Prevence

[agata]

Dobrý den,

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2014-12-14 14:45:44
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 52 GB (68%) free of 76 GB
Total RAM: 447 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:47:39, on 14.12.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\osk.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Petr.DOM\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Petr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=19067
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418554761
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\System32\ssins.exe

--
End of file - 4223 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\DrawPadSevenDays.job - C:\Program Files\NCH Software\DrawPad\drawpad.exe -sevendays
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\FreeFileViewerUpdateChecker.job - C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Petr.DOM\Data aplikací\Mozilla\Firefox\Profiles\tqx4txb4.default-1416388022265

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-20 586968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2006-03-21 1678336]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-13 5227112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1418554761 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"EPSONStatusAgent2"=2
"EpsonBidirectionalService"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-07 115440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68298725.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\68298725.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoPopUpsOnBoot"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\System32\USMT\migwiz.exe"="C:\WINDOWS\System32\USMT\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe"="C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe:*:Enabled:FreeFileViewerUpdateChecker"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-12-14 14:45:44 ----D---- C:\rsit
2014-12-13 17:00:09 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-12 10:26:07 ----D---- C:\Program Files\Mozilla Firefox
2014-12-11 09:59:31 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-12-09 07:53:32 ----SHD---- C:\FOUND.009
2014-12-06 08:12:42 ----SHD---- C:\FOUND.008
2014-12-02 11:19:58 ----SHD---- C:\FOUND.007
2014-12-02 10:49:50 ----SHD---- C:\FOUND.006
2014-11-29 10:59:10 ----SHD---- C:\FOUND.005
2014-11-27 09:37:42 ----SHD---- C:\FOUND.004
2014-11-26 12:38:02 ----D---- C:\Program Files\Speccy
2014-11-25 11:01:56 ----SHD---- C:\FOUND.003
2014-11-22 11:02:04 ----SHD---- C:\FOUND.002
2014-11-21 10:03:16 ----SHD---- C:\FOUND.001
2014-11-20 10:58:47 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2014-11-20 09:47:34 ----A---- C:\WINDOWS\avastSS.scr
2014-11-19 10:07:40 ----D---- C:\Documents and Settings\Petr.DOM\Data aplikací\Opera Software
2014-11-19 10:05:21 ----D---- C:\Program Files\Opera
2014-11-19 09:57:31 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of files/folders modified in the last 1 month======

2014-12-14 12:02:42 ----A---- C:\ASWL2K.ini
2014-12-13 17:30:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-12-12 09:37:54 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-11-20 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-11-20 206248]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-11-20 55240]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-11-22 787800]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-11-21 423784]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-11-20 57928]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-11-20 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-11-20 70384]
R2 Ethpdrv;Ethernet Packet Driver; C:\WINDOWS\system32\DRIVERS\ethpdrv.sys [2007-08-01 16376]
R3 aswTap;avast! SecureLine TAP Adapter v3; C:\WINDOWS\system32\DRIVERS\aswTap.sys [2014-10-21 35144]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-07-01 9856]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 ZD1211BU(ASUS);ASUS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ASUS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-06-14 425472]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
S3 adiusbaw;ADSL USB MODEM WAN ADAPTER; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys []
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 cpuz136;cpuz136; \??\C:\DOCUME~1\Petr.DOM\LOCALS~1\Temp\cpuz136\cpuz136_x32.sys []
S3 EC168BDA;EC168BDA service; C:\WINDOWS\system32\DRIVERS\EC168BDA.sys [2007-09-11 87296]
S3 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 lgmdbus;LG Mobile driver (WDM); C:\WINDOWS\system32\DRIVERS\lgmdbus.sys [2008-07-08 89600]
S3 lgmdmdfl;LG Mobile USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\lgmdmdfl.sys [2008-07-08 14976]
S3 lgmdmdm;LG Mobile USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\lgmdmdm.sys [2008-07-08 121344]
S3 lgmdmgmt;LG Mobile USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\lgmdmgmt.sys [2008-07-08 114944]
S3 lgmdobex;LG Mobile USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\lgmdobex.sys [2008-07-08 111232]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys []
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 speccy;speccy; \??\C:\Documents and Settings\Petr.DOM\Local Settings\temp\89553ed0-6e36-4fc2-8e25-50abd8839991 []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2014-08-19 142648]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-20 50344]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-28 116648]
S2 ssinstall;SInstalátor; C:\WINDOWS\System32\ssins.exe [2014-10-20 2324216]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-28 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-18 19456]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-12 114800]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[altrok]

Prijemnou nedeli Vam preju

Pokud nepouzivate, odinstalujte Seznam Software - listicka, postak...

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Clean
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[agata]

Nemohu najít ,,odinstalujte Seznam Software - listicka, postak...´´

Děkuji.

[altrok]

Nic se nedeje, pokud se ho chcete zbavit (vetsinou se nainstaluje jako tzv. adware - nechteny program), maznu ho pak rucne. Pokracujte dalsimi kroky.

[agata]

# AdwCleaner v4.105 - Report created 15/12/2014 at 09:42:10
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Petr - DOM
# Running from : C:\Documents and Settings\Petr.DOM\Plocha\adwcleaner_4.105.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
Folder Found : C:\Documents and Settings\All Users\Data aplikací\NCH Software
Folder Found : C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
Folder Found : C:\Program Files\NCH Software

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VideoDownloadConverter_4zbar Uninstall Internet Explorer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v34.0.5 (x86 cs)


-\\ Opera v25.0.1614.63


*************************

AdwCleaner[S3].txt - [757 octets] - [23/10/2014 12:54:24]
AdwCleaner[R6].txt - [825 octets] - [24/10/2014 09:07:46]
AdwCleaner[R7].txt - [884 octets] - [24/10/2014 09:11:35]
AdwCleaner[S4].txt - [937 octets] - [24/10/2014 09:13:19]
AdwCleaner[R8].txt - [1604 octets] - [15/12/2014 09:42:10]

########## EOF - C:\AdwCleaner\AdwCleaner[R8].txt - [1664 octets] ##########

[altrok]

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[agata]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2014 01
Ran by Petr (administrator) on DOM on 15-12-2014 10:06:26
Running from C:\Documents and Settings\Petr.DOM\Plocha
Loaded Profile: Petr (Available profiles: Petr & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AVASTUI.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Microsoft Corporation) C:\WINDOWS\System32\SNMP.EXE
(PS Media s.r.o.) C:\WINDOWS\System32\SSINS.EXE
(Microsoft Corporation) C:\WINDOWS\System32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\System32\Wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\System32\osk.exe
(Microsoft Corporation) C:\WINDOWS\System32\MSSWCHX.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16270848 2006-11-14] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Control Center] => C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [1678336 2006-03-21] (ASUSTeK COMPUTER INC.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-13] (AVAST Software)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [NoPopUpsOnBoot] 1
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\...\RunOnce: [Adobe Speed Launcher] => 1418630526
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=19067
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-714400596-3210757239-2929730860-1005 -> {2796923F-E847-4564-9E04-52457383319A} URL = http://search.seznam.cz/?q={searchTerms ... arch_19067
SearchScopes: HKU\S-1-5-21-714400596-3210757239-2929730860-1005 -> {2A17DB67-907F-409B-84A2-9887F07C6C3D} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_19067
SearchScopes: HKU\S-1-5-21-714400596-3210757239-2929730860-1005 -> {5628E73B-5CC2-47AE-8D31-BDFEC2A40C24} URL = http://www.novinky.cz/hledej?w={searchT ... arch_19067
SearchScopes: HKU\S-1-5-21-714400596-3210757239-2929730860-1005 -> {62925305-1056-47DB-90A9-79C15A95AE62} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_19067
SearchScopes: HKU\S-1-5-21-714400596-3210757239-2929730860-1005 -> {62B1D538-2877-4D67-AD71-063E51874D6B} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_19067
SearchScopes: HKU\S-1-5-21-714400596-3210757239-2929730860-1005 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-714400596-3210757239-2929730860-1005 -> {775E8FA5-B10F-4719-94C8-38BAB00F4361} URL = http://www.mapy.cz/?query={searchTerms} ... arch_19067
SearchScopes: HKU\S-1-5-21-714400596-3210757239-2929730860-1005 -> {937F0109-D71D-423F-9E90-EEA1858FB743} URL = http://encyklopedie.seznam.cz/search?q= ... arch_19067
SearchScopes: HKU\S-1-5-21-714400596-3210757239-2929730860-1005 -> {982D58E5-94A8-42E5-B2FD-774F265DA73D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_19067
SearchScopes: HKU\S-1-5-21-714400596-3210757239-2929730860-1005 -> {B0A14EB4-40F0-4A4E-BF03-3EFBCA94EDA0} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_19067
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Petr.DOM\Data aplikací\Mozilla\Firefox\Profiles\tqx4txb4.default-1416388022265
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-21]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-20]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-08-19] (SUPERAntiSpyware.com)
S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) [File not signed]
R3 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-20] (AVAST Software)
R2 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) [File not signed]
S3 cisvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [125952 2008-04-14] (Microsoft Corporation) [File not signed]
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [225280 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
S3 dmserver; C:\WINDOWS\System32\dmserver.dll [24064 2008-04-14] (Microsoft Corp.) [File not signed]
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Eventlog; C:\WINDOWS\system32\services.exe [111104 2009-02-09] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed]
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) [File not signed]
S3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
S4 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) [File not signed]
S3 LPDSVC; C:\WINDOWS\system32\tcpsvcs.exe [19456 2004-08-18] (Microsoft Corporation) [File not signed]
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
S4 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation) [File not signed]
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [293376 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111616 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111616 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435712 2008-04-14] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\WINDOWS\system32\services.exe [111104 2009-02-09] (Microsoft Corporation) [File not signed]
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141824 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
S4 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2004-08-18] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [97792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [329728 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SNMP; C:\WINDOWS\System32\snmp.exe [32768 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [8704 2008-04-14] (Microsoft Corporation) [File not signed]
R2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ssinstall; C:\WINDOWS\System32\ssins.exe [2324216 2014-10-20] (PS Media s.r.o.)
R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [334336 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
S4 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [90112 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TermService; C:\WINDOWS\System32\termsrv.dll [295936 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) [File not signed]
S3 VSS; C:\WINDOWS\System32\vssvc.exe [290816 2008-04-14] (Microsoft Corporation) [File not signed]
R2 W32Time; C:\WINDOWS\system32\w32time.dll [176640 2008-04-14] (Microsoft Corporation) [File not signed]
S4 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R2 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [52224 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) [File not signed]
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [188288 2008-04-14] (Microsoft Corporation) [File not signed]
R0 ACPIEC; C:\WINDOWS\System32\DRIVERS\ACPIEC.sys [11776 2004-08-18] (Microsoft Corporation) [File not signed]
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) [File not signed]
S3 ASNDIS5; C:\WINDOWS\system32\ASNDIS5.SYS [16269 2002-09-09] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-20] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-20] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-20] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-20] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-11-21] (AVAST Software)
R3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2014-10-21] (The OpenVPN Project)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-20] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-20] ()
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-13] (Microsoft Corporation) [File not signed]
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-13] (Microsoft Corporation) [File not signed]
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-13] (Microsoft Corporation) [File not signed]
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) [File not signed]
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2004-08-18] (Microsoft Corporation) [File not signed]
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2004-08-18] (Microsoft Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation)
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2004-08-18] (Microsoft Corporation) [File not signed]
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-13] (Microsoft Corporation) [File not signed]
R3 CmBatt; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [13952 2008-04-13] (Microsoft Corporation) [File not signed]
R0 Compbatt; C:\WINDOWS\System32\DRIVERS\compbatt.sys [10240 2008-04-13] (Microsoft Corporation) [File not signed]
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-13] (Microsoft Corporation) [File not signed]
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [800000 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
S4 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153856 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
S4 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2004-08-18] (Microsoft Corp., Veritas Software.) [File not signed]
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Corporation) [File not signed]
S3 EC168BDA; C:\WINDOWS\System32\DRIVERS\EC168BDA.sys [87296 2007-09-11] (e3C, Inc.) [File not signed]
S3 EIO; C:\WINDOWS\system32\drivers\EIO.sys [8703 2003-01-29] (ASUSTeK Computer Inc.) [File not signed]
R2 Ethpdrv; C:\WINDOWS\System32\DRIVERS\ethpdrv.sys [16376 2007-08-01] (Gemfor s.r.o.)
R4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-13] (Microsoft Corporation) [File not signed]
S1 Fdc; C:\WINDOWS\system32\Drivers\Fdc.sys [27392 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Flpydisk; C:\WINDOWS\system32\Drivers\Flpydisk.sys [20480 2008-04-13] (Microsoft Corporation) [File not signed]
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-13] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2004-08-18] (Microsoft Corporation) [File not signed]
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125184 2004-08-18] (Microsoft Corporation) [File not signed]
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-13] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider) [File not signed]
S3 HidUsb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-13] (Microsoft Corporation) [File not signed]
R1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [52096 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-13] (Microsoft Corporation) [File not signed]
R1 intelppm; C:\WINDOWS\System32\DRIVERS\intelppm.sys [40192 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Ip6Fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-13] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2004-08-18] (Microsoft Corporation) [File not signed]
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-13] (Microsoft Corporation) [File not signed]
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-13] (Microsoft Corporation) [File not signed]
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-13] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-13] (Microsoft Corporation) [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation) [File not signed]
S1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation) [File not signed]
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Corporation) [File not signed]
R3 LgBttPort; C:\WINDOWS\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\WINDOWS\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
S3 lgmdbus; C:\WINDOWS\System32\DRIVERS\lgmdbus.sys [89600 2008-07-08] (MCCI Corporation)
S3 lgmdmdfl; C:\WINDOWS\System32\DRIVERS\lgmdmdfl.sys [14976 2008-07-08] (MCCI Corporation)
S3 lgmdmdm; C:\WINDOWS\System32\DRIVERS\lgmdmdm.sys [121344 2008-07-08] (MCCI Corporation)
S3 lgmdmgmt; C:\WINDOWS\System32\DRIVERS\lgmdmgmt.sys [114944 2008-07-08] (MCCI Corporation)
S3 lgmdobex; C:\WINDOWS\System32\DRIVERS\lgmdobex.sys [111232 2008-07-08] (MCCI Corporation)
R3 LGVMODEM; C:\WINDOWS\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2004-08-18] (Microsoft Corporation) [File not signed]
R3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15104 2004-07-09] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-13] (Microsoft Corporation) [File not signed]
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-13] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-13] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10112 2004-07-09] (Microsoft Corporation)
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-13] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-13] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-13] (Microsoft Corporation) [File not signed]
S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-13] (Microsoft Corporation) [File not signed]
S4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2004-08-18] (Microsoft Corporation) [File not signed]
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2004-08-18] (Microsoft Corporation) [File not signed]
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2004-08-18] (Microsoft Corporation) [File not signed]
S3 Parport; C:\WINDOWS\system32\Drivers\Parport.sys [80000 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-13] (Microsoft Corporation) [File not signed]
S4 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2004-08-18] (Microsoft Corporation) [File not signed]
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68736 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2004-08-18] (Microsoft Corporation) [File not signed]
R0 Pcmcia; C:\WINDOWS\System32\DRIVERS\pcmcia.sys [120064 2008-04-14] (Microsoft Corporation) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2003-07-01] (Padus, Inc.) [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-13] (Microsoft Corporation) [File not signed]
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2004-08-18] (Parallel Technologies, Inc.) [File not signed]
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2004-08-18] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-13] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2004-08-18] (Microsoft Corporation) [File not signed]
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-13] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2004-08-18] (Microsoft Corporation) [File not signed]
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [58496 2008-04-14] (Microsoft Corporation) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [79232 2008-04-13] (Microsoft Corporation) [File not signed]
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S2 Serial; C:\WINDOWS\system32\Drivers\Serial.sys [64256 2008-04-14] (Microsoft Corporation) [File not signed]
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-13] (Microsoft Corporation) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed]
S3 speccy; C:\Documents and Settings\Petr.DOM [0 2014-09-01] () [File not signed]
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Corporation) [File not signed]
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73344 2008-04-14] (Microsoft Corporation) [File not signed]
R3 StillCam; C:\WINDOWS\System32\DRIVERS\serscan.sys [6784 2001-10-24] (Microsoft Corporation) [File not signed]
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-13] (Microsoft Corporation) [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Corporation) [File not signed]
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) [File not signed]
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32128 2008-04-13] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30208 2008-04-13] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-13] (Microsoft Corporation) [File not signed]
R3 usbohci; C:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [15104 2008-04-13] (Microsoft Corporation) [File not signed]
R3 usbstor; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-13] (Microsoft Corporation) [File not signed]
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52480 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-13] (Microsoft Corporation) [File not signed]
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Corporation) [File not signed]
R1 WS2IFSL; C:\WINDOWS\System32\drivers\ws2ifsl.sys [12032 2004-08-18] (Microsoft Corporation) [File not signed]
R3 ZD1211BU(ASUS); C:\WINDOWS\System32\DRIVERS\zd1211Bu.sys [425472 2006-06-14] (ZyDAS Technology Corporation) [File not signed]
S2 ADILOADER; System32\Drivers\adildr.sys [X]
S3 adiusbaw; system32\DRIVERS\adiusbaw.sys [X]
S3 Ambfilt; system32\drivers\Ambfilt.sys [X]
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [14208 2008-04-13] (Microsoft Corporation) [File not signed]
S3 cpuz136; \??\C:\DOCUME~1\Petr.DOM\LOCALS~1\Temp\cpuz136\cpuz136_x32.sys [X]
S4 IntelIde; No ImagePath
S3 Monfilt; system32\drivers\Monfilt.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [46592 2008-04-14] (Microsoft Corporation) [File not signed]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) [File not signed]
U3 TlntSvr; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 10:06 - 2014-12-15 10:06 - 00033525 _____ () C:\Documents and Settings\Petr.DOM\Plocha\FRST.txt
2014-12-15 10:05 - 2014-12-15 10:05 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Petr.DOM\Plocha\FRSTLauncher.exe
2014-12-15 10:05 - 2014-12-15 10:05 - 00000000 ____D () C:\FRST
2014-12-15 10:01 - 2014-12-15 10:02 - 01111040 _____ (Farbar) C:\Documents and Settings\Petr.DOM\Plocha\FRST.exe
2014-12-15 09:35 - 2014-12-15 09:36 - 02166272 _____ () C:\Documents and Settings\Petr.DOM\Plocha\adwcleaner_4.105.exe
2014-12-15 09:11 - 2014-12-15 09:23 - 00041187 _____ () C:\WINDOWS\setupapi.log
2014-12-12 10:26 - 2014-12-12 10:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-11 10:02 - 2014-12-11 10:02 - 00001635 _____ () C:\Documents and Settings\All Users\Plocha\Avast Free Antivirus.lnk
2014-12-11 09:59 - 2014-11-20 09:47 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-12-09 07:53 - 2014-12-09 07:53 - 00000000 __SHD () C:\FOUND.009
2014-12-06 08:12 - 2014-12-06 08:12 - 00000000 __SHD () C:\FOUND.008
2014-12-02 11:19 - 2014-12-02 11:19 - 00000000 __SHD () C:\FOUND.007
2014-12-02 10:49 - 2014-12-02 10:49 - 00000000 __SHD () C:\FOUND.006
2014-11-29 10:59 - 2014-11-29 10:59 - 00000000 __SHD () C:\FOUND.005
2014-11-27 09:37 - 2014-11-27 09:37 - 00000000 __SHD () C:\FOUND.004
2014-11-25 11:01 - 2014-11-25 11:01 - 00000000 __SHD () C:\FOUND.003
2014-11-22 11:02 - 2014-11-22 11:02 - 00000000 __SHD () C:\FOUND.002
2014-11-21 10:03 - 2014-11-21 10:03 - 00000000 __SHD () C:\FOUND.001
2014-11-20 11:00 - 2014-12-11 12:16 - 00000664 _____ () C:\Documents and Settings\Petr.DOM\Local Settings\Data aplikací\d3d9caps.dat
2014-11-20 10:58 - 2014-12-15 09:22 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-11-20 09:47 - 2014-11-20 09:47 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-11-19 10:33 - 2014-11-19 10:33 - 00000579 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera 25.lnk
2014-11-19 10:07 - 2014-11-19 10:07 - 00000000 ____D () C:\Documents and Settings\Petr.DOM\Local Settings\Data aplikací\Opera Software
2014-11-19 10:07 - 2014-11-19 10:07 - 00000000 ____D () C:\Documents and Settings\Petr.DOM\Data aplikací\Opera Software
2014-11-19 10:05 - 2014-11-19 10:05 - 00000579 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
2014-11-19 10:05 - 2014-11-19 10:05 - 00000000 ____D () C:\Program Files\Opera
2014-11-19 09:57 - 2014-11-19 09:57 - 00000634 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2014-11-19 09:57 - 2014-11-19 09:57 - 00000628 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2014-11-19 09:57 - 2014-11-19 09:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 10:01 - 2014-10-21 10:58 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-12-15 10:01 - 2014-02-28 11:27 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-15 09:50 - 2014-03-16 10:11 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-15 09:07 - 2010-03-24 14:21 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-12-15 09:03 - 2014-10-20 11:08 - 00000000 _____ () C:\WINDOWS\system32\sinstall.log
2014-12-15 09:03 - 2014-02-17 16:54 - 00000400 ____N () C:\WINDOWS\wiadebug.log
2014-12-15 09:02 - 2014-04-04 11:18 - 00000376 _____ () C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job
2014-12-15 09:02 - 2014-02-28 11:27 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-15 09:02 - 2009-02-27 19:11 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-15 09:01 - 2014-09-01 08:37 - 00000178 ___SH () C:\Documents and Settings\Petr.DOM\ntuser.ini
2014-12-15 09:01 - 2014-02-17 16:54 - 00032590 ____N () C:\WINDOWS\SchedLgU.Txt
2014-12-15 09:01 - 2014-02-17 16:54 - 00000050 ____N () C:\WINDOWS\wiaservc.log
2014-12-15 09:01 - 2014-02-17 16:53 - 01771711 ____N () C:\WINDOWS\WindowsUpdate.log
2014-12-15 09:00 - 2014-02-20 12:29 - 00000162 _____ () C:\ASWL2K.ini
2014-12-13 16:11 - 2004-11-20 11:14 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-12-12 09:37 - 2013-12-02 08:49 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-12-12 09:37 - 2013-12-02 08:49 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-12-06 14:46 - 2009-02-27 19:11 - 00000178 ___SH () C:\Documents and Settings\LocalService\ntuser.ini
2014-11-22 10:26 - 2014-10-21 10:58 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-11-21 08:36 - 2014-10-21 10:58 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-11-20 09:47 - 2014-10-21 11:16 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-11-20 09:47 - 2014-10-21 10:58 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-11-20 09:47 - 2014-10-21 10:58 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2014-11-20 09:47 - 2014-10-21 10:58 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-11-20 09:47 - 2014-10-21 10:58 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-11-20 09:47 - 2014-10-21 10:58 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-11-16 11:11 - 2014-11-02 11:53 - 00036864 ___SH () C:\Documents and Settings\Petr.DOM\Plocha\Thumbs.db

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2004-11-20 11:14] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\WINDOWS\system32\winlogon.exe
[2004-11-20 11:14] - [2008-04-14 04:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\WINDOWS\system32\svchost.exe
[2004-11-20 11:14] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\WINDOWS\system32\services.exe
[2004-11-20 11:14] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\WINDOWS\system32\User32.dll
[2004-11-20 11:14] - [2008-04-14 04:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\WINDOWS\system32\userinit.exe
[2004-11-20 11:14] - [2008-04-14 04:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-11-20 11:14] - [2008-04-14 03:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

[agata]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-12-2014 01
Ran by Petr at 2014-12-15 10:07:21
Running from C:\Documents and Settings\Petr.DOM\Plocha
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
ADSL USB MODEM (HKLM\...\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}) (Version: - )
Aktualizace systému Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows Internet Explorer 8 (KB980302) (HKLM\...\KB980302-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version: - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2416400) (HKLM\...\KB2416400-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2497640) (HKLM\...\KB2497640-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2530548) (HKLM\...\KB2530548-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049) (HKLM\...\KB2559049-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB976325) (HKLM\...\KB976325-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB978207) (HKLM\...\KB978207-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
ASUS WLAN Card Utilities/Driver (HKLM\...\{8F722FA9-B994-4C9B-B292-FD32D6206EDF}) (Version: 2.8.9.0 - )
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
DrawPad Graphics Editor (HKLM\...\DrawPad) (Version: 1.01 - NCH Software)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
Free File Viewer 2014 (HKLM\...\FreeFileViewer_is1) (Version: 2014.2.16.0 - Bitberry Software) <==== ATTENTION
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Image Resizer Powertoy for Windows XP (HKLM\...\{1CB92574-96F2-467B-B793-5CEB35C40C29}) (Version: 1.00.0001 - Microsoft Corporation)
LG Bluetooth Drivers (HKLM\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics)
LG MC USB U330 driver (HKLM\...\{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}) (Version: 1.0.0.0000 - LG Electronics)
LG United Mobile Drivers (HKLM\...\{461B11E8-BF34-4ACB-962A-1CBE905BD9EB}) (Version: 2.2 - LG Electronics)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 cs) (HKLM\...\Mozilla Firefox 34.0.5 (x86 cs)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
Nova Stahovák (HKLM\...\{D6615307-A73A-49C5-B90F-D97E027F034A}) (Version: 1.1.48 - SoftGate)
Odinstalovat LG PC Suite III (HKLM\...\{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1) (Version: - LG Electronics)
PhoXo (HKLM\...\PhoXo) (Version: 8.1.0.0 - PhoXo) <==== ATTENTION!
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5324 - Realtek Semiconductor Corp.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1016 - SUPERAntiSpyware.com)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031517 - Microsoft Corporation)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

17-09-2014 07:28:31 Kontrolní bod systému
23-09-2014 07:55:13 Kontrolní bod systému
25-09-2014 07:17:16 Instalace nepodepsaného ovladače
26-09-2014 08:12:55 Kontrolní bod systému
27-09-2014 15:37:20 Kontrolní bod systému
30-09-2014 09:40:52 Kontrolní bod systému
01-10-2014 10:31:29 Kontrolní bod systému
06-10-2014 08:18:45 Kontrolní bod systému
07-10-2014 07:58:55 Software Distribution Service 3.0
08-10-2014 06:41:03 Software Distribution Service 3.0
09-10-2014 09:16:41 Kontrolní bod systému
13-10-2014 08:54:36 Kontrolní bod systému
16-10-2014 09:56:40 Kontrolní bod systému
20-10-2014 06:40:43 Kontrolní bod systému
20-10-2014 09:21:39 Nainstalováno AVG 2015
20-10-2014 09:22:00 Nainstalováno AVG 2015
21-10-2014 07:44:48 Software Distribution Service 3.0
21-10-2014 08:11:27 Odstraněno AVG 2015
21-10-2014 08:12:49 Odstraněno AVG 2015
21-10-2014 08:56:57 avast! antivirus system restore point
21-10-2014 09:12:19 avast! antivirus system restore point
22-10-2014 09:48:17 Kontrolní bod systému
23-10-2014 09:52:41 Kontrolní bod systému
25-10-2014 06:27:38 Kontrolní bod systému
01-11-2014 08:45:08 Kontrolní bod systému
01-11-2014 09:36:21 Instalace nepodepsaného ovladače
07-11-2014 07:03:30 Instalace nepodepsaného ovladače
07-11-2014 07:06:46 Instalace nepodepsaného ovladače
08-11-2014 09:25:23 Kontrolní bod systému
10-11-2014 07:52:29 Kontrolní bod systému
11-11-2014 08:35:47 Kontrolní bod systému
12-11-2014 08:53:58 Kontrolní bod systému
20-11-2014 08:42:14 avast! antivirus system restore point
21-11-2014 07:52:18 avast! antivirus system restore point
21-11-2014 08:58:52 avast! antivirus system restore point
01-12-2014 07:45:15 Kontrolní bod systému
02-12-2014 08:19:09 Kontrolní bod systému
11-12-2014 08:57:51 avast! antivirus system restore point
12-12-2014 10:31:20 Kontrolní bod systému
14-12-2014 11:43:26 Kontrolní bod systému

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-11-20 11:14 - 2014-10-26 14:21 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\DrawPadSevenDays.job => C:\Program Files\NCH Software\DrawPad\drawpad.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-12-15 09:19 - 2014-12-15 09:19 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121500\algo.dll
2014-10-21 10:58 - 2014-11-20 09:47 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-12 10:27 - 2014-12-12 10:28 - 03758192 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68298725.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68298725.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-714400596-3210757239-2929730860-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-714400596-3210757239-2929730860-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-714400596-3210757239-2929730860-1004 - Limited - Disabled)
Petr (S-1-5-21-714400596-3210757239-2929730860-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Petr.DOM
SUPPORT_388945a0 (S-1-5-21-714400596-3210757239-2929730860-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič videa (kompatibilní se standardem VGA)
Description: Řadič videa (kompatibilní se standardem VGA)
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič sběrnice SM
Description: Řadič sběrnice SM
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Modem Device on High Definition Audio Bus
Description: Modem Device on High Definition Audio Bus
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) M CPU 440 @ 1.86GHz
Percentage of memory in use: 74%
Total physical RAM: 447.36 MB
Available physical RAM: 113.88 MB
Total Pagefile: 4415.43 MB
Available Pagefile: 3968.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.5 GB) (Free:50.57 GB) FAT32 ==>[Drive with boot components (Windows XP)]
Drive e: () (Removable) (Total:7.69 GB) (Free:7.69 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: ACE22E9E)
Partition 1: (Not Active) - (Size=8 MB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 1
Partition 2: (Active) - (Size=74.5 GB) - (Type=0C)

========================================================
Disk: 1 (Size: 7.7 GB) (Disk ID: E826B177)
Partition 1: (Not Active) - (Size=7.7 GB) - (Type=0B)

==================== End Of Log ============================

[altrok]

Otestujte na virustotal.com soubor C:\WINDOWS\system32\d3d9caps.dat - link (odkaz) s vysledky vlozte do dalsi odpovedi.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
  C:\Documents and Settings\All Users\Data aplikací\NCH Software
  C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
  C:\Program Files\NCH Software
  REG: reg delete "HKCU\Software\Conduit" /f
  REG: reg delete "HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}" /f
  REG: reg delete "HKLM\SOFTWARE\Conduit" /f
  REG: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VideoDownloadConverter_4zbar Uninstall Internet Explorer" /f
  REG: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}" /f
  
  HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
  HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
  HKLM\...\Policies\Explorer: [NoResolveSearch] 1
  HKLM\...\Policies\Explorer: [NoPopUpsOnBoot] 1
  HKU\S-1-5-21-714400596-3210757239-2929730860-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-714400596-3210757239-2929730860-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  HKU\S-1-5-21-714400596-3210757239-2929730860-1005\...\RunOnce: [Adobe Speed Launcher] => 1418630526
  C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKU\S-1-5-21-714400596-3210757239-2929730860-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  SearchScopes: HKU\S-1-5-21-714400596-3210757239-2929730860-1005 -> {2796923F-E847-4564-9E04-52457383319A} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_19067
  FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
  FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
  CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path
  
  S2 ADILOADER; System32\Drivers\adildr.sys [X]
  S3 adiusbaw; system32\DRIVERS\adiusbaw.sys [X]
  S3 Ambfilt; system32\drivers\Ambfilt.sys [X]
  S4 IntelIde; No ImagePath
  S3 Monfilt; system32\drivers\Monfilt.sys [X]
  S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
  S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
  S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
  S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
  U3 TlntSvr; No ImagePath
  
  2014-12-15 10:05 - 2014-12-15 10:05 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Petr.DOM\Plocha\FRSTLauncher.exe
  2014-12-15 09:35 - 2014-12-15 09:36 - 02166272 _____ () C:\Documents and Settings\Petr.DOM\Plocha\adwcleaner_4.105.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.ex
  Task: C:\WINDOWS\Tasks\DrawPadSevenDays.job => C:\Program Files\NCH Software\DrawPad\drawpad.exe
  Task: C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
  Hosts:
  EmptyTemp:
  End
  

[agata]

File identification
MD5 99c627cc04ef6d87467e5ce7c9adcce2
SHA1 7f5f83e0f0248cda7952a22455b4e552753eec7b
SHA256 c5aec602a5f010d6f9b5d691af2ac7e89a9a71b32887d0acb1a6d84e247ad322
ssdeep
3:dnIluypTyl/l1lllholllCltBlljlll/Dll:mvC/34llCl

File size 664 bajtů ( 664 bytes )
File type unknown
Magic literal
data

TrID Targa bitmap (Original TGA Format) (100.0%)
VirusTotal metadata
First submission 2014-12-15 09:28:57 UTC ( 3 minuty ago )
Last submission 2014-12-15 09:28:57 UTC ( 3 minuty ago )
File names d3d9caps.dat
ExifTool file metadata
FileAccessDate
2014:12:15 10:29:00+01:00

FileCreateDate
2014:12:15 10:29:00+01:00

[agata]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 14-12-2014 01
Ran by Petr at 2014-12-15 10:52:31 Run:1
Running from C:\Documents and Settings\Petr.DOM\Plocha
Loaded Profile: Petr (Available profiles: Petr & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
C:\Documents and Settings\All Users\Data aplikací\NCH Software
C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
C:\Program Files\NCH Software
REG: reg delete "HKCU\Software\Conduit" /f
REG: reg delete "HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}" /f
REG: reg delete "HKLM\SOFTWARE\Conduit" /f
REG: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VideoDownloadConverter_4zbar Uninstall Internet Explorer" /f
REG: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}" /f

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [NoPopUpsOnBoot] 1
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\...\RunOnce: [Adobe Speed Launcher] => 1418630526
C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-714400596-3210757239-2929730860-1005 -> {2796923F-E847-4564-9E04-52457383319A} URL = http://search.seznam.cz/?q={searchTerms ... arch_19067
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path

S2 ADILOADER; System32\Drivers\adildr.sys [X]
S3 adiusbaw; system32\DRIVERS\adiusbaw.sys [X]
S3 Ambfilt; system32\drivers\Ambfilt.sys [X]
S4 IntelIde; No ImagePath
S3 Monfilt; system32\drivers\Monfilt.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
U3 TlntSvr; No ImagePath

2014-12-15 10:05 - 2014-12-15 10:05 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Petr.DOM\Plocha\FRSTLauncher.exe
2014-12-15 09:35 - 2014-12-15 09:36 - 02166272 _____ () C:\Documents and Settings\Petr.DOM\Plocha\adwcleaner_4.105.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.ex
Task: C:\WINDOWS\Tasks\DrawPadSevenDays.job => C:\Program Files\NCH Software\DrawPad\drawpad.exe
Task: C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\NCH Software => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters => Moved successfully.
C:\Program Files\NCH Software => Moved successfully.

========= reg delete "HKCU\Software\Conduit" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Conduit" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VideoDownloadConverter_4zbar Uninstall Internet Explorer" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\LinkResolveIgnoreLinkInfo => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoPopUpsOnBoot => value deleted successfully.
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-714400596-3210757239-2929730860-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => value deleted successfully.
C:\Documents and Settings\Petr.DOM\Data aplikací\Seznam.cz => Moved successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-714400596-3210757239-2929730860-1005\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-714400596-3210757239-2929730860-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2796923F-E847-4564-9E04-52457383319A}" => Key deleted successfully.
"HKCR\CLSID\{2796923F-E847-4564-9E04-52457383319A}" => Key not found.
"HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0" => Key deleted successfully.
"C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml" => not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk" => Key deleted successfully.
ADILOADER => Service deleted successfully.
adiusbaw => Service deleted successfully.
Ambfilt => Service deleted successfully.
IntelIde => Service deleted successfully.
Monfilt => Service deleted successfully.
MREMP50a64 => Service deleted successfully.
MREMPR5 => Service deleted successfully.
MRENDIS5 => Service deleted successfully.
MRESP50a64 => Service deleted successfully.
TlntSvr => Service deleted successfully.
C:\Documents and Settings\Petr.DOM\Plocha\FRSTLauncher.exe => Moved successfully.
C:\Documents and Settings\Petr.DOM\Plocha\adwcleaner_4.105.exe => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\DrawPadSevenDays.job => Moved successfully.
C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 57.1 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[altrok]

Postupujte dle navodu kolegy

Stahnete si TDSSKiller http://media.kaspersky.com/utilities/Vi ... killer.exe

• Po spusteni odsouhlaste licencni podminky (klik na Accept)
• Kliknete na volbu Change parametrs
• V okne Additional Option zakliknete vsechny moznosti
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

[agata]

11:45:31.0671 0x0c58 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
11:51:12.0140 0x0c58 ============================================================
11:51:12.0140 0x0c58 Current date / time: 2014/12/15 11:51:12.0140
11:51:12.0140 0x0c58 SystemInfo:
11:51:12.0140 0x0c58
11:51:12.0140 0x0c58 OS Version: 5.1.2600 ServicePack: 3.0
11:51:12.0140 0x0c58 Product type: Workstation
11:51:12.0140 0x0c58 ComputerName: DOM
11:51:12.0140 0x0c58 UserName: Petr
11:51:12.0140 0x0c58 Windows directory: C:\WINDOWS
11:51:12.0140 0x0c58 System windows directory: C:\WINDOWS
11:51:12.0140 0x0c58 Processor architecture: Intel x86
11:51:12.0140 0x0c58 Number of processors: 1
11:51:12.0140 0x0c58 Page size: 0x1000
11:51:12.0140 0x0c58 Boot type: Normal boot
11:51:12.0140 0x0c58 ============================================================
11:51:15.0906 0x0c58 KLMD registered as C:\WINDOWS\system32\drivers\07212338.sys
11:51:17.0531 0x0c58 System UUID: {E4AA88D6-5F64-39A2-CB9E-F9455B88A8FD}
11:51:20.0078 0x0c58 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:51:20.0078 0x0c58 ============================================================
11:51:20.0078 0x0c58 \Device\Harddisk0\DR0:
11:51:20.0078 0x0c58 MBR partitions:
11:51:20.0078 0x0c58 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3EC1, BlocksNum 0x950A600
11:51:20.0078 0x0c58 ============================================================
11:51:20.0140 0x0c58 C: <-> \Device\Harddisk0\DR0\Partition1
11:51:20.0187 0x0c58 ============================================================
11:51:20.0187 0x0c58 Initialize success
11:51:20.0187 0x0c58 ============================================================
11:52:15.0765 0x06a8 ============================================================
11:52:15.0765 0x06a8 Scan started
11:52:15.0765 0x06a8 Mode: Manual; SigCheck; TDLFS;
11:52:15.0765 0x06a8 ============================================================
11:52:15.0765 0x06a8 KSN ping started
11:52:20.0015 0x06a8 KSN ping finished: true
11:52:21.0343 0x06a8 ================ Scan system memory ========================
11:52:21.0453 0x06a8 System memory - ok
11:52:21.0468 0x06a8 ================ Scan services =============================
11:52:22.0015 0x06a8 [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
11:52:24.0734 0x06a8 !SASCORE - ok
11:52:24.0953 0x06a8 Abiosdsk - ok
11:52:24.0984 0x06a8 abp480n5 - ok
11:52:25.0109 0x06a8 [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:52:26.0218 0x06a8 ACPI - detected UnsignedFile.Multi.Generic ( 1 )
11:52:29.0046 0x06a8 Detect skipped due to KSN trusted
11:52:29.0062 0x06a8 ACPI - ok
11:52:29.0171 0x06a8 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:52:29.0265 0x06a8 ACPIEC - detected UnsignedFile.Multi.Generic ( 1 )
11:52:32.0187 0x06a8 Detect skipped due to KSN trusted
11:52:32.0187 0x06a8 ACPIEC - ok
11:52:32.0484 0x06a8 [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:52:32.0593 0x06a8 AdobeFlashPlayerUpdateSvc - ok
11:52:32.0625 0x06a8 adpu160m - ok
11:52:32.0718 0x06a8 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:52:32.0828 0x06a8 aec - detected UnsignedFile.Multi.Generic ( 1 )
11:52:35.0578 0x06a8 Detect skipped due to KSN trusted
11:52:35.0578 0x06a8 aec - ok
11:52:35.0671 0x06a8 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:52:35.0937 0x06a8 AFD - ok
11:52:35.0968 0x06a8 Aha154x - ok
11:52:35.0984 0x06a8 aic78u2 - ok
11:52:36.0015 0x06a8 aic78xx - ok
11:52:36.0109 0x06a8 [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:52:36.0156 0x06a8 Alerter - detected UnsignedFile.Multi.Generic ( 1 )
11:52:38.0984 0x06a8 Detect skipped due to KSN trusted
11:52:38.0984 0x06a8 Alerter - ok
11:52:39.0140 0x06a8 [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
11:52:39.0250 0x06a8 ALG - detected UnsignedFile.Multi.Generic ( 1 )
11:52:42.0015 0x06a8 Detect skipped due to KSN trusted
11:52:42.0015 0x06a8 ALG - ok
11:52:42.0156 0x06a8 AliIde - ok
11:52:42.0171 0x06a8 amsint - ok
11:52:42.0250 0x06a8 AppMgmt - ok
11:52:42.0281 0x06a8 asc - ok
11:52:42.0312 0x06a8 asc3350p - ok
11:52:42.0328 0x06a8 asc3550 - ok
11:52:42.0406 0x06a8 [ 05A56C3156E1B6CC7BBD8E1D54D491F2, 524F9D08FB4EBBEE63D25D7A9037FB4797B2ABB2C09AA7E477CB0108D6AFB1CF ] ASNDIS5 C:\WINDOWS\system32\ASNDIS5.SYS
11:52:42.0468 0x06a8 ASNDIS5 - detected UnsignedFile.Multi.Generic ( 1 )
11:52:45.0234 0x06a8 Detect skipped due to KSN trusted
11:52:45.0234 0x06a8 ASNDIS5 - ok
11:52:45.0375 0x06a8 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:52:45.0484 0x06a8 aspnet_state - ok
11:52:45.0578 0x06a8 [ 9D23DE88C3B18BA87CD4587177CA6CEA, 46DBB867FC73E30320852F744F38B66906DD5B96C4EBB03F504CF33E867A8470 ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
11:52:46.0109 0x06a8 aswHwid - ok
11:52:46.0203 0x06a8 [ 73A9014A9C4B19AA093DA05ED4246E27, F03C8433EB00229490BCD293CC97EF72452E156212D56C24BBA95C8E1B207D1A ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
11:52:46.0312 0x06a8 aswMonFlt - ok
11:52:46.0359 0x06a8 [ 0926775B8C3B32EE99921CCB0F85378E, 21A46B124B3E9F2569030E2DF591858B85AA640DDBB5C994B5C00A1E78C9EF67 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
11:52:46.0421 0x06a8 aswRdr - ok
11:52:46.0500 0x06a8 [ 6544697080421E62E97AAFBD0A8AA391, BB3F492BF828A147B82FDD1FC9EB9867D96DE0481554A59745D41C6BAB551700 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
11:52:46.0593 0x06a8 aswRvrt - ok
11:52:46.0796 0x06a8 [ E73CBE3420ECFA8FF7D0467E170E335D, B994342C92AE9167908B8CA3D03DC278E919C7073512461AFFD4C25E8D2D8D66 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
11:52:47.0046 0x06a8 aswSnx - ok
11:52:47.0156 0x06a8 [ 1624D5AD126B8AFE2B2E85E5B8364EB6, AB97A74C1CA9921F7753D98516D7E11750D5D3ACD143C83273B0B295625440A0 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
11:52:47.0359 0x06a8 aswSP - ok
11:52:47.0437 0x06a8 [ C62E0261EC93B66151E5BAE83B61EE30, 502304CC323F17A85679F12A52E5B0AF8062652A9BBD9C4C1C62DE7C5C62556B ] aswTap C:\WINDOWS\system32\DRIVERS\aswTap.sys
11:52:47.0531 0x06a8 aswTap - ok
11:52:47.0562 0x06a8 [ 4C0ECF1AFA6992904814C74B99DD36F9, AA0D9BA7FE829888C636EC9D72E8E2D987A1C3FF092F95A38EC607CEE25A91F8 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
11:52:47.0640 0x06a8 aswTdi - ok
11:52:47.0734 0x06a8 [ 0EFBC2962B156E8AC267F96D4D93EF06, 8A69672CE8B68A0A683D583287473BFAB7CF8B9771C22E398607CF2A151C7124 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
11:52:47.0828 0x06a8 aswVmm - ok
11:52:47.0906 0x06a8 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:52:47.0953 0x06a8 AsyncMac - detected UnsignedFile.Multi.Generic ( 1 )
11:52:50.0781 0x06a8 Detect skipped due to KSN trusted
11:52:50.0781 0x06a8 AsyncMac - ok
11:52:50.0843 0x06a8 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:52:50.0890 0x06a8 atapi - detected UnsignedFile.Multi.Generic ( 1 )
11:52:53.0687 0x06a8 Detect skipped due to KSN trusted
11:52:53.0687 0x06a8 atapi - ok
11:52:53.0734 0x06a8 Atdisk - ok
11:52:53.0812 0x06a8 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:52:53.0890 0x06a8 Atmarpc - detected UnsignedFile.Multi.Generic ( 1 )
11:52:56.0687 0x06a8 Detect skipped due to KSN trusted
11:52:56.0687 0x06a8 Atmarpc - ok
11:52:56.0765 0x06a8 [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:52:56.0843 0x06a8 AudioSrv - detected UnsignedFile.Multi.Generic ( 1 )
11:52:59.0593 0x06a8 Detect skipped due to KSN trusted
11:52:59.0593 0x06a8 AudioSrv - ok
11:52:59.0718 0x06a8 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:52:59.0812 0x06a8 audstub - detected UnsignedFile.Multi.Generic ( 1 )
11:53:02.0671 0x06a8 Detect skipped due to KSN trusted
11:53:02.0671 0x06a8 audstub - ok
11:53:02.0859 0x06a8 [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:53:02.0921 0x06a8 avast! Antivirus - ok
11:53:02.0968 0x06a8 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:53:03.0015 0x06a8 Beep - detected UnsignedFile.Multi.Generic ( 1 )
11:53:05.0859 0x06a8 Detect skipped due to KSN trusted
11:53:05.0859 0x06a8 Beep - ok
11:53:06.0093 0x06a8 [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
11:53:06.0250 0x06a8 BITS - detected UnsignedFile.Multi.Generic ( 1 )
11:53:09.0015 0x06a8 Detect skipped due to KSN trusted
11:53:09.0015 0x06a8 BITS - ok
11:53:09.0078 0x06a8 [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
11:53:09.0187 0x06a8 Browser - ok
11:53:09.0265 0x06a8 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:53:09.0312 0x06a8 cbidf2k - detected UnsignedFile.Multi.Generic ( 1 )
11:53:12.0140 0x06a8 Detect skipped due to KSN trusted
11:53:12.0140 0x06a8 cbidf2k - ok
11:53:12.0296 0x06a8 [ FDC06E2ADA8C468EBB161624E03976CF, 94317DBE975A3EE918D3FC2C54B2D766FB4DBFEC5F85DCBA5F30BAF449673EE0 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:53:12.0437 0x06a8 CCDECODE - ok
11:53:12.0500 0x06a8 cd20xrnt - ok
11:53:12.0546 0x06a8 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:53:12.0578 0x06a8 Cdaudio - detected UnsignedFile.Multi.Generic ( 1 )
11:53:15.0500 0x06a8 Detect skipped due to KSN trusted
11:53:15.0500 0x06a8 Cdaudio - ok
11:53:15.0546 0x06a8 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:53:15.0625 0x06a8 Cdfs - detected UnsignedFile.Multi.Generic ( 1 )
11:53:18.0375 0x06a8 Detect skipped due to KSN trusted
11:53:18.0375 0x06a8 Cdfs - ok
11:53:18.0656 0x06a8 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:53:18.0703 0x06a8 Cdrom - detected UnsignedFile.Multi.Generic ( 1 )
11:53:21.0531 0x06a8 Detect skipped due to KSN trusted
11:53:21.0531 0x06a8 Cdrom - ok
11:53:21.0546 0x06a8 Changer - ok
11:53:21.0671 0x06a8 [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] cisvc C:\WINDOWS\system32\cisvc.exe
11:53:21.0796 0x06a8 cisvc - detected UnsignedFile.Multi.Generic ( 1 )
11:53:24.0562 0x06a8 Detect skipped due to KSN trusted
11:53:24.0562 0x06a8 cisvc - ok
11:53:24.0609 0x06a8 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:53:24.0703 0x06a8 ClipSrv - detected UnsignedFile.Multi.Generic ( 1 )
11:53:27.0453 0x06a8 Detect skipped due to KSN trusted
11:53:27.0453 0x06a8 ClipSrv - ok
11:53:27.0531 0x06a8 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:53:27.0625 0x06a8 clr_optimization_v2.0.50727_32 - ok
11:53:27.0671 0x06a8 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:53:27.0734 0x06a8 CmBatt - detected UnsignedFile.Multi.Generic ( 1 )
11:53:30.0546 0x06a8 Detect skipped due to KSN trusted
11:53:30.0546 0x06a8 CmBatt - ok
11:53:30.0578 0x06a8 CmdIde - ok
11:53:30.0609 0x06a8 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:53:30.0687 0x06a8 Compbatt - detected UnsignedFile.Multi.Generic ( 1 )
11:53:33.0500 0x06a8 Detect skipped due to KSN trusted
11:53:33.0500 0x06a8 Compbatt - ok
11:53:33.0546 0x06a8 COMSysApp - ok
11:53:33.0593 0x06a8 Cpqarray - ok
11:53:33.0765 0x06a8 cpuz136 - ok
11:53:33.0828 0x06a8 [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:53:33.0921 0x06a8 CryptSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:53:36.0687 0x06a8 Detect skipped due to KSN trusted
11:53:36.0687 0x06a8 CryptSvc - ok
11:53:36.0718 0x06a8 dac2w2k - ok
11:53:36.0734 0x06a8 dac960nt - ok
11:53:36.0937 0x06a8 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:53:37.0062 0x06a8 DcomLaunch - detected UnsignedFile.Multi.Generic ( 1 )
11:53:39.0812 0x06a8 Detect skipped due to KSN trusted
11:53:39.0812 0x06a8 DcomLaunch - ok
11:53:40.0000 0x06a8 [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:53:40.0062 0x06a8 Dhcp - detected UnsignedFile.Multi.Generic ( 1 )
11:53:42.0812 0x06a8 Detect skipped due to KSN trusted
11:53:42.0812 0x06a8 Dhcp - ok
11:53:42.0859 0x06a8 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:53:42.0968 0x06a8 Disk - detected UnsignedFile.Multi.Generic ( 1 )
11:53:45.0734 0x06a8 Detect skipped due to KSN trusted
11:53:45.0734 0x06a8 Disk - ok
11:53:45.0796 0x06a8 dmadmin - ok
11:53:46.0078 0x06a8 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:53:46.0328 0x06a8 dmboot - detected UnsignedFile.Multi.Generic ( 1 )
11:53:49.0078 0x06a8 Detect skipped due to KSN trusted
11:53:49.0078 0x06a8 dmboot - ok
11:53:49.0187 0x06a8 [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:53:49.0296 0x06a8 dmio - detected UnsignedFile.Multi.Generic ( 1 )
11:53:52.0125 0x06a8 Detect skipped due to KSN trusted
11:53:52.0125 0x06a8 dmio - ok
11:53:52.0250 0x06a8 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:53:52.0328 0x06a8 dmload - detected UnsignedFile.Multi.Generic ( 1 )
11:53:55.0156 0x06a8 Detect skipped due to KSN trusted
11:53:55.0156 0x06a8 dmload - ok
11:53:55.0281 0x06a8 [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:53:55.0328 0x06a8 dmserver - detected UnsignedFile.Multi.Generic ( 1 )
11:53:58.0125 0x06a8 Detect skipped due to KSN trusted
11:53:58.0125 0x06a8 dmserver - ok
11:53:58.0187 0x06a8 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:53:58.0281 0x06a8 DMusic - detected UnsignedFile.Multi.Generic ( 1 )
11:54:01.0062 0x06a8 Detect skipped due to KSN trusted
11:54:01.0062 0x06a8 DMusic - ok
11:54:01.0203 0x06a8 [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:54:01.0312 0x06a8 Dnscache - ok
11:54:01.0453 0x06a8 [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:54:01.0593 0x06a8 Dot3svc - detected UnsignedFile.Multi.Generic ( 1 )
11:54:04.0406 0x06a8 Detect skipped due to KSN trusted
11:54:04.0406 0x06a8 Dot3svc - ok
11:54:04.0421 0x06a8 dpti2o - ok
11:54:04.0484 0x06a8 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:54:04.0546 0x06a8 drmkaud - detected UnsignedFile.Multi.Generic ( 1 )
11:54:07.0296 0x06a8 Detect skipped due to KSN trusted
11:54:07.0296 0x06a8 drmkaud - ok
11:54:07.0421 0x06a8 [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:54:07.0453 0x06a8 EapHost - detected UnsignedFile.Multi.Generic ( 1 )
11:54:10.0625 0x06a8 Detect skipped due to KSN trusted
11:54:10.0625 0x06a8 EapHost - ok
11:54:10.0734 0x06a8 [ 53660D1A4068109C9C1FB97CE83BEE35, F36FA8E969945401C025DDA459C8FA1ED5623AFD37BD4A3BC994356528CA7D76 ] EC168BDA C:\WINDOWS\system32\DRIVERS\EC168BDA.sys
11:54:10.0796 0x06a8 EC168BDA - detected UnsignedFile.Multi.Generic ( 1 )
11:54:13.0625 0x06a8 Detect skipped due to KSN trusted
11:54:13.0625 0x06a8 EC168BDA - ok
11:54:13.0812 0x06a8 [ EE236706228A5DF709DDD9BC1C6DAFD0, A2210EEA2FC543503BC703A89E3BE8AAA358DA392230579010852BA013F68355 ] EIO C:\WINDOWS\system32\drivers\EIO.sys
11:54:13.0859 0x06a8 EIO - detected UnsignedFile.Multi.Generic ( 1 )
11:54:16.0687 0x06a8 Detect skipped due to KSN trusted
11:54:16.0687 0x06a8 EIO - ok
11:54:16.0765 0x06a8 [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:54:16.0828 0x06a8 ERSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:54:19.0656 0x06a8 Detect skipped due to KSN trusted
11:54:19.0656 0x06a8 ERSvc - ok
11:54:19.0781 0x06a8 [ 66742188777CCA93B0402792DC1F1058, 4FEC6917B0FF730651D0B33DEBB24495292AAFD86EF27E4DCA37364BBA4772E5 ] Ethpdrv C:\WINDOWS\system32\DRIVERS\ethpdrv.sys
11:54:19.0859 0x06a8 Ethpdrv - ok
11:54:19.0937 0x06a8 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
11:54:20.0062 0x06a8 Eventlog - detected UnsignedFile.Multi.Generic ( 1 )
11:54:22.0843 0x06a8 Detect skipped due to KSN trusted
11:54:22.0843 0x06a8 Eventlog - ok
11:54:22.0953 0x06a8 [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
11:54:23.0078 0x06a8 EventSystem - detected UnsignedFile.Multi.Generic ( 1 )
11:54:25.0859 0x06a8 Detect skipped due to KSN trusted
11:54:25.0859 0x06a8 EventSystem - ok
11:54:25.0953 0x06a8 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:54:26.0062 0x06a8 Fastfat - detected UnsignedFile.Multi.Generic ( 1 )
11:54:28.0890 0x06a8 Detect skipped due to KSN trusted
11:54:28.0890 0x06a8 Fastfat - ok
11:54:29.0046 0x06a8 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:54:29.0171 0x06a8 FastUserSwitchingCompatibility - ok
11:54:29.0203 0x06a8 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
11:54:29.0218 0x06a8 Fdc - detected UnsignedFile.Multi.Generic ( 1 )
11:54:32.0000 0x06a8 Detect skipped due to KSN trusted
11:54:32.0000 0x06a8 Fdc - ok
11:54:32.0140 0x06a8 [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:54:32.0218 0x06a8 Fips - detected UnsignedFile.Multi.Generic ( 1 )
11:54:35.0046 0x06a8 Detect skipped due to KSN trusted
11:54:35.0046 0x06a8 Fips - ok
11:54:35.0093 0x06a8 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
11:54:35.0156 0x06a8 Flpydisk - detected UnsignedFile.Multi.Generic ( 1 )
11:54:37.0921 0x06a8 Detect skipped due to KSN trusted
11:54:37.0921 0x06a8 Flpydisk - ok
11:54:38.0031 0x06a8 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:54:38.0156 0x06a8 FltMgr - detected UnsignedFile.Multi.Generic ( 1 )
11:54:40.0968 0x06a8 Detect skipped due to KSN trusted
11:54:40.0968 0x06a8 FltMgr - ok
11:54:41.0156 0x06a8 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:54:41.0187 0x06a8 FontCache3.0.0.0 - ok
11:54:41.0234 0x06a8 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:54:41.0281 0x06a8 Fs_Rec - detected UnsignedFile.Multi.Generic ( 1 )
11:54:44.0093 0x06a8 Detect skipped due to KSN trusted
11:54:44.0093 0x06a8 Fs_Rec - ok
11:54:44.0234 0x06a8 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:54:44.0328 0x06a8 Ftdisk - detected UnsignedFile.Multi.Generic ( 1 )
11:54:47.0093 0x06a8 Detect skipped due to KSN trusted
11:54:47.0093 0x06a8 Ftdisk - ok
11:54:47.0218 0x06a8 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:54:47.0312 0x06a8 Gpc - detected UnsignedFile.Multi.Generic ( 1 )
11:54:50.0109 0x06a8 Detect skipped due to KSN trusted
11:54:50.0109 0x06a8 Gpc - ok
11:54:50.0359 0x06a8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:54:50.0500 0x06a8 gupdate - ok
11:54:50.0515 0x06a8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:54:50.0609 0x06a8 gupdatem - ok
11:54:50.0671 0x06a8 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:54:50.0781 0x06a8 HDAudBus - detected UnsignedFile.Multi.Generic ( 1 )
11:54:53.0562 0x06a8 Detect skipped due to KSN trusted
11:54:53.0562 0x06a8 HDAudBus - ok
11:54:53.0625 0x06a8 [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:54:53.0734 0x06a8 helpsvc - detected UnsignedFile.Multi.Generic ( 1 )
11:54:56.0656 0x06a8 Detect skipped due to KSN trusted
11:54:56.0656 0x06a8 helpsvc - ok
11:54:56.0718 0x06a8 HidServ - ok
11:54:56.0843 0x06a8 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:54:56.0906 0x06a8 HidUsb - detected UnsignedFile.Multi.Generic ( 1 )
11:54:59.0734 0x06a8 Detect skipped due to KSN trusted
11:54:59.0734 0x06a8 HidUsb - ok
11:54:59.0906 0x06a8 [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:54:59.0968 0x06a8 hkmsvc - detected UnsignedFile.Multi.Generic ( 1 )
11:55:02.0734 0x06a8 Detect skipped due to KSN trusted
11:55:02.0734 0x06a8 hkmsvc - ok
11:55:02.0750 0x06a8 hpn - ok
11:55:02.0921 0x06a8 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:55:03.0140 0x06a8 HTTP - ok
11:55:03.0218 0x06a8 [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:55:03.0281 0x06a8 HTTPFilter - detected UnsignedFile.Multi.Generic ( 1 )
11:55:06.0093 0x06a8 Detect skipped due to KSN trusted
11:55:06.0093 0x06a8 HTTPFilter - ok
11:55:06.0109 0x06a8 i2omgmt - ok
11:55:06.0140 0x06a8 i2omp - ok
11:55:06.0265 0x06a8 [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:55:06.0312 0x06a8 i8042prt - detected UnsignedFile.Multi.Generic ( 1 )
11:55:09.0125 0x06a8 Detect skipped due to KSN trusted
11:55:09.0125 0x06a8 i8042prt - ok
11:55:09.0375 0x06a8 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:55:09.0625 0x06a8 idsvc - ok
11:55:09.0671 0x06a8 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:55:09.0750 0x06a8 Imapi - detected UnsignedFile.Multi.Generic ( 1 )
11:55:14.0515 0x06a8 Detect skipped due to KSN trusted
11:55:14.0515 0x06a8 Imapi - ok
11:55:14.0593 0x06a8 [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:55:14.0734 0x06a8 ImapiService - detected UnsignedFile.Multi.Generic ( 1 )
11:55:17.0562 0x06a8 Detect skipped due to KSN trusted
11:55:17.0562 0x06a8 ImapiService - ok
11:55:17.0593 0x06a8 ini910u - ok
11:55:18.0390 0x06a8 [ 60D7460B07012D364CED11DD9FD83E1F, 6140CD9DA6EB99CBC0C6F02D696A5C375DD4FA004D649741FAD47F09386A8143 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:55:19.0218 0x06a8 IntcAzAudAddService - ok
11:55:19.0390 0x06a8 [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:55:19.0484 0x06a8 intelppm - detected UnsignedFile.Multi.Generic ( 1 )
11:55:22.0250 0x06a8 Detect skipped due to KSN trusted
11:55:22.0250 0x06a8 intelppm - ok
11:55:22.0421 0x06a8 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:55:22.0484 0x06a8 Ip6Fw - detected UnsignedFile.Multi.Generic ( 1 )
11:55:25.0312 0x06a8 Detect skipped due to KSN trusted
11:55:25.0312 0x06a8 Ip6Fw - ok
11:55:25.0453 0x06a8 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:55:25.0515 0x06a8 IpFilterDriver - detected UnsignedFile.Multi.Generic ( 1 )
11:55:28.0343 0x06a8 Detect skipped due to KSN trusted
11:55:28.0343 0x06a8 IpFilterDriver - ok
11:55:28.0421 0x06a8 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:55:28.0500 0x06a8 IpInIp - detected UnsignedFile.Multi.Generic ( 1 )
11:55:31.0281 0x06a8 Detect skipped due to KSN trusted
11:55:31.0281 0x06a8 IpInIp - ok
11:55:31.0390 0x06a8 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:55:31.0500 0x06a8 IpNat - detected UnsignedFile.Multi.Generic ( 1 )
11:55:34.0281 0x06a8 Detect skipped due to KSN trusted
11:55:34.0281 0x06a8 IpNat - ok
11:55:34.0328 0x06a8 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:55:34.0406 0x06a8 IPSec - detected UnsignedFile.Multi.Generic ( 1 )
11:55:37.0218 0x06a8 Detect skipped due to KSN trusted
11:55:37.0218 0x06a8 IPSec - ok
11:55:37.0265 0x06a8 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:55:37.0343 0x06a8 IRENUM - detected UnsignedFile.Multi.Generic ( 1 )
11:55:40.0156 0x06a8 Detect skipped due to KSN trusted
11:55:40.0156 0x06a8 IRENUM - ok
11:55:40.0296 0x06a8 [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:55:40.0359 0x06a8 isapnp - detected UnsignedFile.Multi.Generic ( 1 )
11:55:44.0937 0x06a8 Detect skipped due to KSN trusted
11:55:44.0937 0x06a8 isapnp - ok
11:55:45.0062 0x06a8 [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:55:45.0125 0x06a8 Kbdclass - detected UnsignedFile.Multi.Generic ( 1 )
11:55:47.0890 0x06a8 Detect skipped due to KSN trusted
11:55:47.0890 0x06a8 Kbdclass - ok
11:55:47.0937 0x06a8 [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:55:47.0984 0x06a8 kbdhid - detected UnsignedFile.Multi.Generic ( 1 )
11:55:50.0812 0x06a8 Detect skipped due to KSN trusted
11:55:50.0812 0x06a8 kbdhid - ok
11:55:50.0984 0x06a8 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:55:51.0078 0x06a8 kmixer - detected UnsignedFile.Multi.Generic ( 1 )
11:55:53.0890 0x06a8 Detect skipped due to KSN trusted
11:55:53.0890 0x06a8 kmixer - ok
11:55:54.0031 0x06a8 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:55:54.0156 0x06a8 KSecDD - ok
11:55:54.0250 0x06a8 [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:55:54.0437 0x06a8 lanmanserver - ok
11:55:54.0531 0x06a8 [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:55:54.0609 0x06a8 lanmanworkstation - detected UnsignedFile.Multi.Generic ( 1 )
11:55:57.0421 0x06a8 Detect skipped due to KSN trusted
11:55:57.0421 0x06a8 lanmanworkstation - ok
11:55:57.0453 0x06a8 lbrtfdc - ok
11:55:57.0500 0x06a8 [ 4DD47B5AF0B24871EBB9EFC012A7474E, D35F979787C6B6654D5D6E4D0C1433FCB7B3FF9512B03330B3ADB8F052314296 ] LgBttPort C:\WINDOWS\system32\DRIVERS\lgbtport.sys
11:55:57.0625 0x06a8 LgBttPort - ok
11:55:57.0687 0x06a8 [ 1D038CA6C529203087A990E5E97887B4, 71C6FF0AC29C61513A9AB64DF43AD4360116C91204DD69BA2B0CBAA3E26FB436 ] lgbusenum C:\WINDOWS\system32\DRIVERS\lgbtbus.sys
11:55:57.0781 0x06a8 lgbusenum - ok
11:55:57.0828 0x06a8 [ 54FEC13B60914784AA06685F352AED70, 257EE2A7ABCDD39C3D7673D5F9867257973D61B905427A00FDD6EF7C7ED95B7E ] lgmdbus C:\WINDOWS\system32\DRIVERS\lgmdbus.sys
11:55:57.0921 0x06a8 lgmdbus - ok
11:55:57.0953 0x06a8 [ 97B52613F0B621FC9EAE007668DA7B01, B46E101D8F1CBA7EC39FA5FEA574081A5BE54FB39121E186924DA3E45771F8C1 ] lgmdmdfl C:\WINDOWS\system32\DRIVERS\lgmdmdfl.sys
11:55:58.0015 0x06a8 lgmdmdfl - ok
11:55:58.0078 0x06a8 [ B9CC203836509083D8BE07B6A5B40862, 2218F496BF66DD6AC85A52255378E8E07D1CDE3A41823C7AC48A243C176BCA0D ] lgmdmdm C:\WINDOWS\system32\DRIVERS\lgmdmdm.sys
11:55:58.0156 0x06a8 lgmdmdm - ok
11:55:58.0203 0x06a8 [ B5E3263CA8173F9619075898DF5D4718, CFE53EBCFE7B1C8B0AB1374971716F94ED42F57DDB2D77F0FB60EDE3C8AC15B1 ] lgmdmgmt C:\WINDOWS\system32\DRIVERS\lgmdmgmt.sys
11:55:58.0250 0x06a8 lgmdmgmt - ok
11:55:58.0296 0x06a8 [ A218C22FD0C4B8AC3CE38E08D1AC9E88, D755CAF8737C65FE4FEFF7C02E1BC0C0FBC5830B20B329E868E2AA05DC2C2183 ] lgmdobex C:\WINDOWS\system32\DRIVERS\lgmdobex.sys
11:55:58.0375 0x06a8 lgmdobex - ok
11:55:58.0421 0x06a8 [ 26F1976A330195D62A6224C76968CF0D, C47B9F2B52D1721543481E213281487E76694C1C5485432DDC35D01DCE8B8E4D ] LGVMODEM C:\WINDOWS\system32\DRIVERS\lgvmodem.sys
11:55:58.0515 0x06a8 LGVMODEM - ok
11:55:58.0640 0x06a8 [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:55:58.0687 0x06a8 LmHosts - detected UnsignedFile.Multi.Generic ( 1 )
11:56:01.0468 0x06a8 Detect skipped due to KSN trusted
11:56:01.0468 0x06a8 LmHosts - ok
11:56:01.0578 0x06a8 [ 0BEFA983F8B9511EADD6960DD13E9FBF, 7CB0E72F56B02B2D074ED70F591A9730A31A7F0156568506FCEAE3E98546CBE6 ] LPDSVC C:\WINDOWS\system32\tcpsvcs.exe
11:56:01.0640 0x06a8 LPDSVC - detected UnsignedFile.Multi.Generic ( 1 )
11:56:04.0500 0x06a8 Detect skipped due to KSN trusted
11:56:04.0500 0x06a8 LPDSVC - ok
11:56:04.0734 0x06a8 [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:56:04.0796 0x06a8 Messenger - detected UnsignedFile.Multi.Generic ( 1 )
11:56:07.0562 0x06a8 Detect skipped due to KSN trusted
11:56:07.0562 0x06a8 Messenger - ok
11:56:07.0593 0x06a8 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:56:07.0625 0x06a8 mnmdd - detected UnsignedFile.Multi.Generic ( 1 )
11:56:10.0562 0x06a8 Detect skipped due to KSN trusted
11:56:10.0562 0x06a8 mnmdd - ok
11:56:10.0703 0x06a8 [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:56:10.0750 0x06a8 mnmsrvc - detected UnsignedFile.Multi.Generic ( 1 )
11:56:13.0578 0x06a8 Detect skipped due to KSN trusted
11:56:13.0578 0x06a8 mnmsrvc - ok
11:56:13.0625 0x06a8 [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:56:13.0703 0x06a8 Modem - detected UnsignedFile.Multi.Generic ( 1 )
11:56:16.0531 0x06a8 Detect skipped due to KSN trusted
11:56:16.0531 0x06a8 Modem - ok
11:56:16.0578 0x06a8 [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:56:16.0593 0x06a8 Mouclass - detected UnsignedFile.Multi.Generic ( 1 )
11:56:19.0359 0x06a8 Detect skipped due to KSN trusted
11:56:19.0359 0x06a8 Mouclass - ok
11:56:19.0406 0x06a8 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:56:19.0468 0x06a8 MountMgr - detected UnsignedFile.Multi.Generic ( 1 )
11:56:22.0312 0x06a8 Detect skipped due to KSN trusted
11:56:22.0312 0x06a8 MountMgr - ok
11:56:22.0500 0x06a8 [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:56:22.0593 0x06a8 MozillaMaintenance - ok
11:56:22.0656 0x06a8 [ 83EFF7B976AE24F1A496CA94A8A19919, 5E496781069A5BD99DEBC3CA07E0DB03AAF7A377F6CC878FB06D4130D53ACC09 ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
11:56:22.0796 0x06a8 MPE - ok
11:56:22.0828 0x06a8 mraid35x - ok
11:56:22.0953 0x06a8 [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B2C5FC7B6FDBA05 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
11:56:23.0000 0x06a8 MREMP50 - detected UnsignedFile.Multi.Generic ( 1 )
11:56:29.0375 0x06a8 Detect skipped due to KSN trusted
11:56:29.0375 0x06a8 MREMP50 - ok
11:56:29.0437 0x06a8 [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
11:56:29.0515 0x06a8 MRESP50 - detected UnsignedFile.Multi.Generic ( 1 )
11:56:32.0437 0x06a8 Detect skipped due to KSN trusted
11:56:32.0437 0x06a8 MRESP50 - ok
11:56:32.0531 0x06a8 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:56:32.0609 0x06a8 MRxDAV - detected UnsignedFile.Multi.Generic ( 1 )
11:56:35.0343 0x06a8 Detect skipped due to KSN trusted
11:56:35.0343 0x06a8 MRxDAV - ok
11:56:35.0484 0x06a8 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:56:35.0703 0x06a8 MRxSmb - ok
11:56:35.0781 0x06a8 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:56:35.0843 0x06a8 MSDTC - detected UnsignedFile.Multi.Generic ( 1 )
11:56:38.0609 0x06a8 Detect skipped due to KSN trusted
11:56:38.0609 0x06a8 MSDTC - ok
11:56:38.0671 0x06a8 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:56:38.0765 0x06a8 Msfs - detected UnsignedFile.Multi.Generic ( 1 )
11:56:42.0093 0x06a8 Detect skipped due to KSN trusted
11:56:42.0093 0x06a8 Msfs - ok
11:56:42.0250 0x06a8 MSIServer - ok
11:56:42.0343 0x06a8 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:56:42.0390 0x06a8 MSKSSRV - detected UnsignedFile.Multi.Generic ( 1 )
11:56:45.0218 0x06a8 Detect skipped due to KSN trusted
11:56:45.0218 0x06a8 MSKSSRV - ok
11:56:45.0281 0x06a8 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:56:45.0312 0x06a8 MSPCLOCK - detected UnsignedFile.Multi.Generic ( 1 )
11:56:48.0140 0x06a8 Detect skipped due to KSN trusted
11:56:48.0140 0x06a8 MSPCLOCK - ok
11:56:48.0265 0x06a8 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:56:48.0359 0x06a8 MSPQM - detected UnsignedFile.Multi.Generic ( 1 )
11:56:51.0140 0x06a8 Detect skipped due to KSN trusted
11:56:51.0140 0x06a8 MSPQM - ok
11:56:51.0171 0x06a8 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:56:51.0250 0x06a8 mssmbios - detected UnsignedFile.Multi.Generic ( 1 )
11:56:54.0015 0x06a8 Detect skipped due to KSN trusted
11:56:54.0015 0x06a8 mssmbios - ok
11:56:54.0125 0x06a8 [ D5059366B361F0E1124753447AF08AA2, D551D7DF5736847CAF1C7C48470035A4AABC6FB7CF7512DB11C6C9C9898D83ED ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:56:54.0171 0x06a8 MSTEE - ok
11:56:54.0234 0x06a8 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:56:54.0343 0x06a8 Mup - ok
11:56:54.0406 0x06a8 [ AC31B352CE5E92704056D409834BEB74, FB000EA253475ABC5B6938AAA3E7A0405E81D3A282485B7F74EA9A4E77563308 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:56:54.0468 0x06a8 NABTSFEC - ok
11:56:54.0609 0x06a8 [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
11:56:54.0703 0x06a8 napagent - detected UnsignedFile.Multi.Generic ( 1 )
11:56:57.0515 0x06a8 Detect skipped due to KSN trusted
11:56:57.0515 0x06a8 napagent - ok
11:56:57.0593 0x06a8 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:56:57.0718 0x06a8 NDIS - detected UnsignedFile.Multi.Generic ( 1 )
11:57:00.0484 0x06a8 Detect skipped due to KSN trusted
11:57:00.0484 0x06a8 NDIS - ok
11:57:00.0609 0x06a8 [ ABD7629CF2796250F315C1DD0B6CF7A0, E880DA5DDD381ABED5BF2C3B8CB387842301B52EBF29173383D618F5961F36F7 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:57:00.0671 0x06a8 NdisIP - ok
11:57:00.0718 0x06a8 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:57:00.0843 0x06a8 NdisTapi - ok
11:57:00.0921 0x06a8 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:57:01.0000 0x06a8 Ndisuio - detected UnsignedFile.Multi.Generic ( 1 )
11:57:03.0765 0x06a8 Detect skipped due to KSN trusted
11:57:03.0765 0x06a8 Ndisuio - ok
11:57:03.0812 0x06a8 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:57:03.0906 0x06a8 NdisWan - detected UnsignedFile.Multi.Generic ( 1 )
11:57:06.0734 0x06a8 Detect skipped due to KSN trusted
11:57:06.0734 0x06a8 NdisWan - ok
11:57:06.0796 0x06a8 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:57:06.0906 0x06a8 NDProxy - ok
11:57:06.0953 0x06a8 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:57:06.0984 0x06a8 NetBIOS - detected UnsignedFile.Multi.Generic ( 1 )
11:57:09.0796 0x06a8 Detect skipped due to KSN trusted
11:57:09.0796 0x06a8 NetBIOS - ok
11:57:09.0953 0x06a8 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:57:10.0015 0x06a8 NetBT - detected UnsignedFile.Multi.Generic ( 1 )
11:57:12.0781 0x06a8 Detect skipped due to KSN trusted
11:57:12.0781 0x06a8 NetBT - ok
11:57:12.0937 0x06a8 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
11:57:13.0000 0x06a8 NetDDE - detected UnsignedFile.Multi.Generic ( 1 )
11:57:15.0765 0x06a8 Detect skipped due to KSN trusted
11:57:15.0765 0x06a8 NetDDE - ok
11:57:15.0781 0x06a8 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:57:15.0812 0x06a8 NetDDEdsdm - detected UnsignedFile.Multi.Generic ( 1 )
11:57:15.0812 0x06a8 Detect skipped due to KSN trusted
11:57:15.0812 0x06a8 NetDDEdsdm - ok
11:57:15.0906 0x06a8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:57:15.0968 0x06a8 Netlogon - detected UnsignedFile.Multi.Generic ( 1 )
11:57:18.0718 0x06a8 Detect skipped due to KSN trusted
11:57:18.0718 0x06a8 Netlogon - ok
11:57:18.0906 0x06a8 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
11:57:19.0000 0x06a8 Netman - detected UnsignedFile.Multi.Generic ( 1 )
11:57:21.0812 0x06a8 Detect skipped due to KSN trusted
11:57:21.0812 0x06a8 Netman - ok
11:57:21.0968 0x06a8 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:57:22.0031 0x06a8 NetTcpPortSharing - ok
11:57:22.0156 0x06a8 [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
11:57:22.0296 0x06a8 Nla - ok
11:57:22.0390 0x06a8 [ 1E421A6BCF2203CC61B821ADA9DE878B, C658F1D5DCE7525CF929C65C46AB2881C99D89BF8F0F61C1D440C9D9BFB2F89F ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
11:57:22.0437 0x06a8 nm - detected UnsignedFile.Multi.Generic ( 1 )
11:57:25.0234 0x06a8 Detect skipped due to KSN trusted
11:57:25.0234 0x06a8 nm - ok
11:57:25.0359 0x06a8 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:57:25.0421 0x06a8 Npfs - detected UnsignedFile.Multi.Generic ( 1 )
11:57:28.0250 0x06a8 Detect skipped due to KSN trusted
11:57:28.0250 0x06a8 Npfs - ok
11:57:28.0484 0x06a8 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:57:28.0656 0x06a8 Ntfs - detected UnsignedFile.Multi.Generic ( 1 )
11:57:31.0484 0x06a8 Detect skipped due to KSN trusted
11:57:31.0484 0x06a8 Ntfs - ok
11:57:31.0515 0x06a8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:57:31.0656 0x06a8 NtLmSsp - detected UnsignedFile.Multi.Generic ( 1 )
11:57:31.0656 0x06a8 Detect skipped due to KSN trusted
11:57:31.0656 0x06a8 NtLmSsp - ok
11:57:31.0781 0x06a8 [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:57:31.0906 0x06a8 NtmsSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:57:34.0671 0x06a8 Detect skipped due to KSN trusted
11:57:34.0671 0x06a8 NtmsSvc - ok
11:57:34.0703 0x06a8 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
11:57:34.0734 0x06a8 Null - detected UnsignedFile.Multi.Generic ( 1 )
11:57:37.0546 0x06a8 Detect skipped due to KSN trusted
11:57:37.0546 0x06a8 Null - ok
11:57:37.0687 0x06a8 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:57:37.0718 0x06a8 NwlnkFlt - detected UnsignedFile.Multi.Generic ( 1 )
11:57:40.0531 0x06a8 Detect skipped due to KSN trusted
11:57:40.0531 0x06a8 NwlnkFlt - ok
11:57:40.0546 0x06a8 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:57:40.0625 0x06a8 NwlnkFwd - detected UnsignedFile.Multi.Generic ( 1 )
11:57:43.0390 0x06a8 Detect skipped due to KSN trusted
11:57:43.0390 0x06a8 NwlnkFwd - ok
11:57:43.0546 0x06a8 [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
11:57:43.0609 0x06a8 Parport - detected UnsignedFile.Multi.Generic ( 1 )
11:57:46.0437 0x06a8 Detect skipped due to KSN trusted
11:57:46.0437 0x06a8 Parport - ok
11:57:46.0484 0x06a8 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:57:46.0515 0x06a8 PartMgr - detected UnsignedFile.Multi.Generic ( 1 )
11:57:49.0281 0x06a8 Detect skipped due to KSN trusted
11:57:49.0281 0x06a8 PartMgr - ok
11:57:49.0343 0x06a8 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:57:49.0390 0x06a8 ParVdm - detected UnsignedFile.Multi.Generic ( 1 )
11:57:52.0312 0x06a8 Detect skipped due to KSN trusted
11:57:52.0312 0x06a8 ParVdm - ok
11:57:52.0343 0x06a8 [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:57:52.0406 0x06a8 PCI - detected UnsignedFile.Multi.Generic ( 1 )
11:57:55.0187 0x06a8 Detect skipped due to KSN trusted
11:57:55.0187 0x06a8 PCI - ok
11:57:55.0203 0x06a8 PCIDump - ok
11:57:55.0234 0x06a8 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:57:55.0296 0x06a8 PCIIde - detected UnsignedFile.Multi.Generic ( 1 )
11:57:58.0125 0x06a8 Detect skipped due to KSN trusted
11:57:58.0125 0x06a8 PCIIde - ok
11:57:58.0171 0x06a8 [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:57:58.0281 0x06a8 Pcmcia - detected UnsignedFile.Multi.Generic ( 1 )
11:58:01.0046 0x06a8 Detect skipped due to KSN trusted
11:58:01.0046 0x06a8 Pcmcia - ok
11:58:01.0062 0x06a8 PDCOMP - ok
11:58:01.0093 0x06a8 PDFRAME - ok
11:58:01.0109 0x06a8 PDRELI - ok
11:58:01.0140 0x06a8 PDRFRAME - ok
11:58:01.0171 0x06a8 perc2 - ok
11:58:01.0187 0x06a8 perc2hib - ok
11:58:01.0375 0x06a8 [ 2C1EB94C24A6A1D3434481B0A5FA9C08, 2FF74D87B77DF3DC0ACC9425AD0214D80AE36C90D1338AFEAE0B8E8183343830 ] pfc C:\WINDOWS\system32\drivers\pfc.sys
11:58:01.0437 0x06a8 pfc - detected UnsignedFile.Multi.Generic ( 1 )
11:58:06.0812 0x06a8 Detect skipped due to KSN trusted
11:58:06.0812 0x06a8 pfc - ok
11:58:06.0890 0x06a8 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
11:58:06.0953 0x06a8 PlugPlay - detected UnsignedFile.Multi.Generic ( 1 )
11:58:06.0953 0x06a8 Detect skipped due to KSN trusted
11:58:06.0953 0x06a8 PlugPlay - ok
11:58:07.0000 0x06a8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:58:07.0015 0x06a8 PolicyAgent - detected UnsignedFile.Multi.Generic ( 1 )
11:58:07.0015 0x06a8 Detect skipped due to KSN trusted
11:58:07.0015 0x06a8 PolicyAgent - ok
11:58:07.0078 0x06a8 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:58:07.0140 0x06a8 PptpMiniport - detected UnsignedFile.Multi.Generic ( 1 )
11:58:09.0906 0x06a8 Detect skipped due to KSN trusted
11:58:09.0906 0x06a8 PptpMiniport - ok
11:58:09.0953 0x06a8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:58:09.0968 0x06a8 ProtectedStorage - detected UnsignedFile.Multi.Generic ( 1 )
11:58:09.0968 0x06a8 Detect skipped due to KSN trusted
11:58:09.0968 0x06a8 ProtectedStorage - ok
11:58:10.0015 0x06a8 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:58:10.0078 0x06a8 PSched - detected UnsignedFile.Multi.Generic ( 1 )
11:58:14.0265 0x06a8 Detect skipped due to KSN trusted
11:58:14.0265 0x06a8 PSched - ok
11:58:14.0296 0x06a8 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:58:14.0406 0x06a8 Ptilink - detected UnsignedFile.Multi.Generic ( 1 )
11:58:17.0234 0x06a8 Detect skipped due to KSN trusted
11:58:17.0234 0x06a8 Ptilink - ok
11:58:17.0265 0x06a8 ql1080 - ok
11:58:17.0281 0x06a8 Ql10wnt - ok
11:58:17.0312 0x06a8 ql12160 - ok
11:58:17.0328 0x06a8 ql1240 - ok
11:58:17.0359 0x06a8 ql1280 - ok
11:58:17.0406 0x06a8 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:58:17.0421 0x06a8 RasAcd - detected UnsignedFile.Multi.Generic ( 1 )
11:58:20.0203 0x06a8 Detect skipped due to KSN trusted
11:58:20.0203 0x06a8 RasAcd - ok
11:58:20.0343 0x06a8 [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:58:20.0421 0x06a8 RasAuto - detected UnsignedFile.Multi.Generic ( 1 )
11:58:23.0218 0x06a8 Detect skipped due to KSN trusted
11:58:23.0218 0x06a8 RasAuto - ok
11:58:23.0265 0x06a8 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:58:23.0328 0x06a8 Rasl2tp - detected UnsignedFile.Multi.Generic ( 1 )
11:58:26.0078 0x06a8 Detect skipped due to KSN trusted
11:58:26.0078 0x06a8 Rasl2tp - ok
11:58:26.0312 0x06a8 [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:58:26.0421 0x06a8 RasMan - detected UnsignedFile.Multi.Generic ( 1 )
11:58:29.0359 0x06a8 Detect skipped due to KSN trusted
11:58:29.0359 0x06a8 RasMan - ok
11:58:29.0406 0x06a8 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:58:29.0437 0x06a8 RasPppoe - detected UnsignedFile.Multi.Generic ( 1 )
11:58:32.0203 0x06a8 Detect skipped due to KSN trusted
11:58:32.0203 0x06a8 RasPppoe - ok
11:58:32.0234 0x06a8 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:58:32.0390 0x06a8 Raspti - detected UnsignedFile.Multi.Generic ( 1 )
11:58:35.0140 0x06a8 Detect skipped due to KSN trusted
11:58:35.0140 0x06a8 Raspti - ok
11:58:35.0203 0x06a8 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:58:35.0281 0x06a8 Rdbss - detected UnsignedFile.Multi.Generic ( 1 )
11:58:38.0046 0x06a8 Detect skipped due to KSN trusted
11:58:38.0046 0x06a8 Rdbss - ok
11:58:38.0093 0x06a8 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:58:38.0156 0x06a8 RDPCDD - detected UnsignedFile.Multi.Generic ( 1 )
11:58:40.0906 0x06a8 Detect skipped due to KSN trusted
11:58:40.0906 0x06a8 RDPCDD - ok
11:58:41.0000 0x06a8 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:58:41.0109 0x06a8 RDPWD - ok
11:58:41.0203 0x06a8 [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:58:41.0312 0x06a8 RDSessMgr - detected UnsignedFile.Multi.Generic ( 1 )
11:58:44.0156 0x06a8 Detect skipped due to KSN trusted
11:58:44.0156 0x06a8 RDSessMgr - ok
11:58:44.0281 0x06a8 [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:58:44.0343 0x06a8 redbook - detected UnsignedFile.Multi.Generic ( 1 )
11:58:47.0125 0x06a8 Detect skipped due to KSN trusted
11:58:47.0125 0x06a8 redbook - ok
11:58:47.0296 0x06a8 [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:58:47.0359 0x06a8 RemoteAccess - detected UnsignedFile.Multi.Generic ( 1 )
11:58:50.0281 0x06a8 Detect skipped due to KSN trusted
11:58:50.0281 0x06a8 RemoteAccess - ok
11:58:50.0468 0x06a8 [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
11:58:50.0546 0x06a8 RpcLocator - detected UnsignedFile.Multi.Generic ( 1 )
11:59:00.0640 0x06a8 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
11:59:05.0437 0x06a8 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\System32\rpcss.dll
11:59:05.0562 0x06a8 RpcSs - detected UnsignedFile.Multi.Generic ( 1 )
11:59:05.0562 0x06a8 Detect skipped due to KSN trusted
11:59:05.0562 0x06a8 RpcSs - ok
11:59:05.0625 0x06a8 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:59:05.0734 0x06a8 RSVP - detected UnsignedFile.Multi.Generic ( 1 )
11:59:08.0562 0x06a8 Detect skipped due to KSN trusted
11:59:08.0562 0x06a8 RSVP - ok
11:59:08.0687 0x06a8 [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
11:59:08.0718 0x06a8 rtl8139 - detected UnsignedFile.Multi.Generic ( 1 )
11:59:11.0484 0x06a8 Detect skipped due to KSN trusted
11:59:11.0484 0x06a8 rtl8139 - ok
11:59:11.0609 0x06a8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
11:59:11.0640 0x06a8 SamSs - detected UnsignedFile.Multi.Generic ( 1 )
11:59:11.0640 0x06a8 Detect skipped due to KSN trusted
11:59:11.0640 0x06a8 SamSs - ok
11:59:11.0765 0x06a8 [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:59:11.0812 0x06a8 SASDIFSV - ok
11:59:11.0828 0x06a8 [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:59:11.0890 0x06a8 SASKUTIL - ok
11:59:12.0000 0x06a8 [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:59:12.0046 0x06a8 SCardSvr - detected UnsignedFile.Multi.Generic ( 1 )
11:59:14.0859 0x06a8 Detect skipped due to KSN trusted
11:59:14.0859 0x06a8 SCardSvr - ok
11:59:15.0046 0x06a8 [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:59:15.0109 0x06a8 Schedule - detected UnsignedFile.Multi.Generic ( 1 )
11:59:17.0890 0x06a8 Detect skipped due to KSN trusted
11:59:17.0890 0x06a8 Schedule - ok
11:59:17.0937 0x06a8 [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0D007E33BF1F502 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
11:59:17.0968 0x06a8 sdbus - detected UnsignedFile.Multi.Generic ( 1 )
11:59:20.0812 0x06a8 Detect skipped due to KSN trusted
11:59:20.0812 0x06a8 sdbus - ok
11:59:20.0953 0x06a8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:59:21.0015 0x06a8 Secdrv - detected UnsignedFile.Multi.Generic ( 1 )
11:59:23.0828 0x06a8 Detect skipped due to KSN trusted
11:59:23.0828 0x06a8 Secdrv - ok
11:59:23.0937 0x06a8 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:59:23.0968 0x06a8 seclogon - detected UnsignedFile.Multi.Generic ( 1 )
11:59:26.0750 0x06a8 Detect skipped due to KSN trusted
11:59:26.0750 0x06a8 seclogon - ok
11:59:26.0812 0x06a8 [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
11:59:26.0937 0x06a8 SENS - detected UnsignedFile.Multi.Generic ( 1 )
11:59:29.0703 0x06a8 Detect skipped due to KSN trusted
11:59:29.0703 0x06a8 SENS - ok
11:59:29.0843 0x06a8 [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\drivers\Serial.sys
11:59:29.0875 0x06a8 Serial - detected UnsignedFile.Multi.Generic ( 1 )
11:59:32.0687 0x06a8 Detect skipped due to KSN trusted
11:59:32.0687 0x06a8 Serial - ok
11:59:32.0843 0x06a8 [ 4C0D673281178CB496011A2E28571FC8, 14CFB50F3EA987C4485475B2E5EC85C137949911495245F29FE64723C909C9E8 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
11:59:32.0875 0x06a8 sfdrv01 - detected UnsignedFile.Multi.Generic ( 1 )
11:59:35.0640 0x06a8 Detect skipped due to KSN trusted
11:59:35.0640 0x06a8 sfdrv01 - ok
11:59:35.0796 0x06a8 [ 15BE2B5E4DC5B8623CF167720682ABC9, FAECDC0DCB6EACE8130B278E2FB84B9523AB10329A00B24043B9C76867B917F0 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
11:59:35.0875 0x06a8 sfhlp02 - detected UnsignedFile.Multi.Generic ( 1 )
11:59:38.0703 0x06a8 Detect skipped due to KSN trusted
11:59:38.0703 0x06a8 sfhlp02 - ok
11:59:38.0750 0x06a8 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:59:38.0796 0x06a8 Sfloppy - detected UnsignedFile.Multi.Generic ( 1 )
11:59:41.0546 0x06a8 Detect skipped due to KSN trusted
11:59:41.0546 0x06a8 Sfloppy - ok
11:59:41.0578 0x06a8 [ D5A7E09D2C6A702809E49190D52ADC9F, 7B3226A7C8C954A04B4543AFAA3079AA9A306E00CBD81346F952B40804608A87 ] sfvfs02 C:\WINDOWS\system32\drivers\sfvfs02.sys
11:59:41.0609 0x06a8 sfvfs02 - detected UnsignedFile.Multi.Generic ( 1 )
11:59:44.0359 0x06a8 Detect skipped due to KSN trusted
11:59:44.0359 0x06a8 sfvfs02 - ok
11:59:44.0546 0x06a8 [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:59:44.0718 0x06a8 SharedAccess - detected UnsignedFile.Multi.Generic ( 1 )
11:59:47.0484 0x06a8 Detect skipped due to KSN trusted
11:59:47.0484 0x06a8 SharedAccess - ok
11:59:47.0562 0x06a8 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:59:47.0656 0x06a8 ShellHWDetection - ok
11:59:47.0671 0x06a8 Simbad - ok
11:59:47.0781 0x06a8 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1, 96CC96EEBAAD2782D8143DB2B8889E9249C89DFB90875412E5F105C0FFB3C728 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:59:47.0875 0x06a8 SLIP - ok
11:59:47.0937 0x06a8 [ 442D891CF7CB138F185FB2A1161C8AF9, F85B1C1F7EEA35082C61A35D6066EF6EE9B20FDC9A231F265AC02799CF0FDECD ] SNMP C:\WINDOWS\System32\snmp.exe
11:59:48.0031 0x06a8 SNMP - detected UnsignedFile.Multi.Generic ( 1 )
11:59:50.0796 0x06a8 Detect skipped due to KSN trusted
11:59:50.0796 0x06a8 SNMP - ok
11:59:50.0906 0x06a8 [ 4296E52A9D3CA6DCD1CF57E8BCA45AB7, FEA48A052206B1A09EA1041182A4A03532CBD3332BCE283014D5EBADFE1B936B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
11:59:50.0953 0x06a8 SNMPTRAP - detected UnsignedFile.Multi.Generic ( 1 )
11:59:53.0859 0x06a8 Detect skipped due to KSN trusted
11:59:53.0859 0x06a8 SNMPTRAP - ok
11:59:53.0890 0x06a8 Sparrow - ok
11:59:54.0062 0x06a8 speccy - ok
11:59:54.0109 0x06a8 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:59:54.0140 0x06a8 splitter - detected UnsignedFile.Multi.Generic ( 1 )
11:59:56.0968 0x06a8 Detect skipped due to KSN trusted
11:59:56.0968 0x06a8 splitter - ok
11:59:57.0015 0x06a8 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:59:57.0109 0x06a8 Spooler - ok
11:59:57.0187 0x06a8 [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:59:57.0250 0x06a8 sr - detected UnsignedFile.Multi.Generic ( 1 )
12:00:00.0031 0x06a8 Detect skipped due to KSN trusted
12:00:00.0031 0x06a8 sr - ok
12:00:00.0171 0x06a8 [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
12:00:00.0312 0x06a8 srservice - detected UnsignedFile.Multi.Generic ( 1 )
12:00:03.0140 0x06a8 Detect skipped due to KSN trusted
12:00:03.0140 0x06a8 srservice - ok
12:00:03.0250 0x06a8 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:00:03.0437 0x06a8 Srv - ok
12:00:03.0562 0x06a8 [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:00:03.0625 0x06a8 SSDPSRV - detected UnsignedFile.Multi.Generic ( 1 )
12:00:06.0390 0x06a8 Detect skipped due to KSN trusted
12:00:06.0390 0x06a8 SSDPSRV - ok
12:00:06.0921 0x06a8 [ E855AC5D4B09F651CE96415C557FF92D, 9A7D8C0586CD4034CEBC1A676484C0C52F17F431346C0632D2FE4EB44EB297B0 ] ssinstall C:\WINDOWS\System32\ssins.exe
12:00:07.0390 0x06a8 ssinstall - ok
12:00:07.0546 0x06a8 [ 06CDA2A5A549BC455D004461E6BC5B33, 9731AEBB98B40F610113BE1989F85CE5805D9C3840A0E22B1F30883A6349CFED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
12:00:07.0640 0x06a8 StillCam - detected UnsignedFile.Multi.Generic ( 1 )
12:00:10.0390 0x06a8 Detect skipped due to KSN trusted
12:00:10.0390 0x06a8 StillCam - ok
12:00:10.0640 0x06a8 [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:00:10.0765 0x06a8 stisvc - detected UnsignedFile.Multi.Generic ( 1 )
12:00:13.0468 0x06a8 Detect skipped due to KSN trusted
12:00:13.0468 0x06a8 stisvc - ok
12:00:13.0546 0x06a8 [ A9F9FD0212E572B84EDB9EB661F6BC04, A06E4A105327FC76CF4697278D8144E83CAD89FA4719FBE3F4C32F6027D802FD ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:00:13.0625 0x06a8 streamip - ok
12:00:13.0671 0x06a8 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:00:13.0703 0x06a8 swenum - detected UnsignedFile.Multi.Generic ( 1 )
12:00:16.0484 0x06a8 Detect skipped due to KSN trusted
12:00:16.0484 0x06a8 swenum - ok
12:00:16.0562 0x06a8 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:00:16.0640 0x06a8 swmidi - detected UnsignedFile.Multi.Generic ( 1 )
12:00:19.0468 0x06a8 Detect skipped due to KSN trusted
12:00:19.0468 0x06a8 swmidi - ok
12:00:19.0515 0x06a8 SwPrv - ok
12:00:19.0562 0x06a8 symc810 - ok
12:00:19.0578 0x06a8 symc8xx - ok
12:00:19.0609 0x06a8 sym_hi - ok
12:00:19.0625 0x06a8 sym_u3 - ok
12:00:19.0687 0x06a8 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:00:19.0750 0x06a8 sysaudio - detected UnsignedFile.Multi.Generic ( 1 )
12:00:22.0531 0x06a8 Detect skipped due to KSN trusted
12:00:22.0531 0x06a8 sysaudio - ok
12:00:22.0640 0x06a8 [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:00:22.0703 0x06a8 SysmonLog - detected UnsignedFile.Multi.Generic ( 1 )
12:00:25.0484 0x06a8 Detect skipped due to KSN trusted
12:00:25.0484 0x06a8 SysmonLog - ok
12:00:25.0640 0x06a8 [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:00:25.0750 0x06a8 TapiSrv - detected UnsignedFile.Multi.Generic ( 1 )
12:00:28.0578 0x06a8 Detect skipped due to KSN trusted
12:00:28.0578 0x06a8 TapiSrv - ok
12:00:28.0781 0x06a8 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:00:29.0000 0x06a8 Tcpip - ok
12:00:29.0062 0x06a8 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:00:29.0109 0x06a8 TDPIPE - detected UnsignedFile.Multi.Generic ( 1 )
12:00:31.0843 0x06a8 Detect skipped due to KSN trusted
12:00:31.0843 0x06a8 TDPIPE - ok
12:00:31.0890 0x06a8 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:00:32.0000 0x06a8 TDTCP - detected UnsignedFile.Multi.Generic ( 1 )
12:00:34.0781 0x06a8 Detect skipped due to KSN trusted
12:00:34.0781 0x06a8 TDTCP - ok
12:00:34.0906 0x06a8 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:00:34.0937 0x06a8 TermDD - detected UnsignedFile.Multi.Generic ( 1 )
12:00:37.0765 0x06a8 Detect skipped due to KSN trusted
12:00:37.0765 0x06a8 TermDD - ok
12:00:37.0984 0x06a8 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
12:00:38.0046 0x06a8 TermService - detected UnsignedFile.Multi.Generic ( 1 )
12:00:40.0968 0x06a8 Detect skipped due to KSN trusted
12:00:40.0968 0x06a8 TermService - ok
12:00:41.0046 0x06a8 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
12:00:41.0125 0x06a8 Themes - ok
12:00:41.0156 0x06a8 TosIde - ok
12:00:41.0265 0x06a8 [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:00:41.0343 0x06a8 TrkWks - detected UnsignedFile.Multi.Generic ( 1 )
12:00:44.0109 0x06a8 Detect skipped due to KSN trusted
12:00:44.0109 0x06a8 TrkWks - ok
12:00:44.0234 0x06a8 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:00:44.0265 0x06a8 Udfs - detected UnsignedFile.Multi.Generic ( 1 )
12:00:47.0046 0x06a8 Detect skipped due to KSN trusted
12:00:47.0046 0x06a8 Udfs - ok
12:00:47.0078 0x06a8 ultra - ok
12:00:47.0281 0x06a8 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:00:47.0437 0x06a8 Update - detected UnsignedFile.Multi.Generic ( 1 )
12:00:51.0796 0x06a8 Detect skipped due to KSN trusted
12:00:51.0796 0x06a8 Update - ok
12:00:51.0937 0x06a8 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:00:52.0031 0x06a8 upnphost - detected UnsignedFile.Multi.Generic ( 1 )
12:00:56.0625 0x06a8 Detect skipped due to KSN trusted
12:00:56.0625 0x06a8 upnphost - ok
12:00:56.0703 0x06a8 [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
12:00:56.0765 0x06a8 UPS - detected UnsignedFile.Multi.Generic ( 1 )
12:01:00.0921 0x06a8 Detect skipped due to KSN trusted
12:01:00.0921 0x06a8 UPS - ok
12:01:01.0015 0x06a8 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:01:01.0062 0x06a8 usbccgp - detected UnsignedFile.Multi.Generic ( 1 )
12:01:04.0234 0x06a8 Detect skipped due to KSN trusted
12:01:04.0234 0x06a8 usbccgp - ok
12:01:04.0359 0x06a8 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:01:04.0421 0x06a8 usbehci - detected UnsignedFile.Multi.Generic ( 1 )
12:01:07.0359 0x06a8 Detect skipped due to KSN trusted
12:01:07.0359 0x06a8 usbehci - ok
12:01:07.0484 0x06a8 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:01:07.0531 0x06a8 usbhub - detected UnsignedFile.Multi.Generic ( 1 )
12:01:10.0296 0x06a8 Detect skipped due to KSN trusted
12:01:10.0296 0x06a8 usbhub - ok
12:01:10.0343 0x06a8 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
12:01:10.0406 0x06a8 usbohci - detected UnsignedFile.Multi.Generic ( 1 )
12:01:13.0171 0x06a8 Detect skipped due to KSN trusted
12:01:13.0171 0x06a8 usbohci - ok
12:01:13.0296 0x06a8 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:01:13.0359 0x06a8 usbprint - detected UnsignedFile.Multi.Generic ( 1 )
12:01:16.0187 0x06a8 Detect skipped due to KSN trusted
12:01:16.0187 0x06a8 usbprint - ok
12:01:16.0250 0x06a8 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:01:16.0265 0x06a8 usbscan - detected UnsignedFile.Multi.Generic ( 1 )
12:01:19.0093 0x06a8 Detect skipped due to KSN trusted
12:01:19.0093 0x06a8 usbscan - ok
12:01:19.0234 0x06a8 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:01:19.0312 0x06a8 usbstor - detected UnsignedFile.Multi.Generic ( 1 )
12:01:22.0156 0x06a8 Detect skipped due to KSN trusted
12:01:22.0156 0x06a8 usbstor - ok
12:01:22.0187 0x06a8 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:01:22.0234 0x06a8 VgaSave - detected UnsignedFile.Multi.Generic ( 1 )
12:01:25.0046 0x06a8 Detect skipped due to KSN trusted
12:01:25.0046 0x06a8 VgaSave - ok
12:01:25.0078 0x06a8 ViaIde - ok
12:01:25.0109 0x06a8 [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:01:25.0187 0x06a8 VolSnap - detected UnsignedFile.Multi.Generic ( 1 )
12:01:27.0953 0x06a8 Detect skipped due to KSN trusted
12:01:27.0953 0x06a8 VolSnap - ok
12:01:28.0062 0x06a8 [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
12:01:28.0156 0x06a8 VSS - detected UnsignedFile.Multi.Generic ( 1 )
12:01:30.0921 0x06a8 Detect skipped due to KSN trusted
12:01:30.0921 0x06a8 VSS - ok
12:01:35.0828 0x06a8 [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
12:01:36.0093 0x06a8 W32Time - detected UnsignedFile.Multi.Generic ( 1 )
12:01:41.0437 0x06a8 Detect skipped due to KSN trusted
12:01:41.0437 0x06a8 W32Time - ok
12:01:41.0500 0x06a8 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:01:41.0562 0x06a8 Wanarp - detected UnsignedFile.Multi.Generic ( 1 )
12:01:44.0375 0x06a8 Detect skipped due to KSN trusted
12:01:44.0375 0x06a8 Wanarp - ok
12:01:48.0515 0x06a8 [ FD47474BD21794508AF449D9D91AF6E6, 2AD586390824F673B5DC5D86FC2423ED9252413D221E1C7EC3A760782DB6436A ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:01:48.0734 0x06a8 Wdf01000 - ok
12:01:48.0750 0x06a8 WDICA - ok
12:01:48.0843 0x06a8 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:01:48.0953 0x06a8 wdmaud - detected UnsignedFile.Multi.Generic ( 1 )
12:01:51.0781 0x06a8 Detect skipped due to KSN trusted
12:01:51.0781 0x06a8 wdmaud - ok
12:01:52.0281 0x06a8 [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:01:52.0468 0x06a8 WebClient - detected UnsignedFile.Multi.Generic ( 1 )
12:01:55.0234 0x06a8 Detect skipped due to KSN trusted
12:01:55.0234 0x06a8 WebClient - ok
12:01:55.0343 0x06a8 [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:01:55.0421 0x06a8 winmgmt - detected UnsignedFile.Multi.Generic ( 1 )
12:01:58.0234 0x06a8 Detect skipped due to KSN trusted
12:01:58.0234 0x06a8 winmgmt - ok
12:01:58.0296 0x06a8 [ 6199B2AE3F9DB9CB6DB230471A1DC601, E66C788C3E46AAC2ABB76F6E55E912EB28CF3D4C3D74FE6E85A6FABB7F22A5C9 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:01:58.0343 0x06a8 WmdmPmSN - detected UnsignedFile.Multi.Generic ( 1 )
12:02:01.0187 0x06a8 Detect skipped due to KSN trusted
12:02:01.0187 0x06a8 WmdmPmSN - ok
12:02:01.0234 0x06a8 [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:02:01.0281 0x06a8 WmiApSrv - detected UnsignedFile.Multi.Generic ( 1 )
12:02:04.0187 0x06a8 Detect skipped due to KSN trusted
12:02:04.0187 0x06a8 WmiApSrv - ok
12:02:04.0203 0x06a8 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:02:04.0265 0x06a8 WS2IFSL - detected UnsignedFile.Multi.Generic ( 1 )
12:02:07.0062 0x06a8 Detect skipped due to KSN trusted
12:02:07.0062 0x06a8 WS2IFSL - ok
12:02:07.0093 0x06a8 [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:02:07.0156 0x06a8 wscsvc - detected UnsignedFile.Multi.Generic ( 1 )
12:02:10.0203 0x06a8 Detect skipped due to KSN trusted
12:02:10.0203 0x06a8 wscsvc - ok
12:02:10.0250 0x06a8 [ 233CDD1C06942115802EB7CE6669E099, 68348CDFE255471191F8EE5B522174C8B9BED9162359EC180076E19DD78005B7 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:02:10.0343 0x06a8 WSTCODEC - ok
12:02:10.0390 0x06a8 [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:02:10.0468 0x06a8 wuauserv - detected UnsignedFile.Multi.Generic ( 1 )
12:02:13.0250 0x06a8 Detect skipped due to KSN trusted
12:02:13.0250 0x06a8 wuauserv - ok
12:02:13.0390 0x06a8 [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:02:13.0562 0x06a8 WZCSVC - detected UnsignedFile.Multi.Generic ( 1 )
12:02:16.0312 0x06a8 Detect skipped due to KSN trusted
12:02:16.0312 0x06a8 WZCSVC - ok
12:02:16.0468 0x06a8 [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:02:16.0546 0x06a8 xmlprov - detected UnsignedFile.Multi.Generic ( 1 )
12:02:19.0562 0x06a8 Detect skipped due to KSN trusted
12:02:19.0562 0x06a8 xmlprov - ok
12:02:19.0734 0x06a8 [ 06FE5FCE3F4DA7A4AA8D2693823C8CDC, 1F934F23A986569B6AB79890C0E3D49E5111701369BBA8C6029BF424C9643EEE ] ZD1211BU(ASUS) C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
12:02:19.0906 0x06a8 ZD1211BU(ASUS) - detected UnsignedFile.Multi.Generic ( 1 )
12:02:22.0718 0x06a8 Detect skipped due to KSN trusted
12:02:22.0718 0x06a8 ZD1211BU(ASUS) - ok
12:02:22.0734 0x06a8 ================ Scan global ===============================
12:02:22.0906 0x06a8 [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
12:02:22.0984 0x06a8 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
12:02:23.0062 0x06a8 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
12:02:23.0109 0x06a8 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
12:02:23.0125 0x06a8 [ Global ] - ok
12:02:23.0125 0x06a8 ================ Scan MBR ==================================
12:02:23.0140 0x06a8 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
12:02:23.0406 0x06a8 \Device\Harddisk0\DR0 - ok
12:02:23.0406 0x06a8 ================ Scan VBR ==================================
12:02:23.0406 0x06a8 [ FB440463D9AEE63CC282C2A89680C028 ] \Device\Harddisk0\DR0\Partition1
12:02:23.0421 0x06a8 \Device\Harddisk0\DR0\Partition1 - ok
12:02:23.0421 0x06a8 ================ Scan generic autorun ======================
12:02:26.0578 0x06a8 [ EABE00B18DCBEAB7D5B3823FD371F008, 55E7520A1288A45D593FC1BDD5E477F8055419E3394D1B56BBD8D8060C6EA091 ] C:\WINDOWS\RTHDCPL.EXE
12:02:29.0031 0x06a8 RTHDCPL - ok
12:02:29.0578 0x06a8 [ 64C7F9F08B39DD45AC09D6A3998C47F3, BFA6D1E5197215B7EEC6CEB42C2209C262DC2D3AF0246899B68045605B249AB1 ] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
12:02:30.0062 0x06a8 Control Center - detected UnsignedFile.Multi.Generic ( 1 )
12:02:32.0875 0x06a8 Detect skipped due to KSN trusted
12:02:32.0875 0x06a8 Control Center - ok
12:02:34.0000 0x06a8 [ 312C7978F0A42DB0475CE31D884DCE88, 53DBEF2473F39754BB1BC352DB9A32607FD3A2E2DC5E7AA6AE821CABEC00CCD1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
12:02:34.0937 0x06a8 AvastUI.exe - ok
12:02:35.0093 0x06a8 [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\ctfmon.exe
12:02:35.0171 0x06a8 ctfmon.exe - detected UnsignedFile.Multi.Generic ( 1 )
12:02:37.0984 0x06a8 Detect skipped due to KSN trusted
12:02:37.0984 0x06a8 ctfmon.exe - ok
12:02:37.0984 0x06a8 [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\ctfmon.exe
12:02:38.0031 0x06a8 ctfmon.exe - detected UnsignedFile.Multi.Generic ( 1 )
12:02:38.0031 0x06a8 Detect skipped due to KSN trusted
12:02:38.0031 0x06a8 ctfmon.exe - ok
12:02:39.0406 0x06a8 [ EEE55F88D83E97DD51B8E3231AC1004F, 3EB7C2BB2F5EC23B80AC4814FDC79595CE24895E0E2648674E34DA89B9C688CC ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
12:02:40.0406 0x06a8 SUPERAntiSpyware - ok
12:02:40.0625 0x06a8 FlashPlayerUpdate - ok
12:02:40.0734 0x06a8 [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\CTFMON.EXE
12:02:40.0781 0x06a8 CTFMON.EXE - detected UnsignedFile.Multi.Generic ( 1 )
12:02:40.0781 0x06a8 Detect skipped due to KSN trusted
12:02:40.0781 0x06a8 CTFMON.EXE - ok
12:02:40.0781 0x06a8 Waiting for KSN requests completion. In queue: 1
12:02:41.0796 0x06a8 Waiting for KSN requests completion. In queue: 1
12:02:42.0796 0x06a8 Waiting for KSN requests completion. In queue: 1
12:02:44.0656 0x06a8 AV detected via SS1: avast! Antivirus, 5.0.167774368, enabled, updated
12:02:44.0656 0x06a8 FW detected via SS1: avast! Antivirus, 5.0.167774368, disabled
12:02:44.0671 0x06a8 Win FW state via NFM: enabled
12:02:47.0468 0x06a8 ============================================================
12:02:47.0468 0x06a8 Scan finished
12:02:47.0468 0x06a8 ============================================================
12:02:47.0703 0x037c Detected object count: 1
12:02:47.0703 0x037c Actual detected object count: 1
12:04:17.0265 0x037c RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
12:04:17.0265 0x037c RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip

[altrok]

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

[agata]

PC se seká