VIRY.CZ

Plocha ale nemuze byt ve slozce c:\users\Jakub\Downloads\Desktop\ComboFix.exe

A kam to mám tedy vložit ? Prostě sem to dal na plochu, to je to co se mi spustí při startu počítače, kde mám Tento počítač, Koš atd atd ne ?

Pokud to tak precejen nejak mate, coz jsem teda jeste nevidel, tak presunte ComboFix i CFScript primo na disk C. A pretahnete ten CFScript nad CF a pustte. Melo by se to spustit

Asi sem blbej ale nejde mi to přetáhnout nad to. Je to poskládaný podle abecedy. Nahoře je poznámkový blok, pod tím složky a až pod nima ten CF. .Nejde s tím hnout. Co stím ?

Už sem na to přišel prostě sem dal uspořádání podle datumu změny a přesunul prvně blok a pak program.

Hotovo, proběhl restart a zde je log :

ComboFix 14-04-20.01 - Jakub 21.04.2014 14:20:57.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2943.1617 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Nakažená kopie c:\windows\system32\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache\userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-21 do 2014-04-21 )))))))))))))))))))))))))))))))
.
.
2014-04-21 12:27 . 2014-04-21 12:27 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-04-21 12:27 . 2014-04-21 12:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-20 22:46 . 2014-04-20 22:47 -------- d-----w- C:\AdwCleaner
2014-04-20 22:04 . 2014-04-20 22:14 -------- d-----w- c:\program files\trend micro
2014-04-20 22:04 . 2014-04-20 22:13 -------- d-----w- C:\rsit
2014-04-20 21:07 . 2014-04-16 09:25 8050496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\mpengine.dll
2014-04-20 21:01 . 2014-04-20 22:38 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-20 21:01 . 2014-04-03 07:51 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-20 21:00 . 2014-04-20 21:01 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-04-20 21:00 . 2014-04-20 21:00 -------- d-----w- c:\programdata\Malwarebytes
2014-04-20 21:00 . 2014-04-03 07:51 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-20 21:00 . 2014-04-03 07:50 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-20 20:50 . 2014-04-20 20:50 -------- d-----w- C:\_OTM
2014-04-19 11:59 . 2014-04-11 10:07 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-19 11:59 . 2014-04-11 10:07 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F829B361-5A45-43BA-89E0-EC159E000F72}\gapaengine.dll
2014-04-19 11:58 . 2014-04-16 09:25 8050496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-19 11:12 . 2014-04-19 11:38 -------- d-----w- c:\users\Jakub\AppData\Local\Razer
2014-04-19 11:11 . 2014-04-19 11:38 -------- d-----w- c:\program files\Razer
2014-04-19 11:11 . 2014-04-19 11:38 -------- d-----w- c:\programdata\Razer
2014-04-13 17:48 . 2014-04-13 17:48 -------- d-----w- c:\users\Jakub\AppData\Roaming\Hive Cluster
2014-04-13 12:07 . 2014-04-13 12:07 -------- d-----w- c:\program files\The Binding of Isaac
2014-04-11 10:02 . 2014-04-11 10:03 -------- d-----w- c:\program files\Microsoft Security Client
2014-04-11 08:15 . 2014-03-07 04:35 7969936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C78EF8CF-C5A2-47D5-B4EE-1342D6155711}\mpengine.dll
2014-04-09 20:52 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-09 20:52 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-09 20:52 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-09 20:52 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-09 20:52 . 2014-01-24 02:18 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-09 18:13 . 2014-04-09 18:13 -------- d-----w- c:\program files\BestGameEver
2014-03-31 19:16 . 2014-03-31 19:16 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-03-31 16:33 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2014-03-31 16:33 . 2009-02-27 01:42 31640 ----a-w- c:\windows\system32\msonpmon.dll
2014-03-31 16:30 . 2014-03-31 19:17 -------- d-----w- c:\program files\Microsoft Works
2014-03-31 16:22 . 2014-03-31 16:22 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2014-03-31 16:21 . 2014-03-31 16:21 -------- d-----w- c:\users\Jakub\AppData\Local\Microsoft Help
2014-03-31 16:20 . 2014-04-10 01:04 -------- d-----w- c:\programdata\Microsoft Help
2014-03-31 16:19 . 2014-03-31 16:19 -------- d-----r- C:\MSOCache
2014-03-31 15:44 . 2014-03-31 15:44 -------- d-----w- c:\program files\DAEMON Tools Lite
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-31 15:45 . 2010-04-23 16:40 320120 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-03-11 23:24 . 2014-03-01 11:18 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-11 23:24 . 2013-08-23 00:15 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 07:52 . 2014-03-11 07:52 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-02-17 12:41 . 2013-07-08 09:01 24384 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2014-02-07 01:07 . 2014-03-12 11:21 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04 . 2014-03-12 11:21 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 11:23 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06 . 2014-03-12 11:21 381440 ----a-w- c:\windows\system32\wer.dll
2014-01-28 02:07 . 2014-03-12 11:22 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-01-24 23:19 . 2014-01-24 23:19 231960 ----a-w- c:\windows\system32\drivers\MpFilter.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-21 18:19 222832 ---ha-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-21 18:19 222832 ---ha-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-21 18:19 222832 ---ha-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"="c:\users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"MKLOL"="c:\program files\MKJogo\MKLOL\MK.exe" [2014-04-18 1107144]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 1486848]
"Printsrv"="c:\windows\System32\Printing_Admin_Scripts\en-US\driverupd.vbs" [2013-12-04 559]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstall ... er=9.0.872" [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"UVS10 Preload"=c:\program files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
.
R1 MpKsldb75f26c;MpKsldb75f26c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsldb75f26c.sys [2014-04-20 39464]
R2 gupdate1cac9dd563a9e30;Služba Google Update (gupdate1cac9dd563a9e30);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-22 133104]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
R2 RzKLService;RzKLService;c:\program files\Razer\Razer Game Booster\RzKLService.exe [x]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-07-12 11136]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-05-21 13224]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena Plus\Room\safedrv.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-07-12 89856]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2011-07-12 26624]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [2011-07-12 182272]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-04-14 108032]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-28 25112]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys [2008-12-08 7680]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-11-23 14848]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 100224]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-11-23 49664]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-07 1343400]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2008-12-08 110080]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608]
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2009-12-22 95568]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-12-22 217088]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [2010-03-09 1501696]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2009-12-22 18136]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-08-17 1077760]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-09 22:36 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-22 16:32]
.
2014-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf48cd20c95a20.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-22 16:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{193D7CE4-0F3E-4A7A-A4E1-D365391AA1A9}: NameServer = 217.77.165.81 217.77.161.131
TCP: Interfaces\{C41D5A94-13E6-4703-B67A-62416F999917}: NameServer = 217.77.165.81 217.77.161.131
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\AUDIODG.EXE
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-04-21 14:33:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-21 12:33
ComboFix2.txt 2014-04-21 11:00
ComboFix3.txt 2014-04-21 10:27
.
Před spuštěním: Volných bajtů: 491 047 383 040
Po spuštění: Volných bajtů: 491 004 329 984
.
- - End Of File - - BC863EDEE419E052269A6565B62238E3
A36C5E4F47E84449FF07ED3517B43A31

Restart sice probehl, ale CF stejne nemazal to, co jsem mu zadal. Cili nekde je chyba. Bud delate neco spatne, nebo mu neco brani. Krom toho je tam problem se systemovym souborem, ktery byl uz podruhe infikovany.


Postupujte podle navodu kolegy

vyosek píše: Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V okne Additional Option zakliknete vsechny moznosti
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

Postupujte podle navodu kolegy

vyosek píše: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Ulozte nejlepe na Plochu a rozbalte
• Spustte kliknutim na mbar
• Nyni postupne kliknete na Next a Update
• Po dokonceni update (aktualizace) databaze kliknete opet na Next
• Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
• Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
• Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
• Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
• PC bude restartovan
• Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Zde je log z TDSSKiller :

14:45:27.0079 3408 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:45:36.0298 3408 ============================================================
14:45:36.0298 3408 Current date / time: 2014/04/21 14:45:36.0298
14:45:36.0298 3408 SystemInfo:
14:45:36.0298 3408
14:45:36.0298 3408 OS Version: 6.1.7601 ServicePack: 1.0
14:45:36.0298 3408 Product type: Workstation
14:45:36.0298 3408 ComputerName: JAKUB-PC
14:45:36.0298 3408 UserName: Jakub
14:45:36.0298 3408 Windows directory: C:\Windows
14:45:36.0298 3408 System windows directory: C:\Windows
14:45:36.0298 3408 Processor architecture: Intel x86
14:45:36.0298 3408 Number of processors: 2
14:45:36.0298 3408 Page size: 0x1000
14:45:36.0298 3408 Boot type: Normal boot
14:45:36.0298 3408 ============================================================
14:45:37.0191 3408 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:45:37.0192 3408 ============================================================
14:45:37.0192 3408 \Device\Harddisk0\DR0:
14:45:37.0193 3408 MBR partitions:
14:45:37.0193 3408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x10D800
14:45:37.0193 3408 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10E000, BlocksNum 0x4A749800
14:45:37.0193 3408 ============================================================
14:45:37.0218 3408 C: <-> \Device\Harddisk0\DR0\Partition2
14:45:37.0218 3408 ============================================================
14:45:37.0218 3408 Initialize success
14:45:37.0218 3408 ============================================================
14:45:57.0911 3260 ============================================================
14:45:57.0911 3260 Scan started
14:45:57.0911 3260 Mode: Manual; SigCheck; TDLFS;
14:45:57.0911 3260 ============================================================
14:45:58.0158 3260 ================ Scan system memory ========================
14:45:58.0158 3260 System memory - ok
14:45:58.0159 3260 ================ Scan services =============================
14:45:58.0338 3260 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:45:58.0413 3260 1394ohci - ok
14:45:58.0425 3260 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:45:58.0440 3260 ACPI - ok
14:45:58.0471 3260 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:45:58.0536 3260 AcpiPmi - ok
14:45:58.0561 3260 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:45:58.0580 3260 adp94xx - ok
14:45:58.0598 3260 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:45:58.0613 3260 adpahci - ok
14:45:58.0625 3260 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:45:58.0638 3260 adpu320 - ok
14:45:58.0667 3260 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:45:58.0716 3260 AeLookupSvc - ok
14:45:58.0749 3260 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\Windows\system32\drivers\afd.sys
14:45:58.0789 3260 AFD - ok
14:45:58.0802 3260 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
14:45:58.0812 3260 agp440 - ok
14:45:58.0825 3260 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
14:45:58.0837 3260 aic78xx - ok
14:45:58.0853 3260 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
14:45:58.0894 3260 ALG - ok
14:45:58.0919 3260 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
14:45:58.0929 3260 aliide - ok
14:45:58.0938 3260 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:45:58.0948 3260 amdagp - ok
14:45:58.0965 3260 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
14:45:58.0975 3260 amdide - ok
14:45:58.0983 3260 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:45:59.0015 3260 AmdK8 - ok
14:45:59.0032 3260 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:45:59.0084 3260 AmdPPM - ok
14:45:59.0111 3260 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:45:59.0123 3260 amdsata - ok
14:45:59.0135 3260 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:45:59.0149 3260 amdsbs - ok
14:45:59.0181 3260 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:45:59.0190 3260 amdxata - ok
14:45:59.0218 3260 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
14:45:59.0318 3260 AppID - ok
14:45:59.0359 3260 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:45:59.0398 3260 AppIDSvc - ok
14:45:59.0426 3260 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
14:45:59.0451 3260 Appinfo - ok
14:45:59.0469 3260 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:45:59.0481 3260 arc - ok
14:45:59.0492 3260 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:45:59.0504 3260 arcsas - ok
14:45:59.0524 3260 [ 2B4E66FAC6503494A2C6F32BB6AB3826 ] AsIO C:\Windows\system32\drivers\AsIO.sys
14:45:59.0539 3260 AsIO - ok
14:45:59.0628 3260 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:45:59.0641 3260 aspnet_state - ok
14:45:59.0662 3260 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:45:59.0755 3260 AsyncMac - ok
14:45:59.0782 3260 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
14:45:59.0792 3260 atapi - ok
14:45:59.0847 3260 [ D64603DF38B6F6A967B8FE52B59D07AB ] athur C:\Windows\system32\DRIVERS\athur.sys
14:45:59.0916 3260 athur - ok
14:45:59.0949 3260 [ 547F07839F71A4357A5E503646CAC2B0 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
14:45:59.0959 3260 atksgt - ok
14:45:59.0989 3260 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:46:00.0018 3260 AudioEndpointBuilder - ok
14:46:00.0029 3260 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:46:00.0057 3260 Audiosrv - ok
14:46:00.0095 3260 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:46:00.0141 3260 AxInstSV - ok
14:46:00.0170 3260 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
14:46:00.0212 3260 b06bdrv - ok
14:46:00.0239 3260 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:46:00.0269 3260 b57nd60x - ok
14:46:00.0295 3260 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
14:46:00.0344 3260 BDESVC - ok
14:46:00.0359 3260 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
14:46:00.0392 3260 Beep - ok
14:46:00.0433 3260 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
14:46:00.0489 3260 BFE - ok
14:46:00.0517 3260 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
14:46:00.0545 3260 BITS - ok
14:46:00.0557 3260 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:46:00.0581 3260 blbdrive - ok
14:46:00.0594 3260 BlueletAudio - ok
14:46:00.0601 3260 BlueletSCOAudio - ok
14:46:00.0633 3260 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:46:00.0665 3260 bowser - ok
14:46:00.0677 3260 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:46:00.0726 3260 BrFiltLo - ok
14:46:00.0740 3260 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:46:00.0795 3260 BrFiltUp - ok
14:46:00.0831 3260 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:46:00.0864 3260 BridgeMP - ok
14:46:00.0892 3260 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
14:46:00.0937 3260 Browser - ok
14:46:00.0958 3260 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:46:00.0991 3260 Brserid - ok
14:46:01.0007 3260 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:46:01.0035 3260 BrSerWdm - ok
14:46:01.0055 3260 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:46:01.0074 3260 BrUsbMdm - ok
14:46:01.0095 3260 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:46:01.0125 3260 BrUsbSer - ok
14:46:01.0135 3260 BT - ok
14:46:01.0149 3260 Btcsrusb - ok
14:46:01.0182 3260 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:46:01.0218 3260 BthEnum - ok
14:46:01.0222 3260 BTHidEnum - ok
14:46:01.0231 3260 BTHidMgr - ok
14:46:01.0256 3260 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:46:01.0284 3260 BTHMODEM - ok
14:46:01.0311 3260 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:46:01.0342 3260 BthPan - ok
14:46:01.0366 3260 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:46:01.0397 3260 BTHPORT - ok
14:46:01.0424 3260 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
14:46:01.0462 3260 bthserv - ok
14:46:01.0492 3260 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:46:01.0516 3260 BTHUSB - ok
14:46:01.0632 3260 [ BE531939BB6D153DB63DBBFBD398A713 ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
14:46:01.0681 3260 c2cautoupdatesvc - ok
14:46:01.0725 3260 [ 33E9F08F675EF94633C8EF8A7C4EADF3 ] c2cpnrsvc C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
14:46:01.0784 3260 c2cpnrsvc - ok
14:46:01.0831 3260 catchme - ok
14:46:01.0851 3260 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:46:01.0882 3260 cdfs - ok
14:46:01.0919 3260 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:46:01.0932 3260 cdrom - ok
14:46:01.0959 3260 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
14:46:01.0993 3260 CertPropSvc - ok
14:46:02.0007 3260 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:46:02.0031 3260 circlass - ok
14:46:02.0062 3260 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
14:46:02.0076 3260 CLFS - ok
14:46:02.0115 3260 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:46:02.0125 3260 clr_optimization_v2.0.50727_32 - ok
14:46:02.0154 3260 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:46:02.0168 3260 clr_optimization_v4.0.30319_32 - ok
14:46:02.0179 3260 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:46:02.0201 3260 CmBatt - ok
14:46:02.0220 3260 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:46:02.0230 3260 cmdide - ok
14:46:02.0262 3260 [ 85449EEBE8F8EBD6481EFBF0F352B4EB ] CNG C:\Windows\system32\Drivers\cng.sys
14:46:02.0283 3260 CNG - ok
14:46:02.0294 3260 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:46:02.0305 3260 Compbatt - ok
14:46:02.0326 3260 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:46:02.0354 3260 CompositeBus - ok
14:46:02.0360 3260 COMSysApp - ok
14:46:02.0381 3260 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:46:02.0391 3260 crcdisk - ok
14:46:02.0433 3260 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:46:02.0469 3260 CryptSvc - ok
14:46:02.0510 3260 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
14:46:02.0545 3260 DcomLaunch - ok
14:46:02.0571 3260 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
14:46:02.0607 3260 defragsvc - ok
14:46:02.0638 3260 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:46:02.0677 3260 DfsC - ok
14:46:02.0702 3260 [ 4F63FF698DC72EC2EC0262427F8B53CB ] dgderdrv C:\Windows\system32\drivers\dgderdrv.sys
14:46:02.0711 3260 dgderdrv - ok
14:46:02.0729 3260 [ AEE4ADEFC56BF0ED1F80A37B1C3848D0 ] dgdersvc C:\Windows\system32\dgdersvc.exe
14:46:02.0742 3260 dgdersvc - ok
14:46:02.0778 3260 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:46:02.0810 3260 Dhcp - ok
14:46:02.0825 3260 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
14:46:02.0859 3260 discache - ok
14:46:02.0899 3260 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:46:02.0909 3260 Disk - ok
14:46:02.0931 3260 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:46:02.0966 3260 Dnscache - ok
14:46:02.0992 3260 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
14:46:03.0026 3260 dot3svc - ok
14:46:03.0054 3260 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
14:46:03.0077 3260 DPS - ok
14:46:03.0095 3260 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:46:03.0125 3260 drmkaud - ok
14:46:03.0164 3260 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:46:03.0185 3260 DXGKrnl - ok
14:46:03.0195 3260 EagleNT - ok
14:46:03.0219 3260 EagleXNt - ok
14:46:03.0247 3260 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
14:46:03.0271 3260 EapHost - ok
14:46:03.0353 3260 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
14:46:03.0454 3260 ebdrv - ok
14:46:03.0486 3260 [ 803B370865D907EA21DC0C2B6A8936B5 ] EFS C:\Windows\System32\lsass.exe
14:46:03.0515 3260 EFS - ok
14:46:03.0567 3260 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:46:03.0630 3260 ehRecvr - ok
14:46:03.0648 3260 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
14:46:03.0679 3260 ehSched - ok
14:46:03.0713 3260 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:46:03.0731 3260 elxstor - ok
14:46:03.0769 3260 [ FD9FC82F134B1C91004FFC76A5AE494B ] ENTECH C:\Windows\system32\DRIVERS\ENTECH.sys
14:46:03.0787 3260 ENTECH ( UnsignedFile.Multi.Generic ) - warning
14:46:03.0787 3260 ENTECH - detected UnsignedFile.Multi.Generic (1)
14:46:03.0815 3260 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:46:03.0838 3260 ErrDev - ok
14:46:03.0876 3260 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
14:46:03.0914 3260 EventSystem - ok
14:46:03.0947 3260 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:46:03.0981 3260 ew_hwusbdev - ok
14:46:04.0022 3260 [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
14:46:04.0052 3260 ew_usbenumfilter - ok
14:46:04.0065 3260 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
14:46:04.0097 3260 exfat - ok
14:46:04.0114 3260 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:46:04.0156 3260 fastfat - ok
14:46:04.0197 3260 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
14:46:04.0251 3260 Fax - ok
14:46:04.0269 3260 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:46:04.0292 3260 fdc - ok
14:46:04.0312 3260 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
14:46:04.0346 3260 fdPHost - ok
14:46:04.0359 3260 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
14:46:04.0397 3260 FDResPub - ok
14:46:04.0415 3260 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:46:04.0426 3260 FileInfo - ok
14:46:04.0435 3260 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:46:04.0466 3260 Filetrace - ok
14:46:04.0532 3260 [ ACEFEEA621DCA62EFB7A7EEA59F5E91B ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:46:04.0572 3260 FLEXnet Licensing Service - ok
14:46:04.0583 3260 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:46:04.0594 3260 flpydisk - ok
14:46:04.0607 3260 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:46:04.0619 3260 FltMgr - ok
14:46:04.0665 3260 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
14:46:04.0704 3260 FontCache - ok
14:46:04.0745 3260 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:46:04.0753 3260 FontCache3.0.0.0 - ok
14:46:04.0770 3260 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:46:04.0782 3260 FsDepends - ok
14:46:04.0828 3260 [ 2ED0BABD4CD98ED820FD0D0BCBE96721 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
14:46:04.0842 3260 fssfltr - ok
14:46:04.0947 3260 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
14:46:04.0995 3260 fsssvc - ok
14:46:05.0045 3260 [ B07663A810E861EEBFD0EAC7E82CA62D ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
14:46:05.0069 3260 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
14:46:05.0069 3260 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
14:46:05.0096 3260 [ F96C429788350DB4BA6771C3034DFD88 ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
14:46:05.0116 3260 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
14:46:05.0116 3260 FsUsbExService - detected UnsignedFile.Multi.Generic (1)
14:46:05.0144 3260 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:46:05.0153 3260 Fs_Rec - ok
14:46:05.0185 3260 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:46:05.0202 3260 fvevol - ok
14:46:05.0222 3260 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:46:05.0233 3260 gagp30kx - ok
14:46:05.0258 3260 [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
14:46:05.0267 3260 ggflt - ok
14:46:05.0284 3260 GGSAFERDriver - ok
14:46:05.0311 3260 [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
14:46:05.0322 3260 ggsemc - ok
14:46:05.0358 3260 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
14:46:05.0416 3260 gpsvc - ok
14:46:05.0501 3260 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1cac9dd563a9e30 C:\Program Files\Google\Update\GoogleUpdate.exe
14:46:05.0511 3260 gupdate1cac9dd563a9e30 - ok
14:46:05.0534 3260 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:46:05.0544 3260 gupdatem - ok
14:46:05.0570 3260 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:46:05.0580 3260 hamachi - ok
14:46:05.0594 3260 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:46:05.0632 3260 hcw85cir - ok
14:46:05.0665 3260 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:46:05.0682 3260 HdAudAddService - ok
14:46:05.0696 3260 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:46:05.0722 3260 HDAudBus - ok
14:46:05.0736 3260 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:46:05.0767 3260 HidBatt - ok
14:46:05.0781 3260 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:46:05.0805 3260 HidBth - ok
14:46:05.0833 3260 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:46:05.0854 3260 HidIr - ok
14:46:05.0872 3260 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
14:46:05.0905 3260 hidserv - ok
14:46:05.0938 3260 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:46:05.0980 3260 HidUsb - ok
14:46:06.0001 3260 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:46:06.0033 3260 hkmsvc - ok
14:46:06.0054 3260 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:46:06.0094 3260 HomeGroupListener - ok
14:46:06.0130 3260 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:46:06.0172 3260 HomeGroupProvider - ok
14:46:06.0202 3260 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:46:06.0213 3260 HpSAMD - ok
14:46:06.0250 3260 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:46:06.0288 3260 HTTP - ok
14:46:06.0337 3260 [ 2EB6C536E63C1047577DA6BF6C154E54 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
14:46:06.0380 3260 huawei_cdcacm - ok
14:46:06.0407 3260 [ 033CF42B457366CFA1F8C669C5E30233 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
14:46:06.0447 3260 huawei_enumerator - ok
14:46:06.0470 3260 [ 37CD1813D0A20B3199E9E904935B725D ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
14:46:06.0491 3260 huawei_ext_ctrl - ok
14:46:06.0515 3260 [ DBB03D622BD258FB88186F70C2482583 ] huawei_wwanecm C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
14:46:06.0552 3260 huawei_wwanecm - ok
14:46:06.0577 3260 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:46:06.0587 3260 hwpolicy - ok
14:46:06.0614 3260 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:46:06.0625 3260 i8042prt - ok
14:46:06.0669 3260 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:46:06.0684 3260 iaStorV - ok
14:46:06.0768 3260 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:46:06.0782 3260 IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:46:06.0782 3260 IDriverT - detected UnsignedFile.Multi.Generic (1)
14:46:06.0832 3260 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:46:06.0864 3260 idsvc - ok
14:46:06.0881 3260 IEEtwCollectorService - ok
14:46:06.0899 3260 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:46:06.0909 3260 iirsp - ok
14:46:06.0953 3260 [ B9C54120F46392100478F58F374E5709 ] IKEEXT C:\Windows\System32\ikeext.dll
14:46:06.0992 3260 IKEEXT - ok
14:46:07.0023 3260 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
14:46:07.0033 3260 intelide - ok
14:46:07.0049 3260 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:46:07.0067 3260 intelppm - ok
14:46:07.0092 3260 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:46:07.0129 3260 IPBusEnum - ok
14:46:07.0150 3260 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:46:07.0180 3260 IpFilterDriver - ok
14:46:07.0213 3260 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:46:07.0244 3260 iphlpsvc - ok
14:46:07.0270 3260 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:46:07.0292 3260 IPMIDRV - ok
14:46:07.0307 3260 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:46:07.0342 3260 IPNAT - ok
14:46:07.0360 3260 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:46:07.0400 3260 IRENUM - ok
14:46:07.0409 3260 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:46:07.0421 3260 isapnp - ok
14:46:07.0451 3260 [ EB34CE31FABD4DC4343FD2AD16D2CAF9 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:46:07.0465 3260 iScsiPrt - ok
14:46:07.0495 3260 [ 994EBB45C4B438E1F6EA0B958AE9B9A3 ] ivusb C:\Windows\system32\DRIVERS\ivusb.sys
14:46:07.0506 3260 ivusb - ok
14:46:07.0535 3260 [ FE8300320281D658A7854D5CFC02A63F ] k750bus C:\Windows\system32\DRIVERS\k750bus.sys
14:46:07.0550 3260 k750bus - ok
14:46:07.0570 3260 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:46:07.0580 3260 kbdclass - ok
14:46:07.0609 3260 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:46:07.0630 3260 kbdhid - ok
14:46:07.0644 3260 [ 803B370865D907EA21DC0C2B6A8936B5 ] KeyIso C:\Windows\system32\lsass.exe
14:46:07.0655 3260 KeyIso - ok
14:46:07.0680 3260 [ F286830298323272260332D6ABC905C1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:46:07.0692 3260 KSecDD - ok
14:46:07.0708 3260 [ D7C760D57B1656DD748B9E4AB6CB5A51 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:46:07.0719 3260 KSecPkg - ok
14:46:07.0736 3260 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
14:46:07.0763 3260 KtmRm - ok
14:46:07.0791 3260 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
14:46:07.0826 3260 LanmanServer - ok
14:46:07.0855 3260 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:46:07.0893 3260 LanmanWorkstation - ok
14:46:07.0935 3260 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
14:46:07.0944 3260 lirsgt - ok
14:46:08.0052 3260 [ 935E2093CEED8198C820B7F60BB63167 ] LiveUpdateSvc C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
14:46:08.0087 3260 LiveUpdateSvc - ok
14:46:08.0118 3260 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:46:08.0153 3260 lltdio - ok
14:46:08.0177 3260 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:46:08.0213 3260 lltdsvc - ok
14:46:08.0220 3260 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
14:46:08.0242 3260 lmhosts - ok
14:46:08.0269 3260 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:46:08.0280 3260 LSI_FC - ok
14:46:08.0292 3260 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:46:08.0304 3260 LSI_SAS - ok
14:46:08.0319 3260 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:46:08.0329 3260 LSI_SAS2 - ok
14:46:08.0341 3260 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:46:08.0354 3260 LSI_SCSI - ok
14:46:08.0373 3260 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
14:46:08.0405 3260 luafv - ok
14:46:08.0436 3260 [ F0435FE3C1EC2659D2BBF073CA0752EE ] massfilter C:\Windows\system32\DRIVERS\massfilter.sys
14:46:08.0475 3260 massfilter - ok
14:46:08.0509 3260 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:46:08.0521 3260 Mcx2Svc - ok
14:46:08.0537 3260 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:46:08.0547 3260 megasas - ok
14:46:08.0567 3260 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:46:08.0582 3260 MegaSR - ok
14:46:08.0645 3260 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
14:46:08.0654 3260 Microsoft Office Groove Audit Service - ok
14:46:08.0689 3260 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
14:46:08.0723 3260 MMCSS - ok
14:46:08.0739 3260 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
14:46:08.0761 3260 Modem - ok
14:46:08.0780 3260 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:46:08.0805 3260 monitor - ok
14:46:08.0829 3260 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
14:46:08.0839 3260 mouclass - ok
14:46:08.0862 3260 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:46:08.0879 3260 mouhid - ok
14:46:08.0903 3260 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:46:08.0914 3260 mountmgr - ok
14:46:08.0958 3260 [ 8072A7BB35D92CC621AC2605EEF79BC4 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
14:46:08.0975 3260 MpFilter - ok
14:46:08.0989 3260 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
14:46:09.0002 3260 mpio - ok
14:46:09.0080 3260 [ 65C34426C83EFA32D48380A97717997B ] MpKsldb75f26c c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsldb75f26c.sys
14:46:09.0080 3260 Suspicious file (Forged): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsldb75f26c.sys. Real md5: 65C34426C83EFA32D48380A97717997B, Fake md5: C073FA60C986E8C1A7BD5EDF99EDFC6A
14:46:09.0081 3260 MpKsldb75f26c ( ForgedFile.Multi.Generic ) - warning
14:46:09.0081 3260 MpKsldb75f26c - detected ForgedFile.Multi.Generic (1)
14:46:09.0093 3260 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:46:09.0114 3260 mpsdrv - ok
14:46:09.0145 3260 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:46:09.0196 3260 MpsSvc - ok
14:46:09.0223 3260 [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:46:09.0234 3260 MRxDAV - ok
14:46:09.0265 3260 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:46:09.0301 3260 mrxsmb - ok
14:46:09.0332 3260 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:46:09.0346 3260 mrxsmb10 - ok
14:46:09.0360 3260 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:46:09.0387 3260 mrxsmb20 - ok
14:46:09.0413 3260 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
14:46:09.0423 3260 msahci - ok
14:46:09.0444 3260 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:46:09.0457 3260 msdsm - ok
14:46:09.0468 3260 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
14:46:09.0495 3260 MSDTC - ok
14:46:09.0526 3260 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:46:09.0554 3260 Msfs - ok
14:46:09.0571 3260 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:46:09.0595 3260 mshidkmdf - ok
14:46:09.0620 3260 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:46:09.0630 3260 msisadrv - ok
14:46:09.0656 3260 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:46:09.0691 3260 MSiSCSI - ok
14:46:09.0695 3260 msiserver - ok
14:46:09.0712 3260 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:46:09.0742 3260 MSKSSRV - ok
14:46:09.0805 3260 [ 1EE3643D1AA747222427F63353611AD7 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:46:09.0817 3260 MsMpSvc - ok
14:46:09.0833 3260 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:46:09.0856 3260 MSPCLOCK - ok
14:46:09.0869 3260 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:46:09.0892 3260 MSPQM - ok
14:46:09.0903 3260 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:46:09.0916 3260 MsRPC - ok
14:46:09.0933 3260 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:46:09.0944 3260 mssmbios - ok
14:46:09.0957 3260 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:46:09.0980 3260 MSTEE - ok
14:46:09.0993 3260 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:46:10.0016 3260 MTConfig - ok
14:46:10.0051 3260 [ 0F24624106D8042E7F27882D9D6FF5C0 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
14:46:10.0064 3260 MTsensor - ok
14:46:10.0078 3260 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
14:46:10.0088 3260 Mup - ok
14:46:10.0126 3260 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
14:46:10.0156 3260 napagent - ok
14:46:10.0183 3260 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:46:10.0209 3260 NativeWifiP - ok
14:46:10.0246 3260 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:46:10.0264 3260 NDIS - ok
14:46:10.0278 3260 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:46:10.0307 3260 NdisCap - ok
14:46:10.0326 3260 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:46:10.0359 3260 NdisTapi - ok
14:46:10.0391 3260 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:46:10.0427 3260 Ndisuio - ok
14:46:10.0447 3260 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:46:10.0477 3260 NdisWan - ok
14:46:10.0498 3260 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:46:10.0518 3260 NDProxy - ok
14:46:10.0542 3260 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:46:10.0578 3260 NetBIOS - ok
14:46:10.0604 3260 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:46:10.0641 3260 NetBT - ok
14:46:10.0652 3260 [ 803B370865D907EA21DC0C2B6A8936B5 ] Netlogon C:\Windows\system32\lsass.exe
14:46:10.0664 3260 Netlogon - ok
14:46:10.0693 3260 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
14:46:10.0731 3260 Netman - ok
14:46:10.0763 3260 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:10.0778 3260 NetMsmqActivator - ok
14:46:10.0804 3260 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:10.0817 3260 NetPipeActivator - ok
14:46:10.0836 3260 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
14:46:10.0872 3260 netprofm - ok
14:46:10.0882 3260 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:10.0896 3260 NetTcpActivator - ok
14:46:10.0901 3260 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:10.0917 3260 NetTcpPortSharing - ok
14:46:10.0934 3260 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:46:10.0944 3260 nfrd960 - ok
14:46:10.0992 3260 [ FCBC2F48430EB0D7150A6521C0B84ACA ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:46:11.0005 3260 NisDrv - ok
14:46:11.0030 3260 [ E4AA07F8BCBCB66EF115C443CD45C7A2 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
14:46:11.0048 3260 NisSrv - ok
14:46:11.0073 3260 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:46:11.0102 3260 NlaSvc - ok
14:46:11.0117 3260 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:46:11.0139 3260 Npfs - ok
14:46:11.0151 3260 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
14:46:11.0188 3260 nsi - ok
14:46:11.0206 3260 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:46:11.0242 3260 nsiproxy - ok
14:46:11.0287 3260 [ C8DFF8D07755A66C7A4A738930F0FEAC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:46:11.0314 3260 Ntfs - ok
14:46:11.0323 3260 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
14:46:11.0356 3260 Null - ok
14:46:11.0390 3260 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
14:46:11.0405 3260 NVENETFD - ok
14:46:11.0605 3260 [ FB20C4EE6242B71AB95A65AC2CE19161 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:46:11.0851 3260 nvlddmkm - ok
14:46:11.0879 3260 [ 1DE923088878B495CD4219E47BA34EB8 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
14:46:11.0893 3260 NVNET - ok
14:46:11.0926 3260 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:46:11.0938 3260 nvraid - ok
14:46:11.0966 3260 [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
14:46:12.0001 3260 nvsmu - ok
14:46:12.0024 3260 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:46:12.0036 3260 nvstor - ok
14:46:12.0073 3260 [ E6A8ED576AB1DAF196E204BCF52DDA18 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:46:12.0104 3260 nvsvc - ok
14:46:12.0163 3260 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:46:12.0207 3260 nvUpdatusService - ok
14:46:12.0230 3260 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:46:12.0242 3260 nv_agp - ok
14:46:12.0312 3260 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:46:12.0340 3260 odserv - ok
14:46:12.0374 3260 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:46:12.0385 3260 ohci1394 - ok
14:46:12.0428 3260 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:46:12.0439 3260 ose - ok
14:46:12.0468 3260 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:46:12.0493 3260 p2pimsvc - ok
14:46:12.0520 3260 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
14:46:12.0547 3260 p2psvc - ok
14:46:12.0584 3260 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:46:12.0602 3260 Parport - ok
14:46:12.0630 3260 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:46:12.0643 3260 partmgr - ok
14:46:12.0657 3260 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
14:46:12.0678 3260 Parvdm - ok
14:46:12.0695 3260 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:46:12.0727 3260 PcaSvc - ok
14:46:12.0765 3260 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
14:46:12.0783 3260 pccsmcfd - ok
14:46:12.0799 3260 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
14:46:12.0813 3260 pci - ok
14:46:12.0845 3260 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
14:46:12.0855 3260 pciide - ok
14:46:12.0870 3260 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:46:12.0883 3260 pcmcia - ok
14:46:12.0899 3260 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
14:46:12.0911 3260 pcw - ok
14:46:12.0930 3260 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:46:12.0984 3260 PEAUTH - ok
14:46:13.0051 3260 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
14:46:13.0116 3260 pla - ok
14:46:13.0160 3260 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:46:13.0196 3260 PlugPlay - ok
14:46:13.0221 3260 [ A1DD33D16F277CE34124EE52AB2C0F14 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
14:46:13.0231 3260 PnkBstrA - ok
14:46:13.0259 3260 [ 5C2F5D26E2E8A13BF91DC4487162BCEB ] PnkBstrB C:\Windows\system32\PnkBstrB.exe
14:46:13.0271 3260 PnkBstrB - ok
14:46:13.0287 3260 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:46:13.0308 3260 PNRPAutoReg - ok
14:46:13.0326 3260 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:46:13.0339 3260 PNRPsvc - ok
14:46:13.0360 3260 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:46:13.0399 3260 PolicyAgent - ok
14:46:13.0433 3260 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
14:46:13.0457 3260 Power - ok
14:46:13.0477 3260 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:46:13.0510 3260 PptpMiniport - ok
14:46:13.0532 3260 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:46:13.0556 3260 Processor - ok
14:46:13.0575 3260 [ 18D9789A4664BF417EEA944D2776091A ] prodrv06 C:\Windows\System32\drivers\prodrv06.sys
14:46:13.0597 3260 prodrv06 ( UnsignedFile.Multi.Generic ) - warning
14:46:13.0597 3260 prodrv06 - detected UnsignedFile.Multi.Generic (1)
14:46:13.0626 3260 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
14:46:13.0651 3260 ProfSvc - ok
14:46:13.0667 3260 [ 8CC9671A7ED2902E747EE0892E1C8575 ] prohlp02 C:\Windows\system32\drivers\prohlp02.sys
14:46:13.0685 3260 prohlp02 ( UnsignedFile.Multi.Generic ) - warning
14:46:13.0685 3260 prohlp02 - detected UnsignedFile.Multi.Generic (1)
14:46:13.0710 3260 [ 960BCE3ED38761B446AABAC06C76BADF ] prosync1 C:\Windows\system32\drivers\prosync1.sys
14:46:13.0715 3260 prosync1 ( UnsignedFile.Multi.Generic ) - warning
14:46:13.0715 3260 prosync1 - detected UnsignedFile.Multi.Generic (1)
14:46:13.0724 3260 [ 803B370865D907EA21DC0C2B6A8936B5 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:46:13.0735 3260 ProtectedStorage - ok
14:46:13.0750 3260 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:46:13.0789 3260 Psched - ok
14:46:13.0831 3260 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:46:13.0885 3260 ql2300 - ok
14:46:13.0903 3260 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:46:13.0915 3260 ql40xx - ok
14:46:13.0933 3260 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
14:46:13.0965 3260 QWAVE - ok
14:46:13.0983 3260 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:46:14.0007 3260 QWAVEdrv - ok
14:46:14.0025 3260 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:46:14.0047 3260 RasAcd - ok
14:46:14.0065 3260 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:46:14.0087 3260 RasAgileVpn - ok
14:46:14.0098 3260 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
14:46:14.0124 3260 RasAuto - ok
14:46:14.0133 3260 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:46:14.0159 3260 Rasl2tp - ok
14:46:14.0196 3260 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
14:46:14.0237 3260 RasMan - ok
14:46:14.0258 3260 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:46:14.0290 3260 RasPppoe - ok
14:46:14.0308 3260 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:46:14.0344 3260 RasSstp - ok
14:46:14.0372 3260 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:46:14.0396 3260 rdbss - ok
14:46:14.0410 3260 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:46:14.0421 3260 rdpbus - ok
14:46:14.0447 3260 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:46:14.0480 3260 RDPCDD - ok
14:46:14.0505 3260 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:46:14.0538 3260 RDPENCDD - ok
14:46:14.0560 3260 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:46:14.0594 3260 RDPREFMP - ok
14:46:14.0628 3260 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:46:14.0645 3260 RdpVideoMiniport - ok
14:46:14.0672 3260 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:46:14.0697 3260 RDPWD - ok
14:46:14.0722 3260 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:46:14.0738 3260 rdyboost - ok
14:46:14.0762 3260 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
14:46:14.0784 3260 RemoteAccess - ok
14:46:14.0798 3260 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:46:14.0823 3260 RemoteRegistry - ok
14:46:14.0845 3260 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:46:14.0871 3260 RFCOMM - ok
14:46:14.0891 3260 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
14:46:14.0921 3260 ROOTMODEM - ok
14:46:14.0941 3260 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:46:14.0965 3260 RpcEptMapper - ok
14:46:14.0986 3260 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
14:46:14.0997 3260 RpcLocator - ok
14:46:15.0035 3260 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
14:46:15.0062 3260 RpcSs - ok
14:46:15.0068 3260 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:46:15.0107 3260 rspndr - ok
14:46:15.0146 3260 [ 19A0B57164830DF3C699E3CC93F68E37 ] rt2870 C:\Windows\system32\DRIVERS\rt2870.sys
14:46:15.0199 3260 rt2870 - ok
14:46:15.0224 3260 RzKLService - ok
14:46:15.0244 3260 [ 803B370865D907EA21DC0C2B6A8936B5 ] SamSs C:\Windows\system32\lsass.exe
14:46:15.0254 3260 SamSs - ok
14:46:15.0287 3260 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:46:15.0299 3260 sbp2port - ok
14:46:15.0320 3260 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:46:15.0353 3260 SCardSvr - ok
14:46:15.0368 3260 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:46:15.0389 3260 scfilter - ok
14:46:15.0429 3260 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
14:46:15.0471 3260 Schedule - ok
14:46:15.0500 3260 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:46:15.0521 3260 SCPolicySvc - ok
14:46:15.0553 3260 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:46:15.0591 3260 SDRSVC - ok
14:46:15.0661 3260 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
14:46:15.0675 3260 SeaPort - ok
14:46:15.0705 3260 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:46:15.0736 3260 secdrv - ok
14:46:15.0751 3260 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
14:46:15.0784 3260 seclogon - ok
14:46:15.0801 3260 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
14:46:15.0831 3260 SENS - ok
14:46:15.0841 3260 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:46:15.0856 3260 SensrSvc - ok
14:46:15.0872 3260 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:46:15.0908 3260 Serenum - ok
14:46:15.0930 3260 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:46:15.0943 3260 Serial - ok
14:46:15.0968 3260 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:46:15.0991 3260 sermouse - ok
14:46:16.0063 3260 [ 3EC8DE67B1C78C31E54C0F030E6BD7D5 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
14:46:16.0096 3260 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
14:46:16.0097 3260 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
14:46:16.0141 3260 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
14:46:16.0178 3260 SessionEnv - ok
14:46:16.0205 3260 [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01 C:\Windows\system32\drivers\sfdrv01.sys
14:46:16.0223 3260 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
14:46:16.0223 3260 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
14:46:16.0250 3260 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:46:16.0266 3260 sffdisk - ok
14:46:16.0280 3260 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:46:16.0354 3260 sffp_mmc - ok
14:46:16.0367 3260 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:46:16.0387 3260 sffp_sd - ok
14:46:16.0404 3260 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\Windows\system32\drivers\sfhlp01.sys
14:46:16.0421 3260 sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
14:46:16.0421 3260 sfhlp01 - detected UnsignedFile.Multi.Generic (1)
14:46:16.0439 3260 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
14:46:16.0443 3260 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
14:46:16.0443 3260 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
14:46:16.0471 3260 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:46:16.0489 3260 sfloppy - ok
14:46:16.0508 3260 [ D5A7E09D2C6A702809E49190D52ADC9F ] sfvfs02 C:\Windows\system32\drivers\sfvfs02.sys
14:46:16.0515 3260 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
14:46:16.0515 3260 sfvfs02 - detected UnsignedFile.Multi.Generic (1)
14:46:16.0538 3260 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:46:16.0578 3260 SharedAccess - ok
14:46:16.0634 3260 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:46:16.0667 3260 ShellHWDetection - ok
14:46:16.0721 3260 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:46:16.0731 3260 sisagp - ok
14:46:16.0748 3260 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:46:16.0759 3260 SiSRaid2 - ok
14:46:16.0769 3260 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:46:16.0780 3260 SiSRaid4 - ok
14:46:16.0800 3260 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:46:16.0833 3260 Smb - ok
14:46:16.0868 3260 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:46:16.0890 3260 SNMPTRAP - ok
14:46:16.0910 3260 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
14:46:16.0920 3260 spldr - ok
14:46:16.0945 3260 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
14:46:16.0970 3260 Spooler - ok
14:46:17.0045 3260 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
14:46:17.0139 3260 sppsvc - ok
14:46:17.0161 3260 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:46:17.0201 3260 sppuinotify - ok
14:46:17.0248 3260 [ CBEAEA2729985BFB260641AB424E0166 ] sptd C:\Windows\System32\Drivers\sptd.sys
14:46:17.0265 3260 sptd - ok
14:46:17.0298 3260 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:46:17.0340 3260 srv - ok
14:46:17.0353 3260 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:46:17.0367 3260 srv2 - ok
14:46:17.0379 3260 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:46:17.0403 3260 srvnet - ok
14:46:17.0427 3260 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:46:17.0465 3260 SSDPSRV - ok
14:46:17.0481 3260 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:46:17.0513 3260 SstpSvc - ok
14:46:17.0539 3260 [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
14:46:17.0550 3260 ss_bbus - ok
14:46:17.0562 3260 [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
14:46:17.0572 3260 ss_bmdfl - ok
14:46:17.0586 3260 [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
14:46:17.0597 3260 ss_bmdm - ok
14:46:17.0608 3260 [ 994D2E5378CC337EC7DD73C1E04FCAA4 ] ss_bserd C:\Windows\system32\DRIVERS\ss_bserd.sys
14:46:17.0620 3260 ss_bserd - ok
14:46:17.0634 3260 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:46:17.0645 3260 stexstor - ok
14:46:17.0680 3260 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
14:46:17.0699 3260 StiSvc - ok
14:46:17.0731 3260 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
14:46:17.0744 3260 swenum - ok
14:46:17.0758 3260 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
14:46:17.0803 3260 swprv - ok
14:46:17.0839 3260 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
14:46:17.0896 3260 SysMain - ok
14:46:17.0923 3260 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:46:17.0938 3260 TabletInputService - ok
14:46:17.0961 3260 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
14:46:17.0995 3260 TapiSrv - ok
14:46:18.0006 3260 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
14:46:18.0046 3260 TBS - ok
14:46:18.0085 3260 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:46:18.0112 3260 Tcpip - ok
14:46:18.0151 3260 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:46:18.0179 3260 TCPIP6 - ok
14:46:18.0214 3260 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:46:18.0224 3260 tcpipreg - ok
14:46:18.0260 3260 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:46:18.0283 3260 TDPIPE - ok
14:46:18.0303 3260 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:46:18.0316 3260 TDTCP - ok
14:46:18.0345 3260 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:46:18.0366 3260 tdx - ok
14:46:18.0380 3260 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:46:18.0391 3260 TermDD - ok
14:46:18.0429 3260 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
14:46:18.0456 3260 TermService - ok
14:46:18.0468 3260 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
14:46:18.0483 3260 Themes - ok
14:46:18.0498 3260 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
14:46:18.0522 3260 THREADORDER - ok
14:46:18.0541 3260 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
14:46:18.0565 3260 TrkWks - ok
14:46:18.0603 3260 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:46:18.0625 3260 TrustedInstaller - ok
14:46:18.0658 3260 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:46:18.0668 3260 tssecsrv - ok
14:46:18.0695 3260 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:46:18.0726 3260 TsUsbFlt - ok
14:46:18.0758 3260 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:46:18.0792 3260 tunnel - ok
14:46:18.0807 3260 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:46:18.0817 3260 uagp35 - ok
14:46:18.0850 3260 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:46:18.0874 3260 udfs - ok
14:46:18.0894 3260 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:46:18.0908 3260 UI0Detect - ok
14:46:18.0968 3260 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
14:46:18.0981 3260 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
14:46:18.0982 3260 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
14:46:18.0998 3260 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:46:19.0009 3260 uliagpkx - ok
14:46:19.0035 3260 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
14:46:19.0046 3260 umbus - ok
14:46:19.0056 3260 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:46:19.0078 3260 UmPass - ok
14:46:19.0095 3260 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
14:46:19.0121 3260 upnphost - ok
14:46:19.0145 3260 [ 0803FBA9FE829D61AE26EC0BCC910C46 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:46:19.0174 3260 usbccgp - ok
14:46:19.0198 3260 [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:46:19.0217 3260 usbcir - ok
14:46:19.0237 3260 [ D40855F89B69305140BBD7E9A3BA2DA6 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:46:19.0259 3260 usbehci - ok
14:46:19.0300 3260 [ EDF2DF71C4F1E13A6AC75F5224DE655A ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:46:19.0328 3260 usbhub - ok
14:46:19.0333 3260 [ 9828C8D14CC2676421778F0DE638CF97 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:46:19.0352 3260 usbohci - ok
14:46:19.0365 3260 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:46:19.0389 3260 usbprint - ok
14:46:19.0416 3260 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:46:19.0440 3260 USBSTOR - ok
14:46:19.0457 3260 [ 800AABFD625EEFF899F7E5496BDE37AB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:46:19.0468 3260 usbuhci - ok
14:46:19.0486 3260 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
14:46:19.0525 3260 UxSms - ok
14:46:19.0544 3260 [ 803B370865D907EA21DC0C2B6A8936B5 ] VaultSvc C:\Windows\system32\lsass.exe
14:46:19.0554 3260 VaultSvc - ok
14:46:19.0562 3260 VComm - ok
14:46:19.0573 3260 VcommMgr - ok
14:46:19.0596 3260 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:46:19.0607 3260 vdrvroot - ok
14:46:19.0640 3260 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
14:46:19.0689 3260 vds - ok
14:46:19.0702 3260 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:46:19.0715 3260 vga - ok
14:46:19.0729 3260 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:46:19.0765 3260 VgaSave - ok
14:46:19.0786 3260 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:46:19.0799 3260 vhdmp - ok
14:46:19.0826 3260 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:46:19.0844 3260 viaagp - ok
14:46:19.0861 3260 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
14:46:19.0880 3260 ViaC7 - ok
14:46:19.0916 3260 [ 4906E025DD6B322C4BBD6B9E35C9993A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
14:46:19.0960 3260 VIAHdAudAddService - ok
14:46:19.0985 3260 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
14:46:19.0999 3260 viaide - ok
14:46:20.0017 3260 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:46:20.0029 3260 volmgr - ok
14:46:20.0045 3260 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:46:20.0060 3260 volmgrx - ok
14:46:20.0094 3260 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:46:20.0108 3260 volsnap - ok
14:46:20.0135 3260 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:46:20.0153 3260 vsmraid - ok
14:46:20.0196 3260 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
14:46:20.0258 3260 VSS - ok
14:46:20.0297 3260 vToolbarUpdater13.2.0 - ok
14:46:20.0322 3260 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:46:20.0344 3260 vwifibus - ok
14:46:20.0363 3260 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:46:20.0381 3260 vwififlt - ok
14:46:20.0409 3260 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
14:46:20.0435 3260 W32Time - ok
14:46:20.0459 3260 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:46:20.0483 3260 WacomPen - ok
14:46:20.0513 3260 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:46:20.0546 3260 WANARP - ok
14:46:20.0550 3260 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:46:20.0572 3260 Wanarpv6 - ok
14:46:20.0636 3260 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:46:20.0684 3260 WatAdminSvc - ok
14:46:20.0713 3260 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
14:46:20.0760 3260 wbengine - ok
14:46:20.0776 3260 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:46:20.0808 3260 WbioSrvc - ok
14:46:20.0835 3260 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:46:20.0867 3260 wcncsvc - ok
14:46:20.0881 3260 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:46:20.0911 3260 WcsPlugInService - ok
14:46:20.0924 3260 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:46:20.0936 3260 Wd - ok
14:46:20.0973 3260 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:46:21.0005 3260 Wdf01000 - ok
14:46:21.0020 3260 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:46:21.0086 3260 WdiServiceHost - ok
14:46:21.0091 3260 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:46:21.0107 3260 WdiSystemHost - ok
14:46:21.0138 3260 [ 75E8EBD7040CE238684333F97014762A ] WebClient C:\Windows\System32\webclnt.dll
14:46:21.0153 3260 WebClient - ok
14:46:21.0164 3260 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:46:21.0207 3260 Wecsvc - ok
14:46:21.0228 3260 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:46:21.0266 3260 wercplsupport - ok
14:46:21.0293 3260 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
14:46:21.0325 3260 WerSvc - ok
14:46:21.0348 3260 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:46:21.0373 3260 WfpLwf - ok
14:46:21.0388 3260 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:46:21.0398 3260 WIMMount - ok
14:46:21.0441 3260 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:46:21.0486 3260 WinDefend - ok
14:46:21.0507 3260 WinHttpAutoProxySvc - ok
14:46:21.0546 3260 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:46:21.0586 3260 Winmgmt - ok
14:46:21.0626 3260 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
14:46:21.0695 3260 WinRM - ok
14:46:21.0728 3260 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:46:21.0742 3260 WinUsb - ok
14:46:21.0774 3260 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:46:21.0809 3260 Wlansvc - ok
14:46:21.0874 3260 [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:46:21.0937 3260 wlidsvc - ok
14:46:21.0956 3260 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:46:21.0967 3260 WmiAcpi - ok
14:46:21.0995 3260 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:46:22.0021 3260 wmiApSrv - ok
14:46:22.0060 3260 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:46:22.0129 3260 WMPNetworkSvc - ok
14:46:22.0143 3260 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:46:22.0159 3260 WPCSvc - ok
14:46:22.0184 3260 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:46:22.0197 3260 WPDBusEnum - ok
14:46:22.0223 3260 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:46:22.0270 3260 ws2ifsl - ok
14:46:22.0296 3260 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
14:46:22.0327 3260 wscsvc - ok
14:46:22.0331 3260 WSearch - ok
14:46:22.0395 3260 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:46:22.0459 3260 wuauserv - ok
14:46:22.0478 3260 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:46:22.0500 3260 WudfPf - ok
14:46:22.0525 3260 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:46:22.0564 3260 WUDFRd - ok
14:46:22.0595 3260 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:46:22.0624 3260 wudfsvc - ok
14:46:22.0656 3260 [ 7CC38741B8F68F1E0D5D79DA6123666A ] WwanSvc C:\Windows\System32\wwansvc.dll
14:46:22.0700 3260 WwanSvc - ok
14:46:22.0724 3260 [ B8B466103280E45E391E876F05122607 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:46:22.0740 3260 ZTEusbmdm6k - ok
14:46:22.0758 3260 [ 911BA85906BC7602C73441502ABFB565 ] ZTEusbnet C:\Windows\system32\DRIVERS\ZTEusbnet.sys
14:46:22.0790 3260 ZTEusbnet - ok
14:46:22.0806 3260 [ 69774B89725DDC4781E0EEB9809F3B20 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:46:22.0852 3260 ZTEusbnmea - ok
14:46:22.0870 3260 [ B8B466103280E45E391E876F05122607 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:46:22.0881 3260 ZTEusbser6k - ok
14:46:22.0948 3260 ================ Scan global ===============================
14:46:22.0982 3260 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
14:46:23.0009 3260 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
14:46:23.0026 3260 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
14:46:23.0044 3260 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:46:23.0059 3260 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:46:23.0062 3260 [Global] - ok
14:46:23.0062 3260 ================ Scan MBR ==================================
14:46:23.0074 3260 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:46:23.0284 3260 \Device\Harddisk0\DR0 - ok
14:46:23.0285 3260 ================ Scan VBR ==================================
14:46:23.0290 3260 [ 639291F392D7170874044FF51B4B4000 ] \Device\Harddisk0\DR0\Partition1
14:46:23.0292 3260 \Device\Harddisk0\DR0\Partition1 - ok
14:46:23.0317 3260 [ 61D4F4EC581A0C8980D1E2AF7662CAB4 ] \Device\Harddisk0\DR0\Partition2
14:46:23.0326 3260 \Device\Harddisk0\DR0\Partition2 - ok
14:46:23.0327 3260 ============================================================
14:46:23.0327 3260 Scan finished
14:46:23.0327 3260 ============================================================
14:46:23.0342 3224 Detected object count: 14
14:46:23.0342 3224 Actual detected object count: 14
14:46:37.0929 3224 ENTECH ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0929 3224 ENTECH ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0932 3224 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0932 3224 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0935 3224 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0935 3224 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0938 3224 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0938 3224 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0943 3224 MpKsldb75f26c ( ForgedFile.Multi.Generic ) - skipped by user
14:46:37.0943 3224 MpKsldb75f26c ( ForgedFile.Multi.Generic ) - User select action: Skip
14:46:37.0945 3224 prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0945 3224 prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0948 3224 prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0948 3224 prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0951 3224 prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0951 3224 prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0953 3224 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0954 3224 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0957 3224 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0957 3224 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0960 3224 sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0960 3224 sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0962 3224 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0963 3224 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0965 3224 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0965 3224 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0968 3224 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0968 3224 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:50.0711 3160 Deinitialize success

U Malwarebytes Anti-Rootkit to žádnou infekci nenašlo.

Zde je log z TDSSKiller :

14:45:27.0079 3408 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:45:36.0298 3408 ============================================================
14:45:36.0298 3408 Current date / time: 2014/04/21 14:45:36.0298
14:45:36.0298 3408 SystemInfo:
14:45:36.0298 3408
14:45:36.0298 3408 OS Version: 6.1.7601 ServicePack: 1.0
14:45:36.0298 3408 Product type: Workstation
14:45:36.0298 3408 ComputerName: JAKUB-PC
14:45:36.0298 3408 UserName: Jakub
14:45:36.0298 3408 Windows directory: C:\Windows
14:45:36.0298 3408 System windows directory: C:\Windows
14:45:36.0298 3408 Processor architecture: Intel x86
14:45:36.0298 3408 Number of processors: 2
14:45:36.0298 3408 Page size: 0x1000
14:45:36.0298 3408 Boot type: Normal boot
14:45:36.0298 3408 ============================================================
14:45:37.0191 3408 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:45:37.0192 3408 ============================================================
14:45:37.0192 3408 \Device\Harddisk0\DR0:
14:45:37.0193 3408 MBR partitions:
14:45:37.0193 3408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x10D800
14:45:37.0193 3408 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10E000, BlocksNum 0x4A749800
14:45:37.0193 3408 ============================================================
14:45:37.0218 3408 C: <-> \Device\Harddisk0\DR0\Partition2
14:45:37.0218 3408 ============================================================
14:45:37.0218 3408 Initialize success
14:45:37.0218 3408 ============================================================
14:45:57.0911 3260 ============================================================
14:45:57.0911 3260 Scan started
14:45:57.0911 3260 Mode: Manual; SigCheck; TDLFS;
14:45:57.0911 3260 ============================================================
14:45:58.0158 3260 ================ Scan system memory ========================
14:45:58.0158 3260 System memory - ok
14:45:58.0159 3260 ================ Scan services =============================
14:45:58.0338 3260 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:45:58.0413 3260 1394ohci - ok
14:45:58.0425 3260 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:45:58.0440 3260 ACPI - ok
14:45:58.0471 3260 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:45:58.0536 3260 AcpiPmi - ok
14:45:58.0561 3260 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:45:58.0580 3260 adp94xx - ok
14:45:58.0598 3260 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:45:58.0613 3260 adpahci - ok
14:45:58.0625 3260 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:45:58.0638 3260 adpu320 - ok
14:45:58.0667 3260 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:45:58.0716 3260 AeLookupSvc - ok
14:45:58.0749 3260 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\Windows\system32\drivers\afd.sys
14:45:58.0789 3260 AFD - ok
14:45:58.0802 3260 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
14:45:58.0812 3260 agp440 - ok
14:45:58.0825 3260 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
14:45:58.0837 3260 aic78xx - ok
14:45:58.0853 3260 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
14:45:58.0894 3260 ALG - ok
14:45:58.0919 3260 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
14:45:58.0929 3260 aliide - ok
14:45:58.0938 3260 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:45:58.0948 3260 amdagp - ok
14:45:58.0965 3260 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
14:45:58.0975 3260 amdide - ok
14:45:58.0983 3260 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:45:59.0015 3260 AmdK8 - ok
14:45:59.0032 3260 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:45:59.0084 3260 AmdPPM - ok
14:45:59.0111 3260 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:45:59.0123 3260 amdsata - ok
14:45:59.0135 3260 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:45:59.0149 3260 amdsbs - ok
14:45:59.0181 3260 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:45:59.0190 3260 amdxata - ok
14:45:59.0218 3260 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
14:45:59.0318 3260 AppID - ok
14:45:59.0359 3260 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:45:59.0398 3260 AppIDSvc - ok
14:45:59.0426 3260 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
14:45:59.0451 3260 Appinfo - ok
14:45:59.0469 3260 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:45:59.0481 3260 arc - ok
14:45:59.0492 3260 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:45:59.0504 3260 arcsas - ok
14:45:59.0524 3260 [ 2B4E66FAC6503494A2C6F32BB6AB3826 ] AsIO C:\Windows\system32\drivers\AsIO.sys
14:45:59.0539 3260 AsIO - ok
14:45:59.0628 3260 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:45:59.0641 3260 aspnet_state - ok
14:45:59.0662 3260 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:45:59.0755 3260 AsyncMac - ok
14:45:59.0782 3260 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
14:45:59.0792 3260 atapi - ok
14:45:59.0847 3260 [ D64603DF38B6F6A967B8FE52B59D07AB ] athur C:\Windows\system32\DRIVERS\athur.sys
14:45:59.0916 3260 athur - ok
14:45:59.0949 3260 [ 547F07839F71A4357A5E503646CAC2B0 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
14:45:59.0959 3260 atksgt - ok
14:45:59.0989 3260 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:46:00.0018 3260 AudioEndpointBuilder - ok
14:46:00.0029 3260 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:46:00.0057 3260 Audiosrv - ok
14:46:00.0095 3260 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:46:00.0141 3260 AxInstSV - ok
14:46:00.0170 3260 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
14:46:00.0212 3260 b06bdrv - ok
14:46:00.0239 3260 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:46:00.0269 3260 b57nd60x - ok
14:46:00.0295 3260 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
14:46:00.0344 3260 BDESVC - ok
14:46:00.0359 3260 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
14:46:00.0392 3260 Beep - ok
14:46:00.0433 3260 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
14:46:00.0489 3260 BFE - ok
14:46:00.0517 3260 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
14:46:00.0545 3260 BITS - ok
14:46:00.0557 3260 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:46:00.0581 3260 blbdrive - ok
14:46:00.0594 3260 BlueletAudio - ok
14:46:00.0601 3260 BlueletSCOAudio - ok
14:46:00.0633 3260 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:46:00.0665 3260 bowser - ok
14:46:00.0677 3260 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:46:00.0726 3260 BrFiltLo - ok
14:46:00.0740 3260 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:46:00.0795 3260 BrFiltUp - ok
14:46:00.0831 3260 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:46:00.0864 3260 BridgeMP - ok
14:46:00.0892 3260 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
14:46:00.0937 3260 Browser - ok
14:46:00.0958 3260 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:46:00.0991 3260 Brserid - ok
14:46:01.0007 3260 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:46:01.0035 3260 BrSerWdm - ok
14:46:01.0055 3260 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:46:01.0074 3260 BrUsbMdm - ok
14:46:01.0095 3260 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:46:01.0125 3260 BrUsbSer - ok
14:46:01.0135 3260 BT - ok
14:46:01.0149 3260 Btcsrusb - ok
14:46:01.0182 3260 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:46:01.0218 3260 BthEnum - ok
14:46:01.0222 3260 BTHidEnum - ok
14:46:01.0231 3260 BTHidMgr - ok
14:46:01.0256 3260 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:46:01.0284 3260 BTHMODEM - ok
14:46:01.0311 3260 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:46:01.0342 3260 BthPan - ok
14:46:01.0366 3260 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:46:01.0397 3260 BTHPORT - ok
14:46:01.0424 3260 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
14:46:01.0462 3260 bthserv - ok
14:46:01.0492 3260 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:46:01.0516 3260 BTHUSB - ok
14:46:01.0632 3260 [ BE531939BB6D153DB63DBBFBD398A713 ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
14:46:01.0681 3260 c2cautoupdatesvc - ok
14:46:01.0725 3260 [ 33E9F08F675EF94633C8EF8A7C4EADF3 ] c2cpnrsvc C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
14:46:01.0784 3260 c2cpnrsvc - ok
14:46:01.0831 3260 catchme - ok
14:46:01.0851 3260 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:46:01.0882 3260 cdfs - ok
14:46:01.0919 3260 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:46:01.0932 3260 cdrom - ok
14:46:01.0959 3260 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
14:46:01.0993 3260 CertPropSvc - ok
14:46:02.0007 3260 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:46:02.0031 3260 circlass - ok
14:46:02.0062 3260 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
14:46:02.0076 3260 CLFS - ok
14:46:02.0115 3260 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:46:02.0125 3260 clr_optimization_v2.0.50727_32 - ok
14:46:02.0154 3260 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:46:02.0168 3260 clr_optimization_v4.0.30319_32 - ok
14:46:02.0179 3260 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:46:02.0201 3260 CmBatt - ok
14:46:02.0220 3260 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:46:02.0230 3260 cmdide - ok
14:46:02.0262 3260 [ 85449EEBE8F8EBD6481EFBF0F352B4EB ] CNG C:\Windows\system32\Drivers\cng.sys
14:46:02.0283 3260 CNG - ok
14:46:02.0294 3260 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:46:02.0305 3260 Compbatt - ok
14:46:02.0326 3260 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:46:02.0354 3260 CompositeBus - ok
14:46:02.0360 3260 COMSysApp - ok
14:46:02.0381 3260 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:46:02.0391 3260 crcdisk - ok
14:46:02.0433 3260 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:46:02.0469 3260 CryptSvc - ok
14:46:02.0510 3260 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
14:46:02.0545 3260 DcomLaunch - ok
14:46:02.0571 3260 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
14:46:02.0607 3260 defragsvc - ok
14:46:02.0638 3260 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:46:02.0677 3260 DfsC - ok
14:46:02.0702 3260 [ 4F63FF698DC72EC2EC0262427F8B53CB ] dgderdrv C:\Windows\system32\drivers\dgderdrv.sys
14:46:02.0711 3260 dgderdrv - ok
14:46:02.0729 3260 [ AEE4ADEFC56BF0ED1F80A37B1C3848D0 ] dgdersvc C:\Windows\system32\dgdersvc.exe
14:46:02.0742 3260 dgdersvc - ok
14:46:02.0778 3260 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:46:02.0810 3260 Dhcp - ok
14:46:02.0825 3260 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
14:46:02.0859 3260 discache - ok
14:46:02.0899 3260 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:46:02.0909 3260 Disk - ok
14:46:02.0931 3260 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:46:02.0966 3260 Dnscache - ok
14:46:02.0992 3260 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
14:46:03.0026 3260 dot3svc - ok
14:46:03.0054 3260 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
14:46:03.0077 3260 DPS - ok
14:46:03.0095 3260 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:46:03.0125 3260 drmkaud - ok
14:46:03.0164 3260 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:46:03.0185 3260 DXGKrnl - ok
14:46:03.0195 3260 EagleNT - ok
14:46:03.0219 3260 EagleXNt - ok
14:46:03.0247 3260 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
14:46:03.0271 3260 EapHost - ok
14:46:03.0353 3260 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
14:46:03.0454 3260 ebdrv - ok
14:46:03.0486 3260 [ 803B370865D907EA21DC0C2B6A8936B5 ] EFS C:\Windows\System32\lsass.exe
14:46:03.0515 3260 EFS - ok
14:46:03.0567 3260 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:46:03.0630 3260 ehRecvr - ok
14:46:03.0648 3260 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
14:46:03.0679 3260 ehSched - ok
14:46:03.0713 3260 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:46:03.0731 3260 elxstor - ok
14:46:03.0769 3260 [ FD9FC82F134B1C91004FFC76A5AE494B ] ENTECH C:\Windows\system32\DRIVERS\ENTECH.sys
14:46:03.0787 3260 ENTECH ( UnsignedFile.Multi.Generic ) - warning
14:46:03.0787 3260 ENTECH - detected UnsignedFile.Multi.Generic (1)
14:46:03.0815 3260 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:46:03.0838 3260 ErrDev - ok
14:46:03.0876 3260 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
14:46:03.0914 3260 EventSystem - ok
14:46:03.0947 3260 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:46:03.0981 3260 ew_hwusbdev - ok
14:46:04.0022 3260 [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
14:46:04.0052 3260 ew_usbenumfilter - ok
14:46:04.0065 3260 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
14:46:04.0097 3260 exfat - ok
14:46:04.0114 3260 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:46:04.0156 3260 fastfat - ok
14:46:04.0197 3260 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
14:46:04.0251 3260 Fax - ok
14:46:04.0269 3260 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:46:04.0292 3260 fdc - ok
14:46:04.0312 3260 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
14:46:04.0346 3260 fdPHost - ok
14:46:04.0359 3260 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
14:46:04.0397 3260 FDResPub - ok
14:46:04.0415 3260 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:46:04.0426 3260 FileInfo - ok
14:46:04.0435 3260 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:46:04.0466 3260 Filetrace - ok
14:46:04.0532 3260 [ ACEFEEA621DCA62EFB7A7EEA59F5E91B ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:46:04.0572 3260 FLEXnet Licensing Service - ok
14:46:04.0583 3260 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:46:04.0594 3260 flpydisk - ok
14:46:04.0607 3260 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:46:04.0619 3260 FltMgr - ok
14:46:04.0665 3260 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
14:46:04.0704 3260 FontCache - ok
14:46:04.0745 3260 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:46:04.0753 3260 FontCache3.0.0.0 - ok
14:46:04.0770 3260 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:46:04.0782 3260 FsDepends - ok
14:46:04.0828 3260 [ 2ED0BABD4CD98ED820FD0D0BCBE96721 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
14:46:04.0842 3260 fssfltr - ok
14:46:04.0947 3260 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
14:46:04.0995 3260 fsssvc - ok
14:46:05.0045 3260 [ B07663A810E861EEBFD0EAC7E82CA62D ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
14:46:05.0069 3260 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
14:46:05.0069 3260 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
14:46:05.0096 3260 [ F96C429788350DB4BA6771C3034DFD88 ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
14:46:05.0116 3260 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
14:46:05.0116 3260 FsUsbExService - detected UnsignedFile.Multi.Generic (1)
14:46:05.0144 3260 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:46:05.0153 3260 Fs_Rec - ok
14:46:05.0185 3260 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:46:05.0202 3260 fvevol - ok
14:46:05.0222 3260 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:46:05.0233 3260 gagp30kx - ok
14:46:05.0258 3260 [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
14:46:05.0267 3260 ggflt - ok
14:46:05.0284 3260 GGSAFERDriver - ok
14:46:05.0311 3260 [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
14:46:05.0322 3260 ggsemc - ok
14:46:05.0358 3260 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
14:46:05.0416 3260 gpsvc - ok
14:46:05.0501 3260 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1cac9dd563a9e30 C:\Program Files\Google\Update\GoogleUpdate.exe
14:46:05.0511 3260 gupdate1cac9dd563a9e30 - ok
14:46:05.0534 3260 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:46:05.0544 3260 gupdatem - ok
14:46:05.0570 3260 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:46:05.0580 3260 hamachi - ok
14:46:05.0594 3260 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:46:05.0632 3260 hcw85cir - ok
14:46:05.0665 3260 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:46:05.0682 3260 HdAudAddService - ok
14:46:05.0696 3260 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:46:05.0722 3260 HDAudBus - ok
14:46:05.0736 3260 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:46:05.0767 3260 HidBatt - ok
14:46:05.0781 3260 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:46:05.0805 3260 HidBth - ok
14:46:05.0833 3260 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:46:05.0854 3260 HidIr - ok
14:46:05.0872 3260 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
14:46:05.0905 3260 hidserv - ok
14:46:05.0938 3260 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:46:05.0980 3260 HidUsb - ok
14:46:06.0001 3260 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:46:06.0033 3260 hkmsvc - ok
14:46:06.0054 3260 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:46:06.0094 3260 HomeGroupListener - ok
14:46:06.0130 3260 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:46:06.0172 3260 HomeGroupProvider - ok
14:46:06.0202 3260 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:46:06.0213 3260 HpSAMD - ok
14:46:06.0250 3260 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:46:06.0288 3260 HTTP - ok
14:46:06.0337 3260 [ 2EB6C536E63C1047577DA6BF6C154E54 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
14:46:06.0380 3260 huawei_cdcacm - ok
14:46:06.0407 3260 [ 033CF42B457366CFA1F8C669C5E30233 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
14:46:06.0447 3260 huawei_enumerator - ok
14:46:06.0470 3260 [ 37CD1813D0A20B3199E9E904935B725D ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
14:46:06.0491 3260 huawei_ext_ctrl - ok
14:46:06.0515 3260 [ DBB03D622BD258FB88186F70C2482583 ] huawei_wwanecm C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
14:46:06.0552 3260 huawei_wwanecm - ok
14:46:06.0577 3260 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:46:06.0587 3260 hwpolicy - ok
14:46:06.0614 3260 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:46:06.0625 3260 i8042prt - ok
14:46:06.0669 3260 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:46:06.0684 3260 iaStorV - ok
14:46:06.0768 3260 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:46:06.0782 3260 IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:46:06.0782 3260 IDriverT - detected UnsignedFile.Multi.Generic (1)
14:46:06.0832 3260 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:46:06.0864 3260 idsvc - ok
14:46:06.0881 3260 IEEtwCollectorService - ok
14:46:06.0899 3260 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:46:06.0909 3260 iirsp - ok
14:46:06.0953 3260 [ B9C54120F46392100478F58F374E5709 ] IKEEXT C:\Windows\System32\ikeext.dll
14:46:06.0992 3260 IKEEXT - ok
14:46:07.0023 3260 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
14:46:07.0033 3260 intelide - ok
14:46:07.0049 3260 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:46:07.0067 3260 intelppm - ok
14:46:07.0092 3260 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:46:07.0129 3260 IPBusEnum - ok
14:46:07.0150 3260 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:46:07.0180 3260 IpFilterDriver - ok
14:46:07.0213 3260 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:46:07.0244 3260 iphlpsvc - ok
14:46:07.0270 3260 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:46:07.0292 3260 IPMIDRV - ok
14:46:07.0307 3260 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:46:07.0342 3260 IPNAT - ok
14:46:07.0360 3260 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:46:07.0400 3260 IRENUM - ok
14:46:07.0409 3260 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:46:07.0421 3260 isapnp - ok
14:46:07.0451 3260 [ EB34CE31FABD4DC4343FD2AD16D2CAF9 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:46:07.0465 3260 iScsiPrt - ok
14:46:07.0495 3260 [ 994EBB45C4B438E1F6EA0B958AE9B9A3 ] ivusb C:\Windows\system32\DRIVERS\ivusb.sys
14:46:07.0506 3260 ivusb - ok
14:46:07.0535 3260 [ FE8300320281D658A7854D5CFC02A63F ] k750bus C:\Windows\system32\DRIVERS\k750bus.sys
14:46:07.0550 3260 k750bus - ok
14:46:07.0570 3260 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:46:07.0580 3260 kbdclass - ok
14:46:07.0609 3260 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:46:07.0630 3260 kbdhid - ok
14:46:07.0644 3260 [ 803B370865D907EA21DC0C2B6A8936B5 ] KeyIso C:\Windows\system32\lsass.exe
14:46:07.0655 3260 KeyIso - ok
14:46:07.0680 3260 [ F286830298323272260332D6ABC905C1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:46:07.0692 3260 KSecDD - ok
14:46:07.0708 3260 [ D7C760D57B1656DD748B9E4AB6CB5A51 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:46:07.0719 3260 KSecPkg - ok
14:46:07.0736 3260 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
14:46:07.0763 3260 KtmRm - ok
14:46:07.0791 3260 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
14:46:07.0826 3260 LanmanServer - ok
14:46:07.0855 3260 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:46:07.0893 3260 LanmanWorkstation - ok
14:46:07.0935 3260 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
14:46:07.0944 3260 lirsgt - ok
14:46:08.0052 3260 [ 935E2093CEED8198C820B7F60BB63167 ] LiveUpdateSvc C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
14:46:08.0087 3260 LiveUpdateSvc - ok
14:46:08.0118 3260 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:46:08.0153 3260 lltdio - ok
14:46:08.0177 3260 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:46:08.0213 3260 lltdsvc - ok
14:46:08.0220 3260 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
14:46:08.0242 3260 lmhosts - ok
14:46:08.0269 3260 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:46:08.0280 3260 LSI_FC - ok
14:46:08.0292 3260 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:46:08.0304 3260 LSI_SAS - ok
14:46:08.0319 3260 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:46:08.0329 3260 LSI_SAS2 - ok
14:46:08.0341 3260 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:46:08.0354 3260 LSI_SCSI - ok
14:46:08.0373 3260 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
14:46:08.0405 3260 luafv - ok
14:46:08.0436 3260 [ F0435FE3C1EC2659D2BBF073CA0752EE ] massfilter C:\Windows\system32\DRIVERS\massfilter.sys
14:46:08.0475 3260 massfilter - ok
14:46:08.0509 3260 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:46:08.0521 3260 Mcx2Svc - ok
14:46:08.0537 3260 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:46:08.0547 3260 megasas - ok
14:46:08.0567 3260 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:46:08.0582 3260 MegaSR - ok
14:46:08.0645 3260 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
14:46:08.0654 3260 Microsoft Office Groove Audit Service - ok
14:46:08.0689 3260 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
14:46:08.0723 3260 MMCSS - ok
14:46:08.0739 3260 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
14:46:08.0761 3260 Modem - ok
14:46:08.0780 3260 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:46:08.0805 3260 monitor - ok
14:46:08.0829 3260 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
14:46:08.0839 3260 mouclass - ok
14:46:08.0862 3260 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:46:08.0879 3260 mouhid - ok
14:46:08.0903 3260 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:46:08.0914 3260 mountmgr - ok
14:46:08.0958 3260 [ 8072A7BB35D92CC621AC2605EEF79BC4 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
14:46:08.0975 3260 MpFilter - ok
14:46:08.0989 3260 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
14:46:09.0002 3260 mpio - ok
14:46:09.0080 3260 [ 65C34426C83EFA32D48380A97717997B ] MpKsldb75f26c c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsldb75f26c.sys
14:46:09.0080 3260 Suspicious file (Forged): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsldb75f26c.sys. Real md5: 65C34426C83EFA32D48380A97717997B, Fake md5: C073FA60C986E8C1A7BD5EDF99EDFC6A
14:46:09.0081 3260 MpKsldb75f26c ( ForgedFile.Multi.Generic ) - warning
14:46:09.0081 3260 MpKsldb75f26c - detected ForgedFile.Multi.Generic (1)
14:46:09.0093 3260 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:46:09.0114 3260 mpsdrv - ok
14:46:09.0145 3260 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:46:09.0196 3260 MpsSvc - ok
14:46:09.0223 3260 [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:46:09.0234 3260 MRxDAV - ok
14:46:09.0265 3260 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:46:09.0301 3260 mrxsmb - ok
14:46:09.0332 3260 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:46:09.0346 3260 mrxsmb10 - ok
14:46:09.0360 3260 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:46:09.0387 3260 mrxsmb20 - ok
14:46:09.0413 3260 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
14:46:09.0423 3260 msahci - ok
14:46:09.0444 3260 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:46:09.0457 3260 msdsm - ok
14:46:09.0468 3260 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
14:46:09.0495 3260 MSDTC - ok
14:46:09.0526 3260 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:46:09.0554 3260 Msfs - ok
14:46:09.0571 3260 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:46:09.0595 3260 mshidkmdf - ok
14:46:09.0620 3260 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:46:09.0630 3260 msisadrv - ok
14:46:09.0656 3260 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:46:09.0691 3260 MSiSCSI - ok
14:46:09.0695 3260 msiserver - ok
14:46:09.0712 3260 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:46:09.0742 3260 MSKSSRV - ok
14:46:09.0805 3260 [ 1EE3643D1AA747222427F63353611AD7 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:46:09.0817 3260 MsMpSvc - ok
14:46:09.0833 3260 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:46:09.0856 3260 MSPCLOCK - ok
14:46:09.0869 3260 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:46:09.0892 3260 MSPQM - ok
14:46:09.0903 3260 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:46:09.0916 3260 MsRPC - ok
14:46:09.0933 3260 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:46:09.0944 3260 mssmbios - ok
14:46:09.0957 3260 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:46:09.0980 3260 MSTEE - ok
14:46:09.0993 3260 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:46:10.0016 3260 MTConfig - ok
14:46:10.0051 3260 [ 0F24624106D8042E7F27882D9D6FF5C0 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
14:46:10.0064 3260 MTsensor - ok
14:46:10.0078 3260 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
14:46:10.0088 3260 Mup - ok
14:46:10.0126 3260 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
14:46:10.0156 3260 napagent - ok
14:46:10.0183 3260 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:46:10.0209 3260 NativeWifiP - ok
14:46:10.0246 3260 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:46:10.0264 3260 NDIS - ok
14:46:10.0278 3260 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:46:10.0307 3260 NdisCap - ok
14:46:10.0326 3260 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:46:10.0359 3260 NdisTapi - ok
14:46:10.0391 3260 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:46:10.0427 3260 Ndisuio - ok
14:46:10.0447 3260 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:46:10.0477 3260 NdisWan - ok
14:46:10.0498 3260 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:46:10.0518 3260 NDProxy - ok
14:46:10.0542 3260 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:46:10.0578 3260 NetBIOS - ok
14:46:10.0604 3260 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:46:10.0641 3260 NetBT - ok
14:46:10.0652 3260 [ 803B370865D907EA21DC0C2B6A8936B5 ] Netlogon C:\Windows\system32\lsass.exe
14:46:10.0664 3260 Netlogon - ok
14:46:10.0693 3260 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
14:46:10.0731 3260 Netman - ok
14:46:10.0763 3260 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:10.0778 3260 NetMsmqActivator - ok
14:46:10.0804 3260 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:10.0817 3260 NetPipeActivator - ok
14:46:10.0836 3260 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
14:46:10.0872 3260 netprofm - ok
14:46:10.0882 3260 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:10.0896 3260 NetTcpActivator - ok
14:46:10.0901 3260 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:10.0917 3260 NetTcpPortSharing - ok
14:46:10.0934 3260 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:46:10.0944 3260 nfrd960 - ok
14:46:10.0992 3260 [ FCBC2F48430EB0D7150A6521C0B84ACA ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:46:11.0005 3260 NisDrv - ok
14:46:11.0030 3260 [ E4AA07F8BCBCB66EF115C443CD45C7A2 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
14:46:11.0048 3260 NisSrv - ok
14:46:11.0073 3260 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:46:11.0102 3260 NlaSvc - ok
14:46:11.0117 3260 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:46:11.0139 3260 Npfs - ok
14:46:11.0151 3260 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
14:46:11.0188 3260 nsi - ok
14:46:11.0206 3260 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:46:11.0242 3260 nsiproxy - ok
14:46:11.0287 3260 [ C8DFF8D07755A66C7A4A738930F0FEAC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:46:11.0314 3260 Ntfs - ok
14:46:11.0323 3260 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
14:46:11.0356 3260 Null - ok
14:46:11.0390 3260 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
14:46:11.0405 3260 NVENETFD - ok
14:46:11.0605 3260 [ FB20C4EE6242B71AB95A65AC2CE19161 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:46:11.0851 3260 nvlddmkm - ok
14:46:11.0879 3260 [ 1DE923088878B495CD4219E47BA34EB8 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
14:46:11.0893 3260 NVNET - ok
14:46:11.0926 3260 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:46:11.0938 3260 nvraid - ok
14:46:11.0966 3260 [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
14:46:12.0001 3260 nvsmu - ok
14:46:12.0024 3260 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:46:12.0036 3260 nvstor - ok
14:46:12.0073 3260 [ E6A8ED576AB1DAF196E204BCF52DDA18 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:46:12.0104 3260 nvsvc - ok
14:46:12.0163 3260 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:46:12.0207 3260 nvUpdatusService - ok
14:46:12.0230 3260 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:46:12.0242 3260 nv_agp - ok
14:46:12.0312 3260 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:46:12.0340 3260 odserv - ok
14:46:12.0374 3260 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:46:12.0385 3260 ohci1394 - ok
14:46:12.0428 3260 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:46:12.0439 3260 ose - ok
14:46:12.0468 3260 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:46:12.0493 3260 p2pimsvc - ok
14:46:12.0520 3260 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
14:46:12.0547 3260 p2psvc - ok
14:46:12.0584 3260 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:46:12.0602 3260 Parport - ok
14:46:12.0630 3260 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:46:12.0643 3260 partmgr - ok
14:46:12.0657 3260 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
14:46:12.0678 3260 Parvdm - ok
14:46:12.0695 3260 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:46:12.0727 3260 PcaSvc - ok
14:46:12.0765 3260 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
14:46:12.0783 3260 pccsmcfd - ok
14:46:12.0799 3260 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
14:46:12.0813 3260 pci - ok
14:46:12.0845 3260 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
14:46:12.0855 3260 pciide - ok
14:46:12.0870 3260 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:46:12.0883 3260 pcmcia - ok
14:46:12.0899 3260 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
14:46:12.0911 3260 pcw - ok
14:46:12.0930 3260 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:46:12.0984 3260 PEAUTH - ok
14:46:13.0051 3260 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
14:46:13.0116 3260 pla - ok
14:46:13.0160 3260 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:46:13.0196 3260 PlugPlay - ok
14:46:13.0221 3260 [ A1DD33D16F277CE34124EE52AB2C0F14 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
14:46:13.0231 3260 PnkBstrA - ok
14:46:13.0259 3260 [ 5C2F5D26E2E8A13BF91DC4487162BCEB ] PnkBstrB C:\Windows\system32\PnkBstrB.exe
14:46:13.0271 3260 PnkBstrB - ok
14:46:13.0287 3260 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:46:13.0308 3260 PNRPAutoReg - ok
14:46:13.0326 3260 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:46:13.0339 3260 PNRPsvc - ok
14:46:13.0360 3260 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:46:13.0399 3260 PolicyAgent - ok
14:46:13.0433 3260 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
14:46:13.0457 3260 Power - ok
14:46:13.0477 3260 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:46:13.0510 3260 PptpMiniport - ok
14:46:13.0532 3260 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:46:13.0556 3260 Processor - ok
14:46:13.0575 3260 [ 18D9789A4664BF417EEA944D2776091A ] prodrv06 C:\Windows\System32\drivers\prodrv06.sys
14:46:13.0597 3260 prodrv06 ( UnsignedFile.Multi.Generic ) - warning
14:46:13.0597 3260 prodrv06 - detected UnsignedFile.Multi.Generic (1)
14:46:13.0626 3260 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
14:46:13.0651 3260 ProfSvc - ok
14:46:13.0667 3260 [ 8CC9671A7ED2902E747EE0892E1C8575 ] prohlp02 C:\Windows\system32\drivers\prohlp02.sys
14:46:13.0685 3260 prohlp02 ( UnsignedFile.Multi.Generic ) - warning
14:46:13.0685 3260 prohlp02 - detected UnsignedFile.Multi.Generic (1)
14:46:13.0710 3260 [ 960BCE3ED38761B446AABAC06C76BADF ] prosync1 C:\Windows\system32\drivers\prosync1.sys
14:46:13.0715 3260 prosync1 ( UnsignedFile.Multi.Generic ) - warning
14:46:13.0715 3260 prosync1 - detected UnsignedFile.Multi.Generic (1)
14:46:13.0724 3260 [ 803B370865D907EA21DC0C2B6A8936B5 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:46:13.0735 3260 ProtectedStorage - ok
14:46:13.0750 3260 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:46:13.0789 3260 Psched - ok
14:46:13.0831 3260 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:46:13.0885 3260 ql2300 - ok
14:46:13.0903 3260 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:46:13.0915 3260 ql40xx - ok
14:46:13.0933 3260 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
14:46:13.0965 3260 QWAVE - ok
14:46:13.0983 3260 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:46:14.0007 3260 QWAVEdrv - ok
14:46:14.0025 3260 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:46:14.0047 3260 RasAcd - ok
14:46:14.0065 3260 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:46:14.0087 3260 RasAgileVpn - ok
14:46:14.0098 3260 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
14:46:14.0124 3260 RasAuto - ok
14:46:14.0133 3260 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:46:14.0159 3260 Rasl2tp - ok
14:46:14.0196 3260 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
14:46:14.0237 3260 RasMan - ok
14:46:14.0258 3260 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:46:14.0290 3260 RasPppoe - ok
14:46:14.0308 3260 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:46:14.0344 3260 RasSstp - ok
14:46:14.0372 3260 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:46:14.0396 3260 rdbss - ok
14:46:14.0410 3260 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:46:14.0421 3260 rdpbus - ok
14:46:14.0447 3260 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:46:14.0480 3260 RDPCDD - ok
14:46:14.0505 3260 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:46:14.0538 3260 RDPENCDD - ok
14:46:14.0560 3260 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:46:14.0594 3260 RDPREFMP - ok
14:46:14.0628 3260 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:46:14.0645 3260 RdpVideoMiniport - ok
14:46:14.0672 3260 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:46:14.0697 3260 RDPWD - ok
14:46:14.0722 3260 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:46:14.0738 3260 rdyboost - ok
14:46:14.0762 3260 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
14:46:14.0784 3260 RemoteAccess - ok
14:46:14.0798 3260 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:46:14.0823 3260 RemoteRegistry - ok
14:46:14.0845 3260 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:46:14.0871 3260 RFCOMM - ok
14:46:14.0891 3260 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
14:46:14.0921 3260 ROOTMODEM - ok
14:46:14.0941 3260 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:46:14.0965 3260 RpcEptMapper - ok
14:46:14.0986 3260 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
14:46:14.0997 3260 RpcLocator - ok
14:46:15.0035 3260 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
14:46:15.0062 3260 RpcSs - ok
14:46:15.0068 3260 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:46:15.0107 3260 rspndr - ok
14:46:15.0146 3260 [ 19A0B57164830DF3C699E3CC93F68E37 ] rt2870 C:\Windows\system32\DRIVERS\rt2870.sys
14:46:15.0199 3260 rt2870 - ok
14:46:15.0224 3260 RzKLService - ok
14:46:15.0244 3260 [ 803B370865D907EA21DC0C2B6A8936B5 ] SamSs C:\Windows\system32\lsass.exe
14:46:15.0254 3260 SamSs - ok
14:46:15.0287 3260 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:46:15.0299 3260 sbp2port - ok
14:46:15.0320 3260 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:46:15.0353 3260 SCardSvr - ok
14:46:15.0368 3260 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:46:15.0389 3260 scfilter - ok
14:46:15.0429 3260 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
14:46:15.0471 3260 Schedule - ok
14:46:15.0500 3260 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:46:15.0521 3260 SCPolicySvc - ok
14:46:15.0553 3260 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:46:15.0591 3260 SDRSVC - ok
14:46:15.0661 3260 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
14:46:15.0675 3260 SeaPort - ok
14:46:15.0705 3260 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:46:15.0736 3260 secdrv - ok
14:46:15.0751 3260 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
14:46:15.0784 3260 seclogon - ok
14:46:15.0801 3260 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
14:46:15.0831 3260 SENS - ok
14:46:15.0841 3260 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:46:15.0856 3260 SensrSvc - ok
14:46:15.0872 3260 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:46:15.0908 3260 Serenum - ok
14:46:15.0930 3260 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:46:15.0943 3260 Serial - ok
14:46:15.0968 3260 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:46:15.0991 3260 sermouse - ok
14:46:16.0063 3260 [ 3EC8DE67B1C78C31E54C0F030E6BD7D5 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
14:46:16.0096 3260 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
14:46:16.0097 3260 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
14:46:16.0141 3260 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
14:46:16.0178 3260 SessionEnv - ok
14:46:16.0205 3260 [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01 C:\Windows\system32\drivers\sfdrv01.sys
14:46:16.0223 3260 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
14:46:16.0223 3260 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
14:46:16.0250 3260 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:46:16.0266 3260 sffdisk - ok
14:46:16.0280 3260 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:46:16.0354 3260 sffp_mmc - ok
14:46:16.0367 3260 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:46:16.0387 3260 sffp_sd - ok
14:46:16.0404 3260 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\Windows\system32\drivers\sfhlp01.sys
14:46:16.0421 3260 sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
14:46:16.0421 3260 sfhlp01 - detected UnsignedFile.Multi.Generic (1)
14:46:16.0439 3260 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
14:46:16.0443 3260 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
14:46:16.0443 3260 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
14:46:16.0471 3260 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:46:16.0489 3260 sfloppy - ok
14:46:16.0508 3260 [ D5A7E09D2C6A702809E49190D52ADC9F ] sfvfs02 C:\Windows\system32\drivers\sfvfs02.sys
14:46:16.0515 3260 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
14:46:16.0515 3260 sfvfs02 - detected UnsignedFile.Multi.Generic (1)
14:46:16.0538 3260 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:46:16.0578 3260 SharedAccess - ok
14:46:16.0634 3260 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:46:16.0667 3260 ShellHWDetection - ok
14:46:16.0721 3260 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:46:16.0731 3260 sisagp - ok
14:46:16.0748 3260 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:46:16.0759 3260 SiSRaid2 - ok
14:46:16.0769 3260 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:46:16.0780 3260 SiSRaid4 - ok
14:46:16.0800 3260 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:46:16.0833 3260 Smb - ok
14:46:16.0868 3260 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:46:16.0890 3260 SNMPTRAP - ok
14:46:16.0910 3260 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
14:46:16.0920 3260 spldr - ok
14:46:16.0945 3260 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
14:46:16.0970 3260 Spooler - ok
14:46:17.0045 3260 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
14:46:17.0139 3260 sppsvc - ok
14:46:17.0161 3260 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:46:17.0201 3260 sppuinotify - ok
14:46:17.0248 3260 [ CBEAEA2729985BFB260641AB424E0166 ] sptd C:\Windows\System32\Drivers\sptd.sys
14:46:17.0265 3260 sptd - ok
14:46:17.0298 3260 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:46:17.0340 3260 srv - ok
14:46:17.0353 3260 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:46:17.0367 3260 srv2 - ok
14:46:17.0379 3260 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:46:17.0403 3260 srvnet - ok
14:46:17.0427 3260 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:46:17.0465 3260 SSDPSRV - ok
14:46:17.0481 3260 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:46:17.0513 3260 SstpSvc - ok
14:46:17.0539 3260 [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
14:46:17.0550 3260 ss_bbus - ok
14:46:17.0562 3260 [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
14:46:17.0572 3260 ss_bmdfl - ok
14:46:17.0586 3260 [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
14:46:17.0597 3260 ss_bmdm - ok
14:46:17.0608 3260 [ 994D2E5378CC337EC7DD73C1E04FCAA4 ] ss_bserd C:\Windows\system32\DRIVERS\ss_bserd.sys
14:46:17.0620 3260 ss_bserd - ok
14:46:17.0634 3260 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:46:17.0645 3260 stexstor - ok
14:46:17.0680 3260 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
14:46:17.0699 3260 StiSvc - ok
14:46:17.0731 3260 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
14:46:17.0744 3260 swenum - ok
14:46:17.0758 3260 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
14:46:17.0803 3260 swprv - ok
14:46:17.0839 3260 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
14:46:17.0896 3260 SysMain - ok
14:46:17.0923 3260 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:46:17.0938 3260 TabletInputService - ok
14:46:17.0961 3260 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
14:46:17.0995 3260 TapiSrv - ok
14:46:18.0006 3260 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
14:46:18.0046 3260 TBS - ok
14:46:18.0085 3260 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:46:18.0112 3260 Tcpip - ok
14:46:18.0151 3260 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:46:18.0179 3260 TCPIP6 - ok
14:46:18.0214 3260 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:46:18.0224 3260 tcpipreg - ok
14:46:18.0260 3260 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:46:18.0283 3260 TDPIPE - ok
14:46:18.0303 3260 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:46:18.0316 3260 TDTCP - ok
14:46:18.0345 3260 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:46:18.0366 3260 tdx - ok
14:46:18.0380 3260 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:46:18.0391 3260 TermDD - ok
14:46:18.0429 3260 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
14:46:18.0456 3260 TermService - ok
14:46:18.0468 3260 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
14:46:18.0483 3260 Themes - ok
14:46:18.0498 3260 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
14:46:18.0522 3260 THREADORDER - ok
14:46:18.0541 3260 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
14:46:18.0565 3260 TrkWks - ok
14:46:18.0603 3260 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:46:18.0625 3260 TrustedInstaller - ok
14:46:18.0658 3260 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:46:18.0668 3260 tssecsrv - ok
14:46:18.0695 3260 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:46:18.0726 3260 TsUsbFlt - ok
14:46:18.0758 3260 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:46:18.0792 3260 tunnel - ok
14:46:18.0807 3260 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:46:18.0817 3260 uagp35 - ok
14:46:18.0850 3260 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:46:18.0874 3260 udfs - ok
14:46:18.0894 3260 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:46:18.0908 3260 UI0Detect - ok
14:46:18.0968 3260 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
14:46:18.0981 3260 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
14:46:18.0982 3260 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
14:46:18.0998 3260 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:46:19.0009 3260 uliagpkx - ok
14:46:19.0035 3260 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
14:46:19.0046 3260 umbus - ok
14:46:19.0056 3260 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:46:19.0078 3260 UmPass - ok
14:46:19.0095 3260 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
14:46:19.0121 3260 upnphost - ok
14:46:19.0145 3260 [ 0803FBA9FE829D61AE26EC0BCC910C46 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:46:19.0174 3260 usbccgp - ok
14:46:19.0198 3260 [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:46:19.0217 3260 usbcir - ok
14:46:19.0237 3260 [ D40855F89B69305140BBD7E9A3BA2DA6 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:46:19.0259 3260 usbehci - ok
14:46:19.0300 3260 [ EDF2DF71C4F1E13A6AC75F5224DE655A ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:46:19.0328 3260 usbhub - ok
14:46:19.0333 3260 [ 9828C8D14CC2676421778F0DE638CF97 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:46:19.0352 3260 usbohci - ok
14:46:19.0365 3260 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:46:19.0389 3260 usbprint - ok
14:46:19.0416 3260 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:46:19.0440 3260 USBSTOR - ok
14:46:19.0457 3260 [ 800AABFD625EEFF899F7E5496BDE37AB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:46:19.0468 3260 usbuhci - ok
14:46:19.0486 3260 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
14:46:19.0525 3260 UxSms - ok
14:46:19.0544 3260 [ 803B370865D907EA21DC0C2B6A8936B5 ] VaultSvc C:\Windows\system32\lsass.exe
14:46:19.0554 3260 VaultSvc - ok
14:46:19.0562 3260 VComm - ok
14:46:19.0573 3260 VcommMgr - ok
14:46:19.0596 3260 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:46:19.0607 3260 vdrvroot - ok
14:46:19.0640 3260 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
14:46:19.0689 3260 vds - ok
14:46:19.0702 3260 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:46:19.0715 3260 vga - ok
14:46:19.0729 3260 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:46:19.0765 3260 VgaSave - ok
14:46:19.0786 3260 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:46:19.0799 3260 vhdmp - ok
14:46:19.0826 3260 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:46:19.0844 3260 viaagp - ok
14:46:19.0861 3260 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
14:46:19.0880 3260 ViaC7 - ok
14:46:19.0916 3260 [ 4906E025DD6B322C4BBD6B9E35C9993A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
14:46:19.0960 3260 VIAHdAudAddService - ok
14:46:19.0985 3260 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
14:46:19.0999 3260 viaide - ok
14:46:20.0017 3260 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:46:20.0029 3260 volmgr - ok
14:46:20.0045 3260 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:46:20.0060 3260 volmgrx - ok
14:46:20.0094 3260 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:46:20.0108 3260 volsnap - ok
14:46:20.0135 3260 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:46:20.0153 3260 vsmraid - ok
14:46:20.0196 3260 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
14:46:20.0258 3260 VSS - ok
14:46:20.0297 3260 vToolbarUpdater13.2.0 - ok
14:46:20.0322 3260 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:46:20.0344 3260 vwifibus - ok
14:46:20.0363 3260 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:46:20.0381 3260 vwififlt - ok
14:46:20.0409 3260 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
14:46:20.0435 3260 W32Time - ok
14:46:20.0459 3260 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:46:20.0483 3260 WacomPen - ok
14:46:20.0513 3260 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:46:20.0546 3260 WANARP - ok
14:46:20.0550 3260 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:46:20.0572 3260 Wanarpv6 - ok
14:46:20.0636 3260 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:46:20.0684 3260 WatAdminSvc - ok
14:46:20.0713 3260 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
14:46:20.0760 3260 wbengine - ok
14:46:20.0776 3260 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:46:20.0808 3260 WbioSrvc - ok
14:46:20.0835 3260 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:46:20.0867 3260 wcncsvc - ok
14:46:20.0881 3260 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:46:20.0911 3260 WcsPlugInService - ok
14:46:20.0924 3260 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:46:20.0936 3260 Wd - ok
14:46:20.0973 3260 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:46:21.0005 3260 Wdf01000 - ok
14:46:21.0020 3260 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:46:21.0086 3260 WdiServiceHost - ok
14:46:21.0091 3260 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:46:21.0107 3260 WdiSystemHost - ok
14:46:21.0138 3260 [ 75E8EBD7040CE238684333F97014762A ] WebClient C:\Windows\System32\webclnt.dll
14:46:21.0153 3260 WebClient - ok
14:46:21.0164 3260 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:46:21.0207 3260 Wecsvc - ok
14:46:21.0228 3260 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:46:21.0266 3260 wercplsupport - ok
14:46:21.0293 3260 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
14:46:21.0325 3260 WerSvc - ok
14:46:21.0348 3260 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:46:21.0373 3260 WfpLwf - ok
14:46:21.0388 3260 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:46:21.0398 3260 WIMMount - ok
14:46:21.0441 3260 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:46:21.0486 3260 WinDefend - ok
14:46:21.0507 3260 WinHttpAutoProxySvc - ok
14:46:21.0546 3260 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:46:21.0586 3260 Winmgmt - ok
14:46:21.0626 3260 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
14:46:21.0695 3260 WinRM - ok
14:46:21.0728 3260 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:46:21.0742 3260 WinUsb - ok
14:46:21.0774 3260 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:46:21.0809 3260 Wlansvc - ok
14:46:21.0874 3260 [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:46:21.0937 3260 wlidsvc - ok
14:46:21.0956 3260 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:46:21.0967 3260 WmiAcpi - ok
14:46:21.0995 3260 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:46:22.0021 3260 wmiApSrv - ok
14:46:22.0060 3260 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:46:22.0129 3260 WMPNetworkSvc - ok
14:46:22.0143 3260 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:46:22.0159 3260 WPCSvc - ok
14:46:22.0184 3260 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:46:22.0197 3260 WPDBusEnum - ok
14:46:22.0223 3260 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:46:22.0270 3260 ws2ifsl - ok
14:46:22.0296 3260 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
14:46:22.0327 3260 wscsvc - ok
14:46:22.0331 3260 WSearch - ok
14:46:22.0395 3260 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:46:22.0459 3260 wuauserv - ok
14:46:22.0478 3260 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:46:22.0500 3260 WudfPf - ok
14:46:22.0525 3260 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:46:22.0564 3260 WUDFRd - ok
14:46:22.0595 3260 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:46:22.0624 3260 wudfsvc - ok
14:46:22.0656 3260 [ 7CC38741B8F68F1E0D5D79DA6123666A ] WwanSvc C:\Windows\System32\wwansvc.dll
14:46:22.0700 3260 WwanSvc - ok
14:46:22.0724 3260 [ B8B466103280E45E391E876F05122607 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:46:22.0740 3260 ZTEusbmdm6k - ok
14:46:22.0758 3260 [ 911BA85906BC7602C73441502ABFB565 ] ZTEusbnet C:\Windows\system32\DRIVERS\ZTEusbnet.sys
14:46:22.0790 3260 ZTEusbnet - ok
14:46:22.0806 3260 [ 69774B89725DDC4781E0EEB9809F3B20 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:46:22.0852 3260 ZTEusbnmea - ok
14:46:22.0870 3260 [ B8B466103280E45E391E876F05122607 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:46:22.0881 3260 ZTEusbser6k - ok
14:46:22.0948 3260 ================ Scan global ===============================
14:46:22.0982 3260 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
14:46:23.0009 3260 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
14:46:23.0026 3260 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
14:46:23.0044 3260 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:46:23.0059 3260 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:46:23.0062 3260 [Global] - ok
14:46:23.0062 3260 ================ Scan MBR ==================================
14:46:23.0074 3260 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:46:23.0284 3260 \Device\Harddisk0\DR0 - ok
14:46:23.0285 3260 ================ Scan VBR ==================================
14:46:23.0290 3260 [ 639291F392D7170874044FF51B4B4000 ] \Device\Harddisk0\DR0\Partition1
14:46:23.0292 3260 \Device\Harddisk0\DR0\Partition1 - ok
14:46:23.0317 3260 [ 61D4F4EC581A0C8980D1E2AF7662CAB4 ] \Device\Harddisk0\DR0\Partition2
14:46:23.0326 3260 \Device\Harddisk0\DR0\Partition2 - ok
14:46:23.0327 3260 ============================================================
14:46:23.0327 3260 Scan finished
14:46:23.0327 3260 ============================================================
14:46:23.0342 3224 Detected object count: 14
14:46:23.0342 3224 Actual detected object count: 14
14:46:37.0929 3224 ENTECH ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0929 3224 ENTECH ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0932 3224 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0932 3224 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0935 3224 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0935 3224 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0938 3224 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0938 3224 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0943 3224 MpKsldb75f26c ( ForgedFile.Multi.Generic ) - skipped by user
14:46:37.0943 3224 MpKsldb75f26c ( ForgedFile.Multi.Generic ) - User select action: Skip
14:46:37.0945 3224 prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0945 3224 prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0948 3224 prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0948 3224 prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0951 3224 prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0951 3224 prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0953 3224 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0954 3224 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0957 3224 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0957 3224 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0960 3224 sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0960 3224 sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0962 3224 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0963 3224 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0965 3224 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0965 3224 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:37.0968 3224 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:37.0968 3224 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:50.0711 3160 Deinitialize success

U Malwarebytes Anti-Rootkit to žádnou infekci nenašlo.

Restartujte pc.

Pak najdete tento soubor c:\windows\system32\userinit.exe a otestujte ho na virustotal a jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledky sem zkopirujte, nebo dejte odkaz.


Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Zde jsou odkazy :

jotti
http://virusscan.jotti.org/cs/scanresul ... 3960cf906c

Virustotal
https://www.virustotal.com/cs/file/538f ... /analysis/

A zde je log z RogueKiller :

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jakub [Práva správce]
Mód : Kontrola -- Datum : 04/21/2014 15:23:30
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\14022libfoxloader.dll [x] -> ODEBRÁNO
[SUSP PATH] szndesktop.exe -- C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 13 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-2460206527-1493759754-90791392-1000\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-2460206527-1493759754-90791392-1000\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CCSet\[...]\{193D7CE4-0F3E-4A7A-A4E1-D365391AA1A9} : NameServer (217.77.165.81 217.77.161.131 [CZECH REPUBLIC (CZ) - CZECH REPUBLIC (CZ)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CCSet\[...]\{C41D5A94-13E6-4703-B67A-62416F999917} : NameServer (217.77.165.81 217.77.161.131 [CZECH REPUBLIC (CZ) - CZECH REPUBLIC (CZ)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{193D7CE4-0F3E-4A7A-A4E1-D365391AA1A9} : NameServer (217.77.165.81 217.77.161.131 [CZECH REPUBLIC (CZ) - CZECH REPUBLIC (CZ)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{C41D5A94-13E6-4703-B67A-62416F999917} : NameServer (217.77.165.81 217.77.161.131 [CZECH REPUBLIC (CZ) - CZECH REPUBLIC (CZ)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{193D7CE4-0F3E-4A7A-A4E1-D365391AA1A9} : NameServer (217.77.165.81 217.77.161.131 [CZECH REPUBLIC (CZ) - CZECH REPUBLIC (CZ)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{C41D5A94-13E6-4703-B67A-62416F999917} : NameServer (217.77.165.81 217.77.161.131 [CZECH REPUBLIC (CZ) - CZECH REPUBLIC (CZ)]) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 2 ¤¤¤
[V2][SUSP PATH] {11AF9F5F-C43F-44F5-8EFD-91F92D3A4ED6} : C:\Users\Jakub\Desktop\Battlefield 2 Demo.exe [x] -> NALEZENO
[V2][SUSP PATH] {BC1D3E82-AB79-44F4-838C-00C58F65A862} : C:\Users\Jakub\Desktop\Battlefield 2 Demo.exe [x] -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\system32\drivers\WDFLDR.SYS -> HOOKED (Unknown @ 0x85A8D1F8)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\system32\drivers\WDFLDR.SYS -> HOOKED (Unknown @ 0x85A8D1F8)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\system32\drivers\WDFLDR.SYS -> HOOKED (Unknown @ 0x85A8D1F8)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\system32\drivers\WDFLDR.SYS -> HOOKED (Unknown @ 0x85A8D1F8)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\system32\drivers\WDFLDR.SYS -> HOOKED (Unknown @ 0x85A8D1F8)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\system32\drivers\WDFLDR.SYS -> HOOKED (Unknown @ 0x85A8D1F8)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\system32\drivers\WDFLDR.SYS -> HOOKED (Unknown @ 0x85A8D1F8)
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E0731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742CE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742CD395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B94AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742CD9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742D3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E35E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B51BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BFCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E06CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BCD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BBF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BFF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E23B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BCDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742D3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C3611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C39D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E22E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E3172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742D3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E29C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C1081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BDF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BF869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B85B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742D3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E3296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742CCFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E068D)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_ProxY[+p—‚ø";ÿÿÿÿ|—‚tD0fY[+3) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DD99)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD6400AAKS-22A7B2 ATA Device +++++
--- User ---
[MBR] 283a440fece8a6d10746b06b5efd0c11
[BSP] be92604706e2c7bc6e6fc7b708001c1d : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 539 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1105920 | Size: 609939 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_04212014_152330.txt >>


Můžu už RogueKiller vypnout ?

No, to jsou ale testy jineho souboru. Ne toho z vaseho pc. Kouknete na datum a cas testu. Na obou strankach musite kliknout na napis Otestovat znovu, aby testoval opravdu primo ten vas soubor.


Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

Aha to sem nevěděl že to nejsou moje soubory, sem na tý stránce poprvé.

Jotti:
http://virusscan.jotti.org/cs/scanresul ... 3960cf906c

Virustotal:
https://www.virustotal.com/cs/file/538f ... 398087487/

Nevím ale proč to u tohodle napsalo místo 15:38 - 13:38..

A zde sou logy :

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jakub [Práva správce]
Mód : Oprava HOSTS -- Datum : 04/21/2014 15:39:34
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\14022libfoxloader.dll [x] -> ODEBRÁNO
[SUSP PATH] szndesktop.exe -- C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_04212014_153934.txt >>
RKreport[0]_D_04212014_153422.txt;RKreport[0]_D_04212014_153921.txt;RKreport[0]_S_04212014_152330.txt
RKreport[0]_S_04212014_153735.txt




RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jakub [Práva správce]
Mód : Odebrat -- Datum : 04/21/2014 15:39:21
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\14022libfoxloader.dll [x] -> ODEBRÁNO
[SUSP PATH] szndesktop.exe -- C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E0731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742CE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742CD395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B94AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742CD9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742D3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E35E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B51BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BFCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E06CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BCD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BBF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BFF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E23B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BCDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742D3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C3611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C39D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E22E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E3172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742D3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E29C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E2B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C1081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BDF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BF869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B85B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742D3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E3296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742C0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742CCFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742BB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742E068D)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Prox.T,ˆšÑø";ÿÿÿÿ”šÑtD0ŽT,3) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E4DD99)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD6400AAKS-22A7B2 ATA Device +++++
--- User ---
[MBR] 283a440fece8a6d10746b06b5efd0c11
[BSP] be92604706e2c7bc6e6fc7b708001c1d : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 539 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1105920 | Size: 609939 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_04212014_153921.txt >>
RKreport[0]_D_04212014_153422.txt;RKreport[0]_S_04212014_152330.txt;RKreport[0]_S_04212014_153735.txt

Vypada to, ze soubor zatim drzi.


Dejte novy log z RSIT

Tady je :

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jakub at 2014-04-21 15:47:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 468 GB (77%) free of 610 GB
Total RAM: 2943 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:47:21, on 21.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\Downloads\RSIT (3).exe
C:\Program Files\trend micro\Jakub.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\driverupd.vbs
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.872
O4 - HKCU\..\Run: [MKLOL] "C:\Program Files\MKJogo\MKLOL\MK.exe" -auto
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-21-2460206527-1493759754-90791392-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2460206527-1493759754-90791392-1003\..\Run: [AVG-Secure-Search-Update_JUNE2013_TB] "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2460206527-1493759754-90791392-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{193D7CE4-0F3E-4A7A-A4E1-D365391AA1A9}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{C41D5A94-13E6-4703-B67A-62416F999917}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CS1\Services\Tcpip\..\{193D7CE4-0F3E-4A7A-A4E1-D365391AA1A9}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CS2\Services\Tcpip\..\{193D7CE4-0F3E-4A7A-A4E1-D365391AA1A9}: NameServer = 217.77.165.81 217.77.161.131
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\Windows\system32\dgdersvc.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate1cac9dd563a9e30) (gupdate1cac9dd563a9e30) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: RzKLService - Unknown owner - C:\Program Files\Razer\Razer Game Booster\RzKLService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (file missing)

--
End of file - 8245 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf48cd20c95a20.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2009-08-28 1486848]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\driverupd.vbs [2013-12-04 559]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.872 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MKLOL"=C:\Program Files\MKJogo\MKLOL\MK.exe [2014-04-18 1107144]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
""=
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FPS1"=frapsvid.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
"vidc.yv12"=yv12vfw.dll
"vidc.MPG4"=MPG4c32.dll
"vidc.MP42"=MPG4c32.dll
"vidc.MP43"=MPG4c32.dll
"msacm.msaudio1"=msaud32.acm
"msacm.siren"=sirenacm.dll
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"VIDC.FMVC"=fmcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-04-21 14:49:12 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-21 14:45:27 ----A---- C:\TDSSKiller.2.8.16.0_21.04.2014_14.45.27_log.txt
2014-04-21 14:33:22 ----A---- C:\ComboFix.txt
2014-04-21 14:32:57 ----SHD---- C:\$RECYCLE.BIN
2014-04-21 14:05:32 ----A---- C:\CFScript.txt
2014-04-21 14:04:28 ----R---- C:\ComboFix.exe
2014-04-21 12:10:51 ----A---- C:\Windows\zip.exe
2014-04-21 12:10:51 ----A---- C:\Windows\SWSC.exe
2014-04-21 12:10:51 ----A---- C:\Windows\SWREG.exe
2014-04-21 12:10:51 ----A---- C:\Windows\sed.exe
2014-04-21 12:10:51 ----A---- C:\Windows\PEV.exe
2014-04-21 12:10:51 ----A---- C:\Windows\NIRCMD.exe
2014-04-21 12:10:51 ----A---- C:\Windows\MBR.exe
2014-04-21 12:10:51 ----A---- C:\Windows\grep.exe
2014-04-21 12:10:45 ----D---- C:\Qoobox
2014-04-21 12:10:32 ----D---- C:\Windows\erdnt
2014-04-21 00:46:48 ----D---- C:\AdwCleaner
2014-04-21 00:04:41 ----D---- C:\rsit
2014-04-21 00:04:41 ----D---- C:\Program Files\trend micro
2014-04-21 00:00:37 ----A---- C:\Windows\ntbtlog.txt
2014-04-20 23:01:21 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-04-20 23:01:00 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-04-20 23:00:59 ----D---- C:\ProgramData\Malwarebytes
2014-04-20 23:00:59 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-04-20 23:00:59 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-04-20 23:00:59 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-04-20 22:50:56 ----D---- C:\_OTM
2014-04-19 13:11:40 ----D---- C:\Program Files\Razer
2014-04-19 13:11:38 ----D---- C:\ProgramData\Razer
2014-04-14 18:06:47 ----A---- C:\Windows\system32\wininet.dll
2014-04-14 18:06:47 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-14 18:06:47 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-14 18:06:47 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-14 18:06:47 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\urlmon.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\msrating.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\mshtml.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-14 18:06:46 ----A---- C:\Windows\system32\ieui.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\iertutil.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\ieframe.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-14 18:06:45 ----A---- C:\Windows\system32\vbscript.dll
2014-04-14 18:06:45 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-14 18:06:45 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-14 18:06:45 ----A---- C:\Windows\system32\jscript9.dll
2014-04-14 18:06:45 ----A---- C:\Windows\system32\iesetup.dll
2014-04-14 18:06:45 ----A---- C:\Windows\system32\iernonce.dll
2014-04-14 18:06:45 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-13 19:48:19 ----D---- C:\Users\Jakub\AppData\Roaming\Hive Cluster
2014-04-13 14:07:45 ----D---- C:\Program Files\The Binding of Isaac
2014-04-11 12:02:46 ----D---- C:\Program Files\Microsoft Security Client
2014-04-09 22:52:15 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 22:52:15 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 22:52:15 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 22:52:15 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 22:52:10 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-04-09 22:48:46 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 20:13:29 ----D---- C:\Program Files\BestGameEver
2014-03-31 18:33:08 ----A---- C:\Windows\system32\msonpmon.dll
2014-03-31 18:30:05 ----D---- C:\Program Files\Microsoft Works
2014-03-31 18:29:20 ----D---- C:\Program Files\Microsoft Visual Studio
2014-03-31 18:29:20 ----D---- C:\Program Files\Common Files\DESIGNER
2014-03-31 18:22:44 ----D---- C:\Program Files\Microsoft Visual Studio 8
2014-03-31 18:20:58 ----D---- C:\ProgramData\Microsoft Help
2014-03-31 18:19:32 ----RD---- C:\MSOCache
2014-03-31 17:44:24 ----D---- C:\Program Files\DAEMON Tools Lite

======List of files/folders modified in the last 1 month======

2014-04-21 15:46:58 ----D---- C:\Windows\Temp
2014-04-21 15:46:58 ----D---- C:\Windows\System32
2014-04-21 15:37:31 ----D---- C:\Windows\system32\drivers
2014-04-21 15:34:22 ----D---- C:\Windows\system32\Tasks
2014-04-21 15:19:13 ----D---- C:\Users\Jakub\AppData\Roaming\Seznam.cz
2014-04-21 15:11:43 ----D---- C:\Windows\system32\config
2014-04-21 14:51:50 ----D---- C:\Users\Jakub\AppData\Roaming\Skype
2014-04-21 14:49:12 ----D---- C:\ProgramData
2014-04-21 14:29:19 ----N---- C:\Windows\system.ini
2014-04-21 14:29:19 ----D---- C:\Windows
2014-04-21 14:29:13 ----D---- C:\Windows\system32\drivers\etc
2014-04-21 14:24:39 ----D---- C:\Windows\AppPatch
2014-04-21 14:24:38 ----D---- C:\Program Files\Common Files
2014-04-21 12:10:45 ----D---- C:\Windows\Prefetch
2014-04-21 00:47:31 ----RD---- C:\Program Files
2014-04-21 00:47:29 ----D---- C:\ProgramData\ICQ
2014-04-20 23:56:16 ----D---- C:\Windows\Tasks
2014-04-20 23:16:29 ----D---- C:\Windows\Speech
2014-04-20 23:15:30 ----D---- C:\Windows\inf
2014-04-20 22:55:04 ----D---- C:\Windows\system32\catroot2
2014-04-20 22:40:58 ----SHD---- C:\Windows\Installer
2014-04-20 22:40:57 ----D---- C:\Config.Msi
2014-04-20 22:40:12 ----SHD---- C:\System Volume Information
2014-04-20 22:28:17 ----D---- C:\Windows\system32\NDF
2014-04-20 09:30:11 ----D---- C:\Users\Jakub\AppData\Roaming\uTorrent
2014-04-19 23:55:44 ----D---- C:\Users\Jakub\AppData\Roaming\vlc
2014-04-19 14:18:18 ----D---- C:\Windows\SoftwareDistribution
2014-04-19 14:11:43 ----D---- C:\Windows\debug
2014-04-16 20:54:45 ----D---- C:\Windows\rescache
2014-04-15 08:27:26 ----D---- C:\ProgramData\ProductData
2014-04-15 08:26:13 ----D---- C:\Windows\winsxs
2014-04-15 02:52:57 ----D---- C:\Windows\system32\cs-CZ
2014-04-15 02:52:57 ----D---- C:\Windows\PolicyDefinitions
2014-04-15 02:52:56 ----D---- C:\Windows\system32\en-US
2014-04-15 02:52:56 ----D---- C:\Program Files\Internet Explorer
2014-04-14 18:06:44 ----D---- C:\Windows\system32\catroot
2014-04-13 13:17:28 ----D---- C:\Windows\Microsoft.NET
2014-04-13 13:17:26 ----RSD---- C:\Windows\assembly
2014-04-12 09:15:13 ----D---- C:\Windows\system32\DriverStore
2014-04-11 12:29:24 ----D---- C:\Windows\Minidump
2014-04-11 12:29:15 ----D---- C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2014-04-11 12:02:48 ----SD---- C:\ProgramData\Microsoft
2014-04-11 12:01:21 ----HD---- C:\Program Files\InstallShield Installation Information
2014-04-11 11:59:24 ----D---- C:\Program Files\Autodesk
2014-04-11 11:51:19 ----D---- C:\ProgramData\Autodesk
2014-04-11 11:44:31 ----D---- C:\Users\Jakub\AppData\Roaming\Autodesk
2014-04-11 11:44:30 ----RSD---- C:\Windows\Fonts
2014-04-11 11:35:46 ----D---- C:\Program Files\Common Files\Adobe
2014-04-11 10:49:51 ----D---- C:\ProgramData\Adobe
2014-04-11 10:47:55 ----D---- C:\Users\Jakub\AppData\Roaming\Adobe
2014-04-11 10:47:12 ----D---- C:\Program Files\Adobe
2014-04-10 03:03:07 ----D---- C:\Windows\system32\MRT
2014-04-10 03:01:14 ----A---- C:\Windows\system32\MRT.exe
2014-04-08 22:53:53 ----D---- C:\temp
2014-04-04 15:31:10 ----D---- C:\Program Files\Microsoft Office
2014-04-01 06:11:59 ----N---- C:\Windows\win.ini
2014-04-01 06:11:57 ----D---- C:\Program Files\Common Files\System
2014-03-31 21:17:45 ----D---- C:\Program Files\Common Files\microsoft shared
2014-03-31 18:54:18 ----SD---- C:\Users\Jakub\AppData\Roaming\Microsoft
2014-03-31 18:29:53 ----D---- C:\Program Files\MSBuild
2014-03-31 18:29:16 ----D---- C:\Windows\ShellNew
2014-03-31 18:28:26 ----D---- C:\Program Files\Microsoft.NET
2014-03-31 17:46:30 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-27 18:56:07 ----D---- C:\ProgramData\IObit

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-03-31 320120]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 MpKsla881c29a;MpKsla881c29a; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D56435A5-3B38-4B9D-B5E9-1833BB762F87}\MpKsla881c29a.sys [2014-04-21 39464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-11-22 83872]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-11-22 25888]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-03-09 1501696]
R3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2009-12-22 18136]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-08-17 1077760]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys []
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\Jakub\AppData\Local\Temp\catchme.sys []
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2004-10-25 21664]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-07-12 11136]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 49664]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-05-21 13224]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-05-21 25512]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-07-12 89856]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-07-12 26624]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2011-07-12 182272]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 25112]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\DRIVERS\massfilter.sys [2008-12-08 7680]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 rt2870;Belkin 802.11n USB Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\rt2870.sys [2008-10-29 644096]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 100224]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-11-23 49664]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608]
R2 dgdersvc;Device Error Recovery Service; C:\Windows\system32\dgdersvc.exe [2009-12-22 95568]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-12-22 217088]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 664352]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-03 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-06-04 214864]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate1cac9dd563a9e30;Služba Google Update (gupdate1cac9dd563a9e30); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-22 133104]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 RzKLService;RzKLService; C:\Program Files\Razer\Razer Game Booster\RzKLService.exe []
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-03-11 1044816]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-22 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-04-14 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-07 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Jeste jeden sken a budem mazat.


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).