VIRY.CZ

ComboFix 13-01-08.01 - Ivana & Peter 10/01/2013 18:36:22.2.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.4094.2450 [GMT 1:00]
Running from: c:\users\Ivana & Peter\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-12-10 to 2013-01-10 )))))))))))))))))))))))))))))))
.
.
2013-01-10 17:45 . 2013-01-10 17:47 -------- d-----w- c:\users\Ivana & Peter\AppData\Local\temp
2013-01-10 17:45 . 2013-01-10 17:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-10 13:18 . 2013-01-10 13:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-10 13:18 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-08 13:13 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{483991BF-4908-4A8C-9C1C-A5057247BADA}\mpengine.dll
2013-01-03 13:47 . 2013-01-03 13:47 -------- d-----w- c:\program files (x86)\sweetpacks bundle uninstaller
2012-12-31 11:33 . 2013-01-02 13:27 -------- d-----w- c:\users\Ivana & Peter\AppData\Roaming\DivX
2012-12-31 11:33 . 2012-12-31 11:33 -------- d-----w- c:\program files\DivX
2012-12-31 11:33 . 2012-12-31 11:33 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2012-12-31 11:32 . 2012-12-31 11:34 -------- d-----w- c:\program files (x86)\DivX
2012-12-31 11:31 . 2012-12-31 11:34 -------- d-----w- c:\programdata\DivX
2012-12-31 11:23 . 2012-12-31 11:23 -------- d-----w- C:\Download
2012-12-31 11:22 . 2012-12-31 11:22 -------- d-----w- c:\users\Ivana & Peter\AppData\Roaming\Samsung
2012-12-31 11:21 . 2012-12-31 11:21 -------- d-----w- C:\AllShare
2012-12-30 19:17 . 2012-12-30 19:17 -------- d-----w- C:\PCShareManagerUpload
2012-12-30 19:16 . 2012-12-31 11:20 -------- d-----w- c:\program files (x86)\Samsung
2012-12-24 10:32 . 2000-05-11 00:00 90112 ------w- c:\windows\Updreg.EXE
2012-12-24 10:25 . 2012-12-24 10:31 -------- d-----w- c:\program files (x86)\Creative Professional
2012-12-24 10:24 . 2003-11-10 17:14 729088 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-12-24 10:24 . 2003-11-10 17:13 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-12-24 10:24 . 2003-11-10 17:12 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-12-24 10:24 . 2003-11-10 17:12 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-12-24 10:24 . 2003-11-10 17:11 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-12-24 10:24 . 2012-12-24 10:24 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-12-24 10:24 . 2012-12-24 10:24 188548 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-12-23 21:21 . 2012-12-23 21:21 -------- d-----w- c:\windows\SysWow64\Extensions
2012-12-23 21:21 . 2012-12-23 21:21 -------- d-----w- c:\windows\SysWow64\searchplugins
2012-12-23 21:21 . 2012-12-23 21:29 -------- d-----w- c:\users\Ivana & Peter\AppData\Roaming\vlc
2012-12-23 21:21 . 2012-12-23 21:21 -------- d-----w- c:\programdata\BrowserProtect
2012-12-23 21:20 . 2012-12-23 21:20 -------- d-----w- c:\program files (x86)\VideoLAN
2012-12-23 21:20 . 2012-12-23 21:20 723230 ----a-w- c:\windows\unins000.exe
2012-12-23 19:57 . 2012-12-23 19:57 -------- d-----w- c:\windows\SysWow64\Data
2012-12-23 19:57 . 2012-12-23 19:57 -------- d-----w- c:\windows\system32\Data
2012-12-23 19:57 . 2007-11-26 14:10 11776 ----a-w- c:\windows\system32\INRES.DLL
2012-12-23 19:57 . 2007-11-26 14:07 11776 ----a-w- c:\windows\SysWow64\INRES.DLL
2012-12-23 14:38 . 2012-12-23 14:38 -------- d-----w- c:\program files (x86)\Common Files\Tmp
2012-12-23 14:30 . 2012-12-23 14:30 -------- d-----w- c:\programdata\Celemony Software GmbH
2012-12-23 14:30 . 2012-12-23 14:40 -------- d-----w- c:\users\Ivana & Peter\AppData\Roaming\Celemony Software GmbH
2012-12-23 14:26 . 2006-03-30 15:39 368640 ----a-w- c:\windows\SysWow64\ReWire.dll
2012-12-23 14:26 . 2012-12-23 14:26 -------- d-----w- c:\program files (x86)\u-he
2012-12-23 14:26 . 2012-12-23 14:26 -------- d-----w- c:\program files (x86)\Celemony
2012-12-23 14:25 . 2012-12-23 14:25 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2012-12-23 14:25 . 2005-03-22 16:50 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2012-12-23 14:25 . 2004-07-15 23:20 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2012-12-23 14:25 . 2004-07-15 23:19 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2012-12-23 14:25 . 2004-07-15 23:18 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2012-12-23 14:25 . 2004-07-15 23:18 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2012-12-23 14:25 . 2012-12-23 14:25 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2012-12-23 14:20 . 2012-12-23 14:20 -------- d-----w- c:\program files\Common Files\VST3
2012-12-23 14:20 . 2012-12-23 14:20 -------- d-----w- c:\program files\Steinberg
2012-12-23 14:20 . 2012-12-23 14:20 -------- d-----w- c:\program files (x86)\iZotope
2012-12-23 14:20 . 2012-12-23 14:20 -------- d-----w- c:\program files (x86)\Common Files\Digidesign
2012-12-12 16:39 . 2012-12-12 16:39 -------- d-----w- C:\99ac2d28a8cd374705e7
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 12:36 . 2006-11-02 12:35 67599240 ----a-w- c:\windows\system32\mrt.exe
2013-01-09 20:28 . 2012-05-05 16:43 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 20:28 . 2012-05-05 16:43 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-13 20:29 . 2012-11-13 20:29 354216 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1555968]
"E-MU USB Audio Control Panel"="c:\program files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe" [2007-11-26 274432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2007-02-15 119296]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-08-24 336992]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2012-03-01 285072]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
.
c:\users\Ivana & Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Odmenovac.appref-ms [2012-10-29 282]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - COMHOST
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
ezSharedSvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 20:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-17 15844896]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-17 82464]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-11 178712]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
.
------- Supplementary Scan -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mStart Page =
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt
mLocal Page = %SystemRoot%\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
IE: E&xportovat do programu Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Ivana & Peter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&oslat do programu OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@DACL=(02 0011)
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
@DACL=(02 0011)
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@DACL=(02 0011)
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@DACL=(02 0011)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
c:\hp\HPEZBTN\HPBtnSrv.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\windows\SysWOW64\nlssrv32.exe
c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\hp\kbd\kbd.exe
c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
.
**************************************************************************
.
Completion time: 2013-01-10 18:51:23 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-10 17:51
ComboFix2.txt 2013-01-10 12:35
.
Pre-Run: 779,118,972,928 bytes free
Post-Run: 779,143,573,504 bytes free
.
- - End Of File - - 98688F740205DB4DE51D5B4F10A3D918

můžeš sem zkopírovat i obsah ComboFix2.txt 2013-01-10 12:35
Ten druhý scan už je skoro zbytečný

jak se chová PC? - ještě problémy?

proč tam nevidím stopy po Aniviru?

aky obsah ComboFix2.txt 2013-01-10 12:35, kde to najdem? stopy po antiviru? nemame antivir, pc sa zda byt zatial ok

nanka295 píše:... nemame antivir, pc sa zda byt zatial ok

zatím to OK nevypadá

ComboFix2.txt zkus zadat do vyhledávání - Win+F

nevyzera byt ok? ako to? co sa deje? ten combofix mi nenaslo, asi som to uz vymazala

nový script do OTM dej mi výsledný log + AdwCleaner -> Search

========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows\\"AppInit_DLLs"|"" /E : value set successfully!
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_CURRENT_USER\Software\a53de8ce13be410\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\[bprotector start page] not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{AE07101B-46D4-4A98-AF68-0333EA26E113} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ not found.
========== FILES ==========
C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} folder moved successfully.
C:\ProgramData\BrowserProtect\2.5.1005.80 folder moved successfully.
C:\ProgramData\BrowserProtect folder moved successfully.
File/Folder c:\windows\Tasks\AmiUpdXp.job not found.
File/Folder c:\users\Ivana & Peter\AppData\Local\SwvUpdater\Updater.exe not found.
========== COMMANDS ==========

OTM by OldTimer - Version 3.1.21.0 log created on 01112013_094029






# AdwCleaner v2.105 - Logfile created 01/11/2013 at 09:45:56
# Updated 08/01/2013 by Xplode
# Operating system : Windows (TM) Vista Home Premium Service Pack 1 (64 bits)
# User : Ivana & Peter - IAP-PC
# Boot Mode : Normal
# Running from : C:\Users\Ivana & Peter\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : BrowserProtect

***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6001.18639

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Ivana & Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.12.1707.0

File : C:\Users\Ivana & Peter\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [16628 octets] - [10/01/2013 15:22:13]
AdwCleaner[R2].txt - [2167 octets] - [10/01/2013 17:42:28]
AdwCleaner[R3].txt - [1246 octets] - [11/01/2013 09:45:56]

########## EOF - C:\AdwCleaner[R3].txt - [1306 octets] ##########

Vypadá to čisté - dej mi ještě RSIT a asi budeme uklízet

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ivana & Peter at 2013-01-11 09:57:20
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 743 GB (79%) free of 939 GB
Total RAM: 4094 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:57:24, on 11/01/2013
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18639)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Opera\Opera.exe
C:\hp\kbd\kbd.exe
C:\Program Files\trend micro\Ivana & Peter.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [AllShareAgent] "C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe"
O4 - HKLM\..\Run: [DivXMediaServer] "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [E-MU USB Audio Control Panel] "C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe"
O4 - Startup: Odmenovac.appref-ms
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Ivana & Peter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Odoslat do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslat do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: E-MU Audio Service (emaudsv) - Unknown owner - C:\Windows\system32\emaudsv.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: This service enables products that use the Nalpeiron Licensing System. (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11076 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
C:\Windows\system32\rundll32.exe C:\Windows\system32\NVSVC64.DLL,nvsvcInitialize
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\emaudsv.exe
"C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe"
C:\Windows\SysWOW64\svchost.exe -k netsvcs
c:\hp\HPEZBTN\HPBtnSrv.exe
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\SysWOW64\nlssrv32.exe
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-04feec14-7aac-4891-a36e-ae99c80dafc8 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-31f87c1c-4f9c-4ce5-9055-0f0c31fe7663 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-cec0e215-ba65-4476-a613-9df289079aa3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:522bc8c8-0242-433b-b746-f823fa2ad002
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\WINDOWS\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe"
"C:\hp\support\hpsysdrv.exe"
"C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
taskeng.exe {5C2579B2-C436-4734-9771-CF7EBDE34AC1}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Opera\Opera.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\hp\kbd\kbd.exe"
"C:\Windows\system32\wuauclt.exe"
taskeng.exe {84576CB1-0A57-432E-BC8E-A15CEFA80929}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 636 640 648 65536 644
"C:\Users\Ivana & Peter\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll [2008-02-06 349552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2008-09-19 116088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-05-10 329504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-05-10 59168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113} - QuickShare Widget - C:\Windows\system32\mscoree.dll [2009-11-08 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll [2008-02-06 349552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-17 15844896]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-17 82464]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-06-11 178712]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968]
"E-MU USB Audio Control Panel"=C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe [2007-11-26 274432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [2008-02-06 51048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02 75008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2008-07-03 972080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\isCfgWiz]
c:\Program Files (x86)\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe [2008-02-23 611712]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2007-02-15 119296]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-09-09 421776]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-08-24 336992]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"AllShareAgent"=C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [2012-03-01 285072]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2012-11-13 450560]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2012-11-30 1263512]

C:\Users\Ivana & Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odmenovac.appref-ms

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-01-11 09:45:56 ----A---- C:\AdwCleaner[R3].txt
2013-01-10 18:51:26 ----D---- C:\Windows\temp
2013-01-10 18:51:24 ----A---- C:\ComboFix.txt
2013-01-10 18:47:27 ----SHD---- C:\$RECYCLE.BIN
2013-01-10 17:42:28 ----A---- C:\AdwCleaner[R2].txt
2013-01-10 15:22:13 ----A---- C:\AdwCleaner[R1].txt
2013-01-10 14:18:08 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-10 14:18:08 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-01-10 13:16:33 ----A---- C:\Windows\zip.exe
2013-01-10 13:16:33 ----A---- C:\Windows\SWSC.exe
2013-01-10 13:16:33 ----A---- C:\Windows\SWREG.exe
2013-01-10 13:16:33 ----A---- C:\Windows\sed.exe
2013-01-10 13:16:33 ----A---- C:\Windows\PEV.exe
2013-01-10 13:16:33 ----A---- C:\Windows\NIRCMD.exe
2013-01-10 13:16:33 ----A---- C:\Windows\MBR.exe
2013-01-10 13:16:33 ----A---- C:\Windows\grep.exe
2013-01-10 11:39:38 ----A---- C:\Windows\ntbtlog.txt
2013-01-09 07:42:47 ----A---- C:\ProgramData\tlotoo2.dat
2013-01-03 14:47:53 ----D---- C:\Program Files (x86)\sweetpacks bundle uninstaller
2012-12-31 12:33:50 ----D---- C:\Users\Ivana & Peter\AppData\Roaming\DivX
2012-12-31 12:33:33 ----D---- C:\Program Files\DivX
2012-12-31 12:32:00 ----D---- C:\Program Files (x86)\DivX
2012-12-31 12:31:33 ----D---- C:\ProgramData\DivX
2012-12-31 12:23:14 ----D---- C:\Download
2012-12-31 12:22:55 ----D---- C:\Users\Ivana & Peter\AppData\Roaming\Samsung
2012-12-31 12:21:17 ----D---- C:\AllShare
2012-12-30 20:17:38 ----D---- C:\PCShareManagerUpload
2012-12-30 20:16:01 ----D---- C:\Program Files (x86)\Samsung
2012-12-24 11:32:15 ----N---- C:\Windows\Updreg.EXE
2012-12-24 11:25:48 ----D---- C:\Program Files (x86)\Creative Professional
2012-12-23 22:21:21 ----D---- C:\Windows\SYSWOW64\Extensions
2012-12-23 22:21:20 ----D---- C:\Windows\SYSWOW64\searchplugins
2012-12-23 22:21:19 ----D---- C:\Users\Ivana & Peter\AppData\Roaming\vlc
2012-12-23 22:20:44 ----D---- C:\Program Files (x86)\VideoLAN
2012-12-23 22:20:40 ----A---- C:\Windows\unins000.exe
2012-12-23 22:20:40 ----A---- C:\Windows\unins000.dat
2012-12-23 20:57:59 ----D---- C:\Windows\SYSWOW64\Data
2012-12-23 20:57:59 ----D---- C:\Windows\system32\Data
2012-12-23 20:57:58 ----A---- C:\Windows\SYSWOW64\INRES.DLL
2012-12-23 20:57:58 ----A---- C:\Windows\system32\INRES.DLL
2012-12-23 15:30:52 ----D---- C:\ProgramData\Celemony Software GmbH
2012-12-23 15:30:51 ----D---- C:\Users\Ivana & Peter\AppData\Roaming\Celemony Software GmbH
2012-12-23 15:26:34 ----A---- C:\Windows\SYSWOW64\ReWire.dll
2012-12-23 15:26:20 ----D---- C:\Program Files (x86)\u-he
2012-12-23 15:26:17 ----D---- C:\Program Files (x86)\Celemony
2012-12-23 15:20:47 ----D---- C:\Program Files\Common Files\VST3
2012-12-23 15:20:46 ----D---- C:\Program Files\Steinberg
2012-12-23 15:20:46 ----D---- C:\Program Files (x86)\iZotope
2012-12-17 14:30:40 ----D---- C:\Qoobox
2012-12-17 14:30:15 ----D---- C:\Windows\erdnt
2012-12-14 07:58:55 ----A---- C:\Windows\system32\MRT.INI
2012-12-12 17:39:11 ----D---- C:\99ac2d28a8cd374705e7

======List of files/folders modified in the last 1 month======

2013-01-11 09:57:24 ----D---- C:\Windows\Prefetch
2013-01-11 09:57:23 ----D---- C:\Program Files\trend micro
2013-01-11 09:46:49 ----D---- C:\Windows\System32
2013-01-11 09:46:49 ----D---- C:\Windows\inf
2013-01-11 09:46:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-11 09:40:30 ----D---- C:\ProgramData
2013-01-10 18:51:26 ----D---- C:\Windows\system32\drivers
2013-01-10 18:51:26 ----AD---- C:\WINDOWS
2013-01-10 18:47:26 ----A---- C:\Windows\system.ini
2013-01-10 18:47:20 ----D---- C:\Windows\system32\drivers\etc
2013-01-10 18:41:25 ----D---- C:\Windows\SYSWOW64\drivers
2013-01-10 18:41:25 ----D---- C:\Windows\SysWOW64
2013-01-10 18:41:24 ----D---- C:\Windows\AppPatch
2013-01-10 18:41:24 ----D---- C:\Program Files (x86)\Common Files
2013-01-10 17:27:47 ----SHD---- C:\Windows\Installer
2013-01-10 17:27:08 ----RD---- C:\Program Files (x86)
2013-01-10 17:26:50 ----SHD---- C:\System Volume Information
2013-01-10 14:52:04 ----D---- C:\Windows\Tasks
2013-01-10 13:38:49 ----D---- C:\Config.Msi
2013-01-10 13:36:38 ----A---- C:\Windows\system32\mrt.exe
2013-01-10 13:36:29 ----D---- C:\ProgramData\Microsoft Help
2013-01-10 11:39:17 ----D---- C:\Windows\system32\Tasks
2013-01-09 21:28:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-08 09:00:20 ----D---- C:\Windows\system32\catroot2
2013-01-04 09:24:06 ----D---- C:\Windows\system32\WDI
2012-12-31 13:12:45 ----RSD---- C:\Windows\assembly
2012-12-31 13:12:45 ----D---- C:\Windows\Microsoft.NET
2012-12-31 12:33:33 ----RD---- C:\Program Files
2012-12-31 12:21:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-29 11:22:37 ----D---- C:\Users\Ivana & Peter\AppData\Roaming\Chief Architect Premier X5
2012-12-24 10:29:01 ----RSD---- C:\Windows\Fonts
2012-12-23 22:21:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-12-23 21:23:56 ----SD---- C:\ProgramData\Microsoft
2012-12-23 20:58:44 ----D---- C:\Windows\system32\catroot
2012-12-23 15:20:47 ----D---- C:\Program Files\Common Files
2012-12-23 15:20:46 ----D---- C:\Program Files (x86)\Steinberg
2012-12-21 21:39:36 ----D---- C:\Program Files (x86)\Opera
2012-12-18 21:52:45 ----D---- C:\Users\Ivana & Peter\AppData\Roaming\Apple Computer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iastor.sys [2008-06-11 395800]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-08-24 126944]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [2008-01-31 32304]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2008-02-19 28720]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-07-03 1477272]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 NAVENG;NAVENG; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20080421.003\ENG64.SYS [2008-04-21 125488]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20080421.003\EX64.SYS [2008-04-21 1417776]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr28x.sys [2008-06-09 459776]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-17 9544736]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2008-02-14 160768]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [2008-01-31 440880]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 emusba10;E-MU USB-Audio 1.0 Driver; C:\Windows\system32\DRIVERS\emusba10.sys [2007-11-26 213272]
S3 IDSvia64;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~3\Symantec\DEFINI~1\SymcData\ipsdefs\20071204.002\IDSvia64.sys [2007-11-06 251952]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [2008-01-31 476720]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2008-09-19 172080]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 98816]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 41984]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 46080]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AllShare;SAMSUNG AllShare Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ccEvtMgr;Symantec Event Manager; c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-06 149864]
R2 ccSetMgr;Symantec Settings Manager; c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-06 149864]
R2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-06 149864]
R2 emaudsv;E-MU Audio Service; C:\Windows\system32\emaudsv.exe [2007-11-26 25600]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-02 94208]
R2 HPBtnSrv;HP Chasis Button Service; c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-06-11 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 LiveUpdate Notice;LiveUpdate Notice; c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-06 149864]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 nlsX86cc;This service enables products that use the Nalpeiron Licensing System.; C:\Windows\SysWOW64\nlssrv32.exe [2011-09-22 66560]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-17 355840]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-05-05 624856]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848]
S2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 comHost;COM Host; c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-08-21 267096]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe [2008-03-29 165416]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LiveUpdate;LiveUpdate; c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE [2008-02-09 3220856]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
S3 Symantec Core LC;Symantec Core LC; C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2008-09-19 1245064]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-02-09 238968]

-----------------EOF-----------------




jeeeej

mas to ciste
pokial sa kolega pusti do zaverecneho upratovania doporucil by som nainstalovat ServicePack 2

ok, dakujem pekne za info,pockam co napise a uvidime co dalej

drží se nám tam

stáhni a spusť http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
některé Antiviry jej mohou blokovat, proto je budeš muset na tu chvíli odstavit
- Zvol možnost Prohledat a poté Smazat a následně Zpráva - otevře se log, ten sem vlož

Naughty píše: Po stažení http://support.kaspersky.com/downloads/ ... killer.exe na plochu.

- spusť
- klik na volbu change parameters
- označ ve spodním okně obě možnosti (klik do čtverečku) -> OK
- klik na Start scan
- po ukončení kontroly objeví se okno, kde zkontroluj, zda se nachází všude volby Skip
- pokud ano klik na Continue
- pokud ne, v řádcích kde není uprav na Skip, nyní klik na Continue
- na disku C se objeví textový soubor majicí přibližně tvar TDSSKiller.2.6.2.0_27.09.2011_10.16.46_log
- obsah logu vlož do příspěvku.

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6001 Service Pack 1) 64 bits version
Started in : Normal mode
User : Ivana & Peter [Admin rights]
Mode : Remove -- Date : 01/11/2013 12:00:03

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDS721010CLA332 +++++
--- User ---
[MBR] 88762c19c4ece4c5e0d1084bf22fee6e
[BSP] b0e065b0252c181de8d1541a3ba5cffb : HP tatooed MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 939446 Mo
1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1923987456 | Size: 14421 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST350041 2AS USB Device +++++
--- User ---
[MBR] c42719a02416566555929f8284ee0e56
[BSP] d2483f4fb333556f0195ced646164585 : TestDisk MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive4: Generic- SD/MMC USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2]_D_01112013_02d1200.txt >>
RKreport[1]_S_01112013_02d1159.txt ; RKreport[2]_D_01112013_02d1200.txt







12:01:21.0226 4900 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:01:21.0509 4900 ============================================================
12:01:21.0509 4900 Current date / time: 2013/01/11 12:01:21.0509
12:01:21.0509 4900 SystemInfo:
12:01:21.0509 4900
12:01:21.0509 4900 OS Version: 6.0.6001 ServicePack: 1.0
12:01:21.0509 4900 Product type: Workstation
12:01:21.0510 4900 ComputerName: IAP-PC
12:01:21.0510 4900 UserName: Ivana & Peter
12:01:21.0510 4900 Windows directory: C:\Windows
12:01:21.0510 4900 System windows directory: C:\Windows
12:01:21.0510 4900 Running under WOW64
12:01:21.0510 4900 Processor architecture: Intel x64
12:01:21.0510 4900 Number of processors: 4
12:01:21.0510 4900 Page size: 0x1000
12:01:21.0510 4900 Boot type: Normal boot
12:01:21.0510 4900 ============================================================
12:01:21.0981 4900 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:01:21.0986 4900 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:01:22.0005 4900 ============================================================
12:01:22.0005 4900 \Device\Harddisk0\DR0:
12:01:22.0006 4900 MBR partitions:
12:01:22.0006 4900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x72ADB7C1
12:01:22.0006 4900 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x72ADB800, BlocksNum 0x1C2A800
12:01:22.0006 4900 \Device\Harddisk1\DR1:
12:01:22.0007 4900 MBR partitions:
12:01:22.0007 4900 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
12:01:22.0007 4900 ============================================================
12:01:22.0024 4900 C: <-> \Device\Harddisk0\DR0\Partition1
12:01:22.0061 4900 D: <-> \Device\Harddisk0\DR0\Partition2
12:01:22.0132 4900 J: <-> \Device\Harddisk1\DR1\Partition1
12:01:22.0133 4900 ============================================================
12:01:22.0133 4900 Initialize success
12:01:22.0133 4900 ============================================================
12:02:06.0331 3452 ============================================================
12:02:06.0331 3452 Scan started
12:02:06.0331 3452 Mode: Manual; SigCheck; TDLFS;
12:02:06.0331 3452 ============================================================
12:02:06.0514 3452 ================ Scan system memory ========================
12:02:06.0514 3452 System memory - ok
12:02:06.0514 3452 ================ Scan services =============================
12:02:06.0667 3452 [ 8C99ED256A889D647935A97C543B7B85 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:02:06.0767 3452 ACPI - ok
12:02:06.0874 3452 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:02:06.0892 3452 AdobeARMservice - ok
12:02:06.0964 3452 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:02:06.0987 3452 AdobeFlashPlayerUpdateSvc - ok
12:02:07.0030 3452 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:02:07.0067 3452 adp94xx - ok
12:02:07.0074 3452 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:02:07.0128 3452 adpahci - ok
12:02:07.0134 3452 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:02:07.0161 3452 adpu160m - ok
12:02:07.0169 3452 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:02:07.0197 3452 adpu320 - ok
12:02:07.0220 3452 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:02:07.0309 3452 AeLookupSvc - ok
12:02:07.0334 3452 [ 9BB97042FA331A0FB4BDD98B9280A50A ] AFD C:\Windows\system32\drivers\afd.sys
12:02:07.0391 3452 AFD - ok
12:02:07.0417 3452 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:02:07.0440 3452 agp440 - ok
12:02:07.0452 3452 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:02:07.0477 3452 aic78xx - ok
12:02:07.0497 3452 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
12:02:07.0541 3452 ALG - ok
12:02:07.0549 3452 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
12:02:07.0569 3452 aliide - ok
12:02:07.0736 3452 [ AAA1F9D4CF4C976C21BCA8AFA2BAE6A4 ] AllShare C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
12:02:07.0881 3452 AllShare ( UnsignedFile.Multi.Generic ) - warning
12:02:07.0881 3452 AllShare - detected UnsignedFile.Multi.Generic (1)
12:02:07.0901 3452 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
12:02:07.0922 3452 amdide - ok
12:02:07.0937 3452 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:02:07.0984 3452 AmdK8 - ok
12:02:08.0032 3452 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
12:02:08.0108 3452 androidusb - ok
12:02:08.0156 3452 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
12:02:08.0186 3452 Appinfo - ok
12:02:08.0233 3452 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:02:08.0250 3452 Apple Mobile Device - ok
12:02:08.0280 3452 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
12:02:08.0304 3452 arc - ok
12:02:08.0309 3452 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:02:08.0334 3452 arcsas - ok
12:02:08.0342 3452 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:02:08.0377 3452 AsyncMac - ok
12:02:08.0391 3452 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys
12:02:08.0407 3452 atapi - ok
12:02:08.0443 3452 [ 2A54B6A48AB6D2166271B05E9469326E ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:02:08.0509 3452 AudioEndpointBuilder - ok
12:02:08.0516 3452 [ 2A54B6A48AB6D2166271B05E9469326E ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:02:08.0557 3452 AudioSrv - ok
12:02:08.0592 3452 [ 2843669C89A00950195F51DBB5DB0B8E ] Automatic LiveUpdate Scheduler c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
12:02:08.0613 3452 Automatic LiveUpdate Scheduler - ok
12:02:08.0624 3452 Beep - ok
12:02:08.0646 3452 [ BC4737AAFFA5964E4F8827C9B8C0EB8E ] BFE C:\Windows\System32\bfe.dll
12:02:08.0707 3452 BFE - ok
12:02:08.0743 3452 [ D896A0D43F8AB81ECB1FC6C24DECFD58 ] BITS C:\Windows\system32\qmgr.dll
12:02:08.0809 3452 BITS - ok
12:02:08.0831 3452 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:02:08.0874 3452 blbdrive - ok
12:02:08.0940 3452 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:02:08.0958 3452 Bonjour Service - ok
12:02:08.0984 3452 [ F0F035FCEC3554CC1B70C5611BD87951 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:02:09.0015 3452 bowser - ok
12:02:09.0028 3452 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:02:09.0060 3452 BrFiltLo - ok
12:02:09.0064 3452 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:02:09.0105 3452 BrFiltUp - ok
12:02:09.0140 3452 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
12:02:09.0175 3452 Browser - ok
12:02:09.0193 3452 BrowserProtect - ok
12:02:09.0211 3452 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
12:02:09.0358 3452 Brserid - ok
12:02:09.0364 3452 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:02:09.0439 3452 BrSerWdm - ok
12:02:09.0446 3452 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:02:09.0516 3452 BrUsbMdm - ok
12:02:09.0521 3452 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:02:09.0591 3452 BrUsbSer - ok
12:02:09.0623 3452 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:02:09.0688 3452 BTHMODEM - ok
12:02:09.0703 3452 catchme - ok
12:02:09.0744 3452 [ 5A6FD8778A42FD0BDC6F6ED9A181669B ] ccEvtMgr c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
12:02:09.0764 3452 ccEvtMgr - ok
12:02:09.0768 3452 [ 5A6FD8778A42FD0BDC6F6ED9A181669B ] ccSetMgr c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
12:02:09.0788 3452 ccSetMgr - ok
12:02:09.0809 3452 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:02:09.0858 3452 cdfs - ok
12:02:09.0874 3452 [ 3B2FB35363423ED60C8FBF15FC8680BD ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:02:09.0918 3452 cdrom - ok
12:02:09.0949 3452 [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] CertPropSvc C:\Windows\System32\certprop.dll
12:02:09.0983 3452 CertPropSvc - ok
12:02:10.0002 3452 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:02:10.0042 3452 circlass - ok
12:02:10.0058 3452 [ CAEDA2572B7042B11062F327F099251D ] CLFS C:\Windows\system32\CLFS.sys
12:02:10.0082 3452 CLFS - ok
12:02:10.0139 3452 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:02:10.0156 3452 clr_optimization_v2.0.50727_32 - ok
12:02:10.0197 3452 [ FA58B51ED71C9133E141164EAA7C54EB ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:02:10.0211 3452 clr_optimization_v2.0.50727_64 - ok
12:02:10.0270 3452 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:02:10.0288 3452 clr_optimization_v4.0.30319_32 - ok
12:02:10.0307 3452 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:02:10.0321 3452 clr_optimization_v4.0.30319_64 - ok
12:02:10.0344 3452 [ 5A6FD8778A42FD0BDC6F6ED9A181669B ] CLTNetCnService c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
12:02:10.0363 3452 CLTNetCnService - ok
12:02:10.0386 3452 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:02:10.0407 3452 cmdide - ok
12:02:10.0439 3452 [ 41CC83C49CED7EBC4D6C5ADFB4EAFF00 ] comHost c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe
12:02:10.0455 3452 comHost - ok
12:02:10.0460 3452 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:02:10.0480 3452 Compbatt - ok
12:02:10.0484 3452 COMSysApp - ok
12:02:10.0499 3452 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:02:10.0520 3452 crcdisk - ok
12:02:10.0538 3452 [ 4374F784121D8B3BB466B03F5E5EBD33 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:02:10.0573 3452 CryptSvc - ok
12:02:10.0607 3452 [ 52CDADE8289FF21F1F2215FF51A5F36C ] DcomLaunch C:\Windows\system32\rpcss.dll
12:02:10.0663 3452 DcomLaunch - ok
12:02:10.0673 3452 [ 3725C43C9E90731ECA651D506CC599A3 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:02:10.0713 3452 DfsC - ok
12:02:10.0795 3452 [ 1781F99840979EE7B126C9073C377FD0 ] DFSR C:\Windows\system32\DFSR.exe
12:02:10.0903 3452 DFSR - ok
12:02:10.0951 3452 [ FDAA0EDFCFB70CD529589AD654651B40 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:02:10.0997 3452 Dhcp - ok
12:02:11.0019 3452 [ 2DC415FC05FB8A079F896CBBACB19324 ] disk C:\Windows\system32\drivers\disk.sys
12:02:11.0043 3452 disk - ok
12:02:11.0064 3452 [ DAF05293C1264E251D3A25E7E24B2DDF ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:02:11.0098 3452 Dnscache - ok
12:02:11.0111 3452 [ CC661867677627F2911C2A4970DEE0F1 ] dot3svc C:\Windows\System32\dot3svc.dll
12:02:11.0158 3452 dot3svc - ok
12:02:11.0173 3452 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
12:02:11.0210 3452 DPS - ok
12:02:11.0229 3452 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:02:11.0264 3452 drmkaud - ok
12:02:11.0296 3452 [ 412964040CE920FF83AFF6B5B551BF99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:02:11.0349 3452 DXGKrnl - ok
12:02:11.0372 3452 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
12:02:11.0415 3452 E1G60 - ok
12:02:11.0437 3452 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
12:02:11.0475 3452 EapHost - ok
12:02:11.0490 3452 [ 7343D950A34A95DCB7441642E3E6BEEF ] Ecache C:\Windows\system32\drivers\ecache.sys
12:02:11.0515 3452 Ecache - ok
12:02:11.0550 3452 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:02:11.0592 3452 ehRecvr - ok
12:02:11.0607 3452 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
12:02:11.0628 3452 ehSched - ok
12:02:11.0642 3452 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
12:02:11.0668 3452 ehstart - ok
12:02:11.0700 3452 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:02:11.0736 3452 elxstor - ok
12:02:11.0759 3452 [ 2B8FE9090E08F491020EA67C6876249D ] emaudsv C:\Windows\system32\emaudsv.exe
12:02:11.0780 3452 emaudsv - ok
12:02:11.0803 3452 [ E4EB76D0A8FC43DB7F36302E1F33791F ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:02:11.0886 3452 EMDMgmt - ok
12:02:11.0905 3452 [ 5AB2749B29B34369E9170328AB39A3CA ] emusba10 C:\Windows\system32\DRIVERS\emusba10.sys
12:02:11.0930 3452 emusba10 - ok
12:02:11.0934 3452 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:02:11.0987 3452 ErrDev - ok
12:02:12.0010 3452 [ 6B1A97BF9FEFBDC83F3C7C7D0F826C66 ] EventSystem C:\Windows\system32\es.dll
12:02:12.0060 3452 EventSystem - ok
12:02:12.0076 3452 [ 2A546B9A84658B0554B1EC35CD9ADAF5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:02:12.0128 3452 exfat - ok
12:02:12.0140 3452 ezSharedSvc - ok
12:02:12.0166 3452 [ FE731D345ED9EEABBC72A59B35941834 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:02:12.0220 3452 fastfat - ok
12:02:12.0225 3452 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:02:12.0266 3452 fdc - ok
12:02:12.0283 3452 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
12:02:12.0317 3452 fdPHost - ok
12:02:12.0331 3452 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
12:02:12.0392 3452 FDResPub - ok
12:02:12.0408 3452 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:02:12.0431 3452 FileInfo - ok
12:02:12.0447 3452 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:02:12.0487 3452 Filetrace - ok
12:02:12.0492 3452 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:02:12.0533 3452 flpydisk - ok
12:02:12.0540 3452 [ 7DACF1A3A4219575070C6DC7C957428A ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:02:12.0565 3452 FltMgr - ok
12:02:12.0604 3452 [ 73D0F1D32EDAE3DCC4E84468BF910ADD ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:02:12.0618 3452 FontCache3.0.0.0 - ok
12:02:12.0631 3452 [ 29D99E860A1CA0A03C6A733FDD0DA703 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:02:12.0670 3452 Fs_Rec - ok
12:02:12.0676 3452 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:02:12.0698 3452 gagp30kx - ok
12:02:12.0729 3452 [ CC1C8068B05283D63EC5FE782D2D3946 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
12:02:12.0750 3452 GameConsoleService - ok
12:02:12.0789 3452 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:02:12.0812 3452 GEARAspiWDM - ok
12:02:12.0838 3452 [ 9E5B254D58232EC8921EC3C5A94C81ED ] gpsvc C:\Windows\System32\gpsvc.dll
12:02:12.0905 3452 gpsvc - ok
12:02:12.0936 3452 [ 0C0D0F8A3FF09ECC81963D09EC6A0A84 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:02:12.0980 3452 HDAudBus - ok
12:02:12.0992 3452 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:02:13.0067 3452 HidBth - ok
12:02:13.0084 3452 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:02:13.0128 3452 HidIr - ok
12:02:13.0136 3452 [ 0AA154538544E988429DA2D5AA803A6C ] hidserv C:\Windows\System32\hidserv.dll
12:02:13.0171 3452 hidserv - ok
12:02:13.0184 3452 [ 128E2DA8483FDD4DD0C7B3F9ABD6F323 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:02:13.0218 3452 HidUsb - ok
12:02:13.0233 3452 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
12:02:13.0269 3452 hkmsvc - ok
12:02:13.0311 3452 [ A3A30438C48D2D71556E120C9C7BA7A0 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
12:02:13.0322 3452 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
12:02:13.0322 3452 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
12:02:13.0373 3452 [ DEB82AF183F1CD06813D91ED104C645C ] HPBtnSrv c:\hp\HPEZBTN\HPBtnSrv.exe
12:02:13.0391 3452 HPBtnSrv - ok
12:02:13.0422 3452 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:02:13.0444 3452 HpCISSs - ok
12:02:13.0475 3452 [ E690736DA6C543F5D99C8FA27BEA31DB ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:02:13.0546 3452 HTTP - ok
12:02:13.0550 3452 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:02:13.0572 3452 i2omp - ok
12:02:13.0587 3452 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:02:13.0621 3452 i8042prt - ok
12:02:13.0659 3452 [ 5B19DFC29A9563A5DA5CA559BED83AA8 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:02:13.0682 3452 IAANTMON - ok
12:02:13.0703 3452 [ A5AFC75C01044C0DDA0231C4E26C15A0 ] iaStor C:\Windows\system32\drivers\iastor.sys
12:02:13.0723 3452 iaStor - ok
12:02:13.0745 3452 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:02:13.0773 3452 iaStorV - ok
12:02:13.0824 3452 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:02:13.0836 3452 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:02:13.0836 3452 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:02:13.0884 3452 [ 76EA63CDB2D88DAE7209691D089BEF1D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:02:13.0916 3452 idsvc - ok
12:02:13.0953 3452 [ 23B607081CFE7EF59EC7A59B616D5EF1 ] IDSvia64 C:\PROGRA~3\Symantec\DEFINI~1\SymcData\ipsdefs\20071204.002\IDSvia64.sys
12:02:13.0969 3452 IDSvia64 - ok
12:02:13.0978 3452 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:02:14.0008 3452 iirsp - ok
12:02:14.0036 3452 [ 3A3B232140C33376E134E7B61A0EAA44 ] IKEEXT C:\Windows\System32\ikeext.dll
12:02:14.0103 3452 IKEEXT - ok
12:02:14.0147 3452 [ 46CB3ABE8150E7B181E86D4906DE17E8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:02:14.0206 3452 IntcAzAudAddService - ok
12:02:14.0228 3452 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
12:02:14.0249 3452 intelide - ok
12:02:14.0260 3452 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:02:14.0294 3452 intelppm - ok
12:02:14.0308 3452 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:02:14.0345 3452 IPBusEnum - ok
12:02:14.0356 3452 [ 99B821F5BEBD6A3CC3FE564F802AE0FD ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:02:14.0398 3452 IpFilterDriver - ok
12:02:14.0437 3452 [ 3A0427F35E7F8C16BBC5B1BE32B8DE76 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:02:14.0464 3452 iphlpsvc - ok
12:02:14.0468 3452 IpInIp - ok
12:02:14.0487 3452 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:02:14.0529 3452 IPMIDRV - ok
12:02:14.0534 3452 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:02:14.0578 3452 IPNAT - ok
12:02:14.0644 3452 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:02:14.0674 3452 iPod Service - ok
12:02:14.0693 3452 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:02:14.0740 3452 IRENUM - ok
12:02:14.0758 3452 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:02:14.0779 3452 isapnp - ok
12:02:14.0794 3452 [ 49E4CCBF74783FCE5D2CC1FF6480E1F4 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:02:14.0812 3452 iScsiPrt - ok
12:02:14.0817 3452 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:02:14.0840 3452 iteatapi - ok
12:02:14.0853 3452 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:02:14.0875 3452 iteraid - ok
12:02:14.0884 3452 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:02:14.0899 3452 kbdclass - ok
12:02:14.0907 3452 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:02:14.0947 3452 kbdhid - ok
12:02:14.0964 3452 [ 80F4593E92FF960E4763380D3168E498 ] KeyIso C:\Windows\system32\lsass.exe
12:02:14.0990 3452 KeyIso - ok
12:02:15.0000 3452 [ CCDCCE6224E1E207E953AF826B98A9D9 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:02:15.0032 3452 KSecDD - ok
12:02:15.0047 3452 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:02:15.0097 3452 ksthunk - ok
12:02:15.0127 3452 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
12:02:15.0182 3452 KtmRm - ok
12:02:15.0208 3452 [ 3F27C9CDAE606D74431E3AB39571A7F3 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:02:15.0239 3452 LanmanServer - ok
12:02:15.0270 3452 [ 6E25FFC6FEAD6544C6E9F1D23329570C ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:02:15.0302 3452 LanmanWorkstation - ok
12:02:15.0346 3452 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:02:15.0360 3452 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
12:02:15.0360 3452 LightScribeService - detected UnsignedFile.Multi.Generic (1)
12:02:15.0423 3452 [ EBB4CDB0B50D220604F0693B6588AC40 ] LiveUpdate c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
12:02:15.0502 3452 LiveUpdate - ok
12:02:15.0518 3452 [ 5A6FD8778A42FD0BDC6F6ED9A181669B ] LiveUpdate Notice c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
12:02:15.0538 3452 LiveUpdate Notice - ok
12:02:15.0559 3452 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:02:15.0613 3452 lltdio - ok
12:02:15.0637 3452 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:02:15.0680 3452 lltdsvc - ok
12:02:15.0694 3452 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:02:15.0739 3452 lmhosts - ok
12:02:15.0760 3452 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:02:15.0785 3452 LSI_FC - ok
12:02:15.0791 3452 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:02:15.0814 3452 LSI_SAS - ok
12:02:15.0829 3452 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:02:15.0854 3452 LSI_SCSI - ok
12:02:15.0868 3452 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
12:02:15.0910 3452 luafv - ok
12:02:15.0926 3452 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:02:15.0939 3452 MBAMProtector - ok
12:02:15.0969 3452 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:02:16.0004 3452 MBAMScheduler - ok
12:02:16.0038 3452 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:02:16.0066 3452 MBAMService - ok
12:02:16.0085 3452 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:02:16.0116 3452 Mcx2Svc - ok
12:02:16.0143 3452 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
12:02:16.0165 3452 megasas - ok
12:02:16.0175 3452 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
12:02:16.0208 3452 MegaSR - ok
12:02:16.0260 3452 Microsoft SharePoint Workspace Audit Service - ok
12:02:16.0277 3452 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
12:02:16.0311 3452 MMCSS - ok
12:02:16.0316 3452 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
12:02:16.0365 3452 Modem - ok
12:02:16.0390 3452 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:02:16.0425 3452 monitor - ok
12:02:16.0439 3452 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:02:16.0454 3452 mouclass - ok
12:02:16.0487 3452 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:02:16.0522 3452 mouhid - ok
12:02:16.0533 3452 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:02:16.0556 3452 MountMgr - ok
12:02:16.0576 3452 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
12:02:16.0600 3452 mpio - ok
12:02:16.0614 3452 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:02:16.0659 3452 mpsdrv - ok
12:02:16.0683 3452 [ 8A670648C755867A3AA38DA50BA569AA ] MpsSvc C:\Windows\system32\mpssvc.dll
12:02:16.0731 3452 MpsSvc - ok
12:02:16.0735 3452 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:02:16.0757 3452 Mraid35x - ok
12:02:16.0763 3452 [ FE2706C15F8345C342820E4E4583FEA0 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:02:16.0811 3452 MRxDAV - ok
12:02:16.0839 3452 [ B698EB9ACC7ECD4927D99D268918F912 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:02:16.0877 3452 mrxsmb - ok
12:02:16.0895 3452 [ 9A797E27FD28500EE13D43000C931435 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:02:16.0934 3452 mrxsmb10 - ok
12:02:16.0952 3452 [ F9425D610712533107A264E2D5B2154B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:02:16.0983 3452 mrxsmb20 - ok
12:02:17.0000 3452 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
12:02:17.0023 3452 msahci - ok
12:02:17.0028 3452 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:02:17.0054 3452 msdsm - ok
12:02:17.0075 3452 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
12:02:17.0131 3452 MSDTC - ok
12:02:17.0148 3452 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:02:17.0188 3452 Msfs - ok
12:02:17.0205 3452 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:02:17.0223 3452 msisadrv - ok
12:02:17.0243 3452 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:02:17.0287 3452 MSiSCSI - ok
12:02:17.0291 3452 msiserver - ok
12:02:17.0317 3452 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:02:17.0357 3452 MSKSSRV - ok
12:02:17.0361 3452 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:02:17.0406 3452 MSPCLOCK - ok
12:02:17.0410 3452 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:02:17.0449 3452 MSPQM - ok
12:02:17.0463 3452 [ B8E32E6103FBBA9FBB1D0C11FF0D13B5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:02:17.0490 3452 MsRPC - ok
12:02:17.0508 3452 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:02:17.0523 3452 mssmbios - ok
12:02:17.0527 3452 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:02:17.0566 3452 MSTEE - ok
12:02:17.0571 3452 [ DDF133501F68D6988A0F55DFA88637B4 ] Mup C:\Windows\system32\Drivers\mup.sys
12:02:17.0595 3452 Mup - ok
12:02:17.0621 3452 [ C25022CDD18980846973B598900915F8 ] napagent C:\Windows\system32\qagentRT.dll
12:02:17.0666 3452 napagent - ok
12:02:17.0690 3452 [ 73B99C98FA3A2ED1566E02D6FE1913A5 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:02:17.0721 3452 NativeWifiP - ok
12:02:17.0769 3452 [ FD1B01884AFCD2D1F55F2584B7A12CBF ] NAVENG C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20080421.003\ENG64.SYS
12:02:17.0783 3452 NAVENG - ok
12:02:17.0811 3452 [ 4D4B202DECC2A2C7F44EEA89DD7620F4 ] NAVEX15 C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20080421.003\EX64.SYS
12:02:17.0851 3452 NAVEX15 - ok
12:02:17.0877 3452 [ 2A2EE457AF36C5C9A6808C768BD3A12B ] NDIS C:\Windows\system32\drivers\ndis.sys
12:02:17.0904 3452 NDIS - ok
12:02:17.0915 3452 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:02:17.0957 3452 NdisTapi - ok
12:02:17.0972 3452 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:02:18.0023 3452 Ndisuio - ok
12:02:18.0039 3452 [ 52E3E8E35101399BE9B2938C992AA087 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:02:18.0088 3452 NdisWan - ok
12:02:18.0094 3452 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:02:18.0141 3452 NDProxy - ok
12:02:18.0151 3452 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:02:18.0210 3452 NetBIOS - ok
12:02:18.0234 3452 [ 7A29CA243A629230799754162D80120F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:02:18.0279 3452 netbt - ok
12:02:18.0289 3452 [ 80F4593E92FF960E4763380D3168E498 ] Netlogon C:\Windows\system32\lsass.exe
12:02:18.0304 3452 Netlogon - ok
12:02:18.0327 3452 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
12:02:18.0368 3452 Netman - ok
12:02:18.0388 3452 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
12:02:18.0432 3452 netprofm - ok
12:02:18.0482 3452 [ 8E6AF418ED39B976B172F1CEA9E6F538 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
12:02:18.0551 3452 netr28x - ok
12:02:18.0577 3452 [ B84613B469B98E09F50A748C1D02E132 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:02:18.0592 3452 NetTcpPortSharing - ok
12:02:18.0610 3452 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:02:18.0634 3452 nfrd960 - ok
12:02:18.0656 3452 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
12:02:18.0704 3452 NlaSvc - ok
12:02:18.0774 3452 [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc C:\Windows\SysWOW64\nlssrv32.exe
12:02:18.0790 3452 nlsX86cc ( UnsignedFile.Multi.Generic ) - warning
12:02:18.0790 3452 nlsX86cc - detected UnsignedFile.Multi.Generic (1)
12:02:18.0801 3452 [ B06154E2A2C91E9BE5599FCA53BC4CD0 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:02:18.0843 3452 Npfs - ok
12:02:18.0848 3452 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
12:02:18.0888 3452 nsi - ok
12:02:18.0900 3452 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:02:18.0938 3452 nsiproxy - ok
12:02:18.0969 3452 [ FE86BA5AC3B50E2CA911E9C60C07B638 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:02:19.0023 3452 Ntfs - ok
12:02:19.0027 3452 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
12:02:19.0060 3452 Null - ok
12:02:19.0210 3452 [ 4E547AFC67317F7B38C498F7F1FA570C ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:02:19.0473 3452 nvlddmkm - ok
12:02:19.0487 3452 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:02:19.0512 3452 nvraid - ok
12:02:19.0517 3452 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:02:19.0541 3452 nvstor - ok
12:02:19.0559 3452 [ 14981A9BF24726D2CB8A14395CF1B4CB ] nvsvc C:\Windows\system32\nvvsvc.exe
12:02:19.0616 3452 nvsvc - ok
12:02:19.0629 3452 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:02:19.0655 3452 nv_agp - ok
12:02:19.0661 3452 NwlnkFlt - ok
12:02:19.0666 3452 NwlnkFwd - ok
12:02:19.0690 3452 [ 1B30103FDE512915A9214B108B6E7A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
12:02:19.0740 3452 ohci1394 - ok
12:02:19.0782 3452 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:02:19.0800 3452 ose - ok
12:02:19.0916 3452 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:02:20.0023 3452 osppsvc - ok
12:02:20.0219 3452 [ 430F35C5592D253F43A26B4F5A523DBF ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:02:20.0273 3452 p2pimsvc - ok
12:02:20.0294 3452 [ 430F35C5592D253F43A26B4F5A523DBF ] p2psvc C:\Windows\system32\p2psvc.dll
12:02:20.0332 3452 p2psvc - ok
12:02:20.0395 3452 [ 77CDC6C43D8C3E05D0E21B36EAABEBAE ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
12:02:20.0555 3452 PanService - ok
12:02:20.0580 3452 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
12:02:20.0645 3452 Parport - ok
12:02:20.0654 3452 [ 5AB40C36894F4C06BDAB0C9A2FBA282D ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:02:20.0676 3452 partmgr - ok
12:02:20.0702 3452 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
12:02:20.0720 3452 PcaSvc - ok
12:02:20.0726 3452 [ 2A5B2A51559066EA84742909B5B2CD69 ] pci C:\Windows\system32\drivers\pci.sys
12:02:20.0752 3452 pci - ok
12:02:20.0756 3452 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
12:02:20.0778 3452 pciide - ok
12:02:20.0785 3452 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:02:20.0814 3452 pcmcia - ok
12:02:20.0841 3452 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:02:20.0941 3452 PEAUTH - ok
12:02:20.0962 3452 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:02:20.0999 3452 PerfHost - ok
12:02:21.0038 3452 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
12:02:21.0102 3452 pla - ok
12:02:21.0123 3452 [ 5AAA0C5534B05ED49919FCD9DBD11A5B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:02:21.0168 3452 PlugPlay - ok
12:02:21.0194 3452 [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:02:21.0220 3452 PNRPAutoReg - ok
12:02:21.0232 3452 [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:02:21.0257 3452 PNRPsvc - ok
12:02:21.0289 3452 [ EEF3688D5E9592CBBBED00DE71DDA1EF ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:02:21.0343 3452 PolicyAgent - ok
12:02:21.0372 3452 [ F5739F2C6DB2534C384AD5150808E8F5 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:02:21.0422 3452 PptpMiniport - ok
12:02:21.0435 3452 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
12:02:21.0475 3452 Processor - ok
12:02:21.0496 3452 [ B21FE10DAD3AB59E78DF7AA3FBF41E70 ] ProfSvc C:\Windows\system32\profsvc.dll
12:02:21.0534 3452 ProfSvc - ok
12:02:21.0547 3452 [ 80F4593E92FF960E4763380D3168E498 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:02:21.0563 3452 ProtectedStorage - ok
12:02:21.0576 3452 [ 0E0E205A296095FE4C631E6A4775AD6C ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:02:21.0609 3452 PSched - ok
12:02:21.0650 3452 [ 0B6DEA0A1662CAB8F2BF339DC0752EF4 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
12:02:21.0667 3452 PSI_SVC_2 - ok
12:02:21.0688 3452 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:02:21.0709 3452 PxHlpa64 - ok
12:02:21.0741 3452 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:02:21.0797 3452 ql2300 - ok
12:02:21.0815 3452 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:02:21.0846 3452 ql40xx - ok
12:02:21.0871 3452 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
12:02:21.0891 3452 QWAVE - ok
12:02:21.0902 3452 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:02:21.0921 3452 QWAVEdrv - ok
12:02:21.0925 3452 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:02:21.0964 3452 RasAcd - ok
12:02:22.0000 3452 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
12:02:22.0036 3452 RasAuto - ok
12:02:22.0053 3452 [ 3B9085F91EF00ABD15A6F36570E90E12 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:02:22.0109 3452 Rasl2tp - ok
12:02:22.0134 3452 [ 2A63D46B01685FD4BE9778CA3C231C2D ] RasMan C:\Windows\System32\rasmans.dll
12:02:22.0182 3452 RasMan - ok
12:02:22.0191 3452 [ 2CE1703C27196094FB6E4C6E439F2C21 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:02:22.0231 3452 RasPppoe - ok
12:02:22.0236 3452 [ FCD04FA67E8B40FA0AD361DD38593942 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:02:22.0291 3452 RasSstp - ok
12:02:22.0306 3452 [ 33FA5B6136D92EE0F53F021C79091300 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:02:22.0359 3452 rdbss - ok
12:02:22.0371 3452 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:02:22.0409 3452 RDPCDD - ok
12:02:22.0432 3452 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:02:22.0479 3452 rdpdr - ok
12:02:22.0484 3452 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:02:22.0523 3452 RDPENCDD - ok
12:02:22.0532 3452 [ 7747082F672AA2846235C9CEA42E2E72 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:02:22.0589 3452 RDPWD - ok
12:02:22.0610 3452 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:02:22.0655 3452 RemoteAccess - ok
12:02:22.0673 3452 [ 416C611369CBE49074B89CEE2F83ABEF ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:02:22.0718 3452 RemoteRegistry - ok
12:02:22.0732 3452 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
12:02:22.0772 3452 RpcLocator - ok
12:02:22.0797 3452 [ 52CDADE8289FF21F1F2215FF51A5F36C ] RpcSs C:\Windows\system32\rpcss.dll
12:02:22.0823 3452 RpcSs - ok
12:02:22.0849 3452 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:02:22.0900 3452 rspndr - ok
12:02:22.0936 3452 [ 82B66ABF055611024E5DBB9FA556C11D ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
12:02:22.0977 3452 RTL8169 - ok
12:02:22.0982 3452 [ 80F4593E92FF960E4763380D3168E498 ] SamSs C:\Windows\system32\lsass.exe
12:02:22.0998 3452 SamSs - ok
12:02:23.0094 3452 [ 328100AF2EFD951EAB657384EC361B6F ] SamsungAllShareV2.0 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
12:02:23.0107 3452 SamsungAllShareV2.0 - ok
12:02:23.0129 3452 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:02:23.0152 3452 sbp2port - ok
12:02:23.0167 3452 [ F024D560FEA06F8B56D673849EB89AE6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:02:23.0203 3452 SCardSvr - ok
12:02:23.0225 3452 [ 3A09F31454DFEFBB124BAF378F90B636 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
12:02:23.0247 3452 SCDEmu - ok
12:02:23.0285 3452 [ CE75D26E0A1106129F4D156851E298ED ] Schedule C:\Windows\system32\schedsvc.dll
12:02:23.0335 3452 Schedule - ok
12:02:23.0356 3452 [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:02:23.0390 3452 SCPolicySvc - ok
12:02:23.0400 3452 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:02:23.0424 3452 SDRSVC - ok
12:02:23.0445 3452 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:02:23.0501 3452 secdrv - ok
12:02:23.0516 3452 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
12:02:23.0556 3452 seclogon - ok
12:02:23.0568 3452 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\system32\sens.dll
12:02:23.0610 3452 SENS - ok
12:02:23.0623 3452 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:02:23.0684 3452 Serenum - ok
12:02:23.0689 3452 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
12:02:23.0747 3452 Serial - ok
12:02:23.0752 3452 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:02:23.0804 3452 sermouse - ok
12:02:23.0822 3452 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
12:02:23.0858 3452 SessionEnv - ok
12:02:23.0870 3452 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:02:23.0911 3452 sffdisk - ok
12:02:23.0916 3452 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:02:23.0955 3452 sffp_mmc - ok
12:02:23.0959 3452 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:02:24.0000 3452 sffp_sd - ok
12:02:24.0004 3452 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:02:24.0062 3452 sfloppy - ok
12:02:24.0097 3452 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:02:24.0138 3452 SharedAccess - ok
12:02:24.0164 3452 [ 9235EC680D3DB17464B39C7C7DECB4DD ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:02:24.0206 3452 ShellHWDetection - ok
12:02:24.0234 3452 [ 1980FE1F5A32067DAD1D8776B63C2669 ] SimpleSlideShowServer C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
12:02:24.0247 3452 SimpleSlideShowServer - ok
12:02:24.0271 3452 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:02:24.0293 3452 SiSRaid2 - ok
12:02:24.0297 3452 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:02:24.0321 3452 SiSRaid4 - ok
12:02:24.0374 3452 [ A301D2CEFB4747DFE0C24425DCBE0B78 ] slsvc C:\Windows\system32\SLsvc.exe
12:02:24.0453 3452 slsvc - ok
12:02:24.0466 3452 [ F5DDF7C0AF85EB72CB295171F8C3CB35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:02:24.0501 3452 SLUINotify - ok
12:02:24.0520 3452 [ 41EB2E8E005FEEDCAFCE301983EFF932 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:02:24.0562 3452 Smb - ok
12:02:24.0576 3452 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:02:24.0607 3452 SNMPTRAP - ok
12:02:24.0624 3452 [ F9CB0672162F7F04248E2B82C1FF4617 ] spldr C:\Windows\system32\drivers\spldr.sys
12:02:24.0644 3452 spldr - ok
12:02:24.0676 3452 [ 92E6738D25C2123BE9515C0EAC0776CD ] Spooler C:\Windows\System32\spoolsv.exe
12:02:24.0706 3452 Spooler - ok
12:02:24.0730 3452 [ 7E4CC24A23262A84AE99DBFFEF69A6B0 ] SRTSP C:\Windows\system32\Drivers\SRTSP64.SYS
12:02:24.0761 3452 SRTSP - ok
12:02:24.0776 3452 [ 8B1DEDEBA049A3E1DAF8219EEC87EB00 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL64.SYS
12:02:24.0809 3452 SRTSPL - ok
12:02:24.0813 3452 [ 3DB35652E4460DA6730BB44908FA39CB ] SRTSPX C:\Windows\system32\Drivers\SRTSPX64.SYS
12:02:24.0835 3452 SRTSPX - ok
12:02:24.0872 3452 [ A8ABD7D0D907B45CF3831F4DD8644349 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:02:24.0925 3452 srv - ok
12:02:24.0948 3452 [ 6C72EEA39E1C37B436A6D1532999F9EC ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:02:24.0993 3452 srv2 - ok
12:02:25.0008 3452 [ 7F69BCF9E6FA3D93C82EE6B87812666D ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:02:25.0035 3452 srvnet - ok
12:02:25.0079 3452 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
12:02:25.0117 3452 ssadbus - ok
12:02:25.0148 3452 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
12:02:25.0189 3452 ssadmdfl - ok
12:02:25.0208 3452 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
12:02:25.0259 3452 ssadmdm - ok
12:02:25.0271 3452 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
12:02:25.0315 3452 ssadserd - ok
12:02:25.0336 3452 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:02:25.0372 3452 SSDPSRV - ok
12:02:25.0395 3452 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:02:25.0435 3452 SstpSvc - ok
12:02:25.0460 3452 [ F14F7D7D68A66777FB999D5D0F21138D ] stisvc C:\Windows\System32\wiaservc.dll
12:02:25.0486 3452 stisvc - ok
12:02:25.0499 3452 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:02:25.0518 3452 swenum - ok
12:02:25.0537 3452 [ DA34D6EB4A3154C0BEBAEB0A2483EF3E ] swprv C:\Windows\System32\swprv.dll
12:02:25.0579 3452 swprv - ok
12:02:25.0630 3452 [ 438FAFE708C93B2236FC26B6F2BD5FD0 ] Symantec Core LC C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
12:02:25.0673 3452 Symantec Core LC - ok
12:02:25.0683 3452 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:02:25.0706 3452 Symc8xx - ok
12:02:25.0711 3452 [ 70C8D165063EB76F1A373B74456D2AAB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
12:02:25.0736 3452 SymEvent - ok
12:02:25.0774 3452 [ 93526D381FCFF03E666B767E2A920AC9 ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys
12:02:25.0793 3452 SymIM - ok
12:02:25.0803 3452 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:02:25.0827 3452 Sym_hi - ok
12:02:25.0832 3452 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:02:25.0854 3452 Sym_u3 - ok
12:02:25.0881 3452 [ BEA0D5521ED21DF8F6FFEED86DAEDE7B ] SysMain C:\Windows\system32\sysmain.dll
12:02:25.0966 3452 SysMain - ok
12:02:25.0986 3452 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:02:26.0022 3452 TabletInputService - ok
12:02:26.0037 3452 [ 52091001CAF20AE84CF47023EE21B4BB ] TapiSrv C:\Windows\System32\tapisrv.dll
12:02:26.0102 3452 TapiSrv - ok
12:02:26.0121 3452 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
12:02:26.0165 3452 TBS - ok
12:02:26.0211 3452 [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:02:26.0266 3452 Tcpip - ok
12:02:26.0345 3452 [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:02:26.0393 3452 Tcpip6 - ok
12:02:26.0412 3452 [ C29D4B3B08AD0B7E8564814E4FF6A57B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:02:26.0454 3452 tcpipreg - ok
12:02:26.0462 3452 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:02:26.0509 3452 TDPIPE - ok
12:02:26.0513 3452 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:02:26.0553 3452 TDTCP - ok
12:02:26.0569 3452 [ 8C39C72E0E853DE04748C0337D9B9216 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:02:26.0605 3452 tdx - ok
12:02:26.0615 3452 [ 3F0EBF6EE609F2A276C0D5FAF244EC90 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:02:26.0635 3452 TermDD - ok
12:02:26.0660 3452 [ F870A5589D6A94B426EFB13689023946 ] TermService C:\Windows\System32\termsrv.dll
12:02:26.0705 3452 TermService - ok
12:02:26.0722 3452 [ 9235EC680D3DB17464B39C7C7DECB4DD ] Themes C:\Windows\system32\shsvcs.dll
12:02:26.0742 3452 Themes - ok
12:02:26.0768 3452 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
12:02:26.0801 3452 THREADORDER - ok
12:02:26.0816 3452 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
12:02:26.0857 3452 TrkWks - ok
12:02:26.0888 3452 [ AC6FF1DF22ED90BAD6417EE5A4C6E2F0 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:02:26.0931 3452 TrustedInstaller - ok
12:02:26.0957 3452 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:02:27.0010 3452 tssecsrv - ok
12:02:27.0024 3452 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:02:27.0058 3452 tunmp - ok
12:02:27.0090 3452 [ 2DC2C423572946E9A3131425BDA73CB6 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:02:27.0113 3452 tunnel - ok
12:02:27.0117 3452 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:02:27.0140 3452 uagp35 - ok
12:02:27.0148 3452 [ ECA6629E33F122AFFF18A2AB7C3EB033 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:02:27.0194 3452 udfs - ok
12:02:27.0223 3452 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:02:27.0258 3452 UI0Detect - ok
12:02:27.0263 3452 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:02:27.0285 3452 uliagpkx - ok
12:02:27.0299 3452 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:02:27.0328 3452 uliahci - ok
12:02:27.0333 3452 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:02:27.0359 3452 UlSata - ok
12:02:27.0364 3452 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:02:27.0390 3452 ulsata2 - ok
12:02:27.0404 3452 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:02:27.0443 3452 umbus - ok
12:02:27.0459 3452 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
12:02:27.0517 3452 upnphost - ok
12:02:27.0537 3452 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:02:27.0568 3452 USBAAPL64 - ok
12:02:27.0598 3452 [ C899FB269BE4740DBE2801B204CD71D4 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:02:27.0642 3452 usbaudio - ok
12:02:27.0669 3452 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:02:27.0698 3452 usbccgp - ok
12:02:27.0703 3452 [ 8C39D53E1A343F4C47EE8F3C052126D8 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
12:02:27.0751 3452 usbcir - ok
12:02:27.0765 3452 [ DA6D8D8ED0A53C63AC6F4BD40FE83FBE ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:02:27.0812 3452 usbehci - ok
12:02:27.0830 3452 [ 99045369AE3216216573D0775FD7ED56 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:02:27.0877 3452 usbhub - ok
12:02:27.0889 3452 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:02:27.0962 3452 usbohci - ok
12:02:27.0983 3452 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:02:28.0022 3452 usbprint - ok
12:02:28.0063 3452 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:02:28.0097 3452 usbscan - ok
12:02:28.0123 3452 [ 586D9876A4945779C8EEA926C0D16889 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:02:28.0164 3452 USBSTOR - ok
12:02:28.0175 3452 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:02:28.0212 3452 usbuhci - ok
12:02:28.0220 3452 [ 9190F03C82547AFA87367F1CECA88F3B ] UxSms C:\Windows\System32\uxsms.dll
12:02:28.0256 3452 UxSms - ok
12:02:28.0273 3452 [ C15A4A550CBA7B9F1F68B72528E04CE1 ] vds C:\Windows\System32\vds.exe
12:02:28.0329 3452 vds - ok
12:02:28.0349 3452 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:02:28.0395 3452 vga - ok
12:02:28.0407 3452 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:02:28.0447 3452 VgaSave - ok
12:02:28.0452 3452 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
12:02:28.0472 3452 viaide - ok
12:02:28.0480 3452 [ 793D9B32A1C462C91F6F70358283AC97 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:02:28.0503 3452 volmgr - ok
12:02:28.0511 3452 [ 5AA217DA5DC4FF5B9AC9AB86563B3223 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:02:28.0543 3452 volmgrx - ok
12:02:28.0550 3452 [ DE4307412D98050239026E56A7DFF3C0 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:02:28.0579 3452 volsnap - ok
12:02:28.0594 3452 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:02:28.0620 3452 vsmraid - ok
12:02:28.0653 3452 [ 186BD53F8A408AD20F5A056C05678629 ] VSS C:\Windows\system32\vssvc.exe
12:02:28.0716 3452 VSS - ok
12:02:28.0730 3452 [ BA29F34A61CB55C0DEE29E787542EDF4 ] W32Time C:\Windows\system32\w32time.dll
12:02:28.0786 3452 W32Time - ok
12:02:28.0804 3452 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:02:28.0861 3452 WacomPen - ok
12:02:28.0875 3452 [ AEA75207E443C8623C36B8D03596F84F ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:02:28.0929 3452 Wanarp - ok
12:02:28.0933 3452 [ AEA75207E443C8623C36B8D03596F84F ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:02:28.0969 3452 Wanarpv6 - ok
12:02:28.0989 3452 [ 055449247C490E24B968B44FE8A969EB ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:02:29.0027 3452 wcncsvc - ok
12:02:29.0044 3452 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:02:29.0079 3452 WcsPlugInService - ok
12:02:29.0088 3452 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
12:02:29.0108 3452 Wd - ok
12:02:29.0133 3452 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:02:29.0181 3452 Wdf01000 - ok
12:02:29.0196 3452 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:02:29.0233 3452 WdiServiceHost - ok
12:02:29.0237 3452 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:02:29.0273 3452 WdiSystemHost - ok
12:02:29.0318 3452 [ 3D4AB55F8178FD0CD3CA45CD0EC9CF5B ] WebClient C:\Windows\System32\webclnt.dll
12:02:29.0350 3452 WebClient - ok
12:02:29.0375 3452 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:02:29.0417 3452 Wecsvc - ok
12:02:29.0435 3452 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:02:29.0474 3452 wercplsupport - ok
12:02:29.0502 3452 [ FC25242B3BCAF7E84D9184082274AE08 ] WerSvc C:\Windows\System32\WerSvc.dll
12:02:29.0533 3452 WerSvc - ok
12:02:29.0544 3452 WinDefend - ok
12:02:29.0550 3452 WinHttpAutoProxySvc - ok
12:02:29.0591 3452 [ AC98F38FEAB066A8F983D54FF3F4FD4C ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:02:29.0627 3452 Winmgmt - ok
12:02:29.0675 3452 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
12:02:29.0895 3452 WinRM - ok
12:02:29.0975 3452 [ 0A69955261C1B54206ADC9BEB89517DE ] Wlansvc C:\Windows\System32\wlansvc.dll
12:02:30.0032 3452 Wlansvc - ok
12:02:30.0053 3452 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:02:30.0098 3452 WmiAcpi - ok
12:02:30.0114 3452 [ D303322DD577C3DEDA1251ED2E7A496C ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:02:30.0171 3452 wmiApSrv - ok
12:02:30.0197 3452 WMPNetworkSvc - ok
12:02:30.0217 3452 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:02:30.0248 3452 WPCSvc - ok
12:02:30.0262 3452 [ A27C8F92D84E2DDC151978E4692C978E ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:02:30.0285 3452 WPDBusEnum - ok
12:02:30.0308 3452 [ 6329D1990DB931073B86AB5946D8E317 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:02:30.0342 3452 WpdUsb - ok
12:02:30.0408 3452 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:02:30.0440 3452 WPFFontCache_v0400 - ok
12:02:30.0462 3452 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:02:30.0503 3452 ws2ifsl - ok
12:02:30.0533 3452 [ CB8EA6D95949384925CCFCA21CC6DFD8 ] wscsvc C:\Windows\system32\wscsvc.dll
12:02:30.0552 3452 wscsvc - ok
12:02:30.0556 3452 WSearch - ok
12:02:30.0608 3452 [ FB3796754FE00F0BDC87A36F164A5F4D ] wuauserv C:\Windows\system32\wuaueng.dll
12:02:30.0682 3452 wuauserv - ok
12:02:30.0702 3452 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:02:30.0744 3452 WUDFRd - ok
12:02:30.0755 3452 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:02:30.0791 3452 wudfsvc - ok
12:02:30.0798 3452 ================ Scan global ===============================
12:02:30.0817 3452 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
12:02:30.0843 3452 [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll
12:02:30.0858 3452 [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll
12:02:30.0881 3452 [ DFAC660F0F139276CC9299812DE42719 ] C:\Windows\system32\services.exe
12:02:30.0884 3452 [Global] - ok
12:02:30.0884 3452 ================ Scan MBR ==================================
12:02:30.0892 3452 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
12:02:31.0319 3452 \Device\Harddisk0\DR0 - ok
12:02:31.0323 3452 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
12:02:31.0677 3452 \Device\Harddisk1\DR1 - ok
12:02:31.0678 3452 ================ Scan VBR ==================================
12:02:31.0680 3452 [ D38498D8E80A3E48EBF6EECC43F37DE4 ] \Device\Harddisk0\DR0\Partition1
12:02:31.0682 3452 \Device\Harddisk0\DR0\Partition1 - ok
12:02:31.0685 3452 [ 239A245AEC9282A1123702E4B86FC107 ] \Device\Harddisk0\DR0\Partition2
12:02:31.0687 3452 \Device\Harddisk0\DR0\Partition2 - ok
12:02:31.0691 3452 [ DA5DEF75BB81028110FDB12E54669DC1 ] \Device\Harddisk1\DR1\Partition1
12:02:31.0694 3452 \Device\Harddisk1\DR1\Partition1 - ok
12:02:31.0695 3452 ============================================================
12:02:31.0695 3452 Scan finished
12:02:31.0695 3452 ============================================================
12:02:31.0705 4708 Detected object count: 5
12:02:31.0705 4708 Actual detected object count: 5
12:02:45.0831 4708 AllShare ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:45.0831 4708 AllShare ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:02:45.0831 4708 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:45.0831 4708 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:02:45.0833 4708 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:45.0833 4708 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:02:45.0834 4708 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:45.0834 4708 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:02:45.0836 4708 nlsX86cc ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:45.0837 4708 nlsX86cc ( UnsignedFile.Multi.Generic ) - User select action: Skip

zdá se, že máš čisto
a jestli už nenacházíš nic podivného, tak po sobě uklidím

ComboFix odinstalujeme
jdi Start -> Spustit... a zkopíruj ComboFix /Uninstall (pozor, za x je mezera) -> OK

Stáhni a spusť T-cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe - uklidí po použitých čističích.
Po spuštění ignoruj případné varování antiviru - je to v pořádku
Po provedení akce T-cleaner smažeš

Stáhni TempFolderCleaner http://oldtimer.geekstogo.com/TFC.exe
Zavři všechny programy a spusť. Po ukončení akce bude PC restartován.
Pokud ne, restartuj sám.
(čistí Temp složky , nečistí URL, historii, prefetch ani cookies)

stáhni program OTC tady: http://oldtimer.geekstogo.com/OTC.exe - spusť ho -> "CleanUp" (smaže dříve použité čističe)

Mohu doporučit kontrolu a vyčištění Ccleanerem

Stáhni Ccleaner - http://www.slunecnice.cz/sw/ccleaner/
Při instalaci vyhodit fajfku u "Instalovat Yahoo! Toolbar"

zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.

Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

Nakonec mi dej současný RSIT log

Po vyčištění by se hodila defragmentace
doporučuji http://www.slunecnice.cz/sw/defraggler/ + čeština

Kdyby něco z návodu nefungovalo, pokračuj dalším krokem.