanonIJScan
2013-10-18 14:26:15 ----D---- C:\Users\Admin\AppData\Roaming\Canon
2013-10-16 20:56:40 ----D---- C:\ProgramData\Skype
2013-10-16 20:56:38 ----RD---- C:\Program Files (x86)\Skype
2013-10-11 13:20:36 ----D---- C:\Windows\rescache
2013-10-09 09:43:08 ----D---- C:\Windows\winsxs
2013-10-09 09:36:09 ----D---- C:\Program Files\Internet Explorer
2013-10-09 09:36:09 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-09 09:36:08 ----D---- C:\Windows\system32\cs-CZ
2013-10-09 09:26:47 ----D---- C:\Windows\system32\MRT
2013-10-09 09:23:00 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 gfibto;gfibto; C:\Windows\system32\drivers\gfibto.sys [2012-12-02 14456]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-14 437272]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-06-21 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2012-06-22 56336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-04-19 564824]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2011-01-26 30312]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-08-24 75248]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-04-17 13832]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]
R3 DlinkUDSMBus;UDS Master Bus of Kernel USB Software Bus by TCP; C:\Windows\SysWOW64\Drivers\DlinkUDSMBus.sys [2010-04-07 66656]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-20 283200]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2011-04-08 177152]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\DRIVERS\FLxHCIh.sys [2011-04-08 56320]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2000-01-01 5358016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 3338952]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-21 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2000-01-01 104048]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-08-21 14112]
S2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys []
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-05-03 44032]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DlinkUDSTcpBus;DlinkUDSTcpBus; C:\Windows\SysWOW64\Drivers\DlinkUDSTcpBus.sys [2010-04-07 85600]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 71168]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys []
S3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2012-08-21 33344]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-09-25 36928]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2013-11-06 16152]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-03-26 37888]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-08-24 83240]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-08-26 75048]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-08-26 292136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-09-03 87368]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2011-02-07 138192]
R2 mitsijm2012;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2012; C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [2011-08-03 848704]
R2 MSSQL$ECSQLEXPRESS;SQL Server (ECSQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-11-29 230408]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2012-02-08 70136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-03 1887520]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-12-20 66872]
R2 SENADB;SEcnStatutsDatabase; C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmdb.exe [2012-09-13 137648]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-09-09 2099512]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-04 379520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-04 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2011-09-27 89160]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2000-01-01 279024]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-12-07 1431888]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-07 1044816]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-04 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-01 119408]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Remote Solver for Flow Simulation 2012;Remote Solver for Flow Simulation 2012; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [2011-08-17 109624]
S3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2011-12-07 79360]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-30 529744]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

#15 Příspěvek od **vyosek** » 08 lis 2013 10:46

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

VIRY.CZ

Eset hlásí trojáka v operační paměti

Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti

Re: Eset hlásí trojáka v operační paměti