VIRY.CZ

Ahoj, mám nový netbook asi 3 dny a instaluji AVG, Terminator, Openoffice atd. a s něčím se mi dostal do počítače i rootkit. AVG ho najde,ale neodstraní. Koupil jsem dva stejné přístroje a instaluji stejné věci a oba mají stejný problém.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Datart at 2012-06-28 13:14:03
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 257 GB (89%) free of 288 GB
Total RAM: 1012 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:14:52, on 28.6.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files\EgisTec IPS\PmmUpdate.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Program Files\Acer\Android Manager\iSync.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Acer\Updater\iUpdate.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\Compcare\ikonka.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Datart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JVD6SL9A\RSIT.exe
C:\Program Files\trend micro\Datart.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [iSyncData] C:\Program Files\Acer\Android Manager\iSync.exe
O4 - HKLM\..\Run: [AndroidManager] C:\Program Files\Acer\Android Manager\AML.exe
O4 - HKLM\..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Ikonka.lnk = C:\Program Files\Compcare\ikonka.exe
O4 - Global Startup: Acer VCM.lnk = ?
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: McAfee Application Installer Cleanup (0294881340569512) (0294881340569512mcinstcleanup) - Unknown owner - C:\Users\Datart\AppData\Local\Temp\029488~1.EXE (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: vToolbarUpdater11.1.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe

--
End of file - 9821 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-25 329480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll [2012-06-26 2068536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-25 59144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll [2012-06-26 2068536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-02-11 10025576]
"SuiteTray"=C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"Norton Online Backup"=C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 966488]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-01-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-01-11 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-01-11 150552]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 715368]
"iSyncData"=C:\Program Files\Acer\Android Manager\iSync.exe [2011-05-10 408128]
"AndroidManager"=C:\Program Files\Acer\Android Manager\AML.exe [2011-05-10 508992]
"iPatchData"=C:\Program Files\Acer\Updater\iUpdate.exe [2011-05-10 492096]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-06-26 1104440]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-06-21 2786512]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-06-21 3669712]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe

C:\Users\Datart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Ikonka.lnk - C:\Program Files\Compcare\ikonka.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-10-24 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-06-28 13:14:05 ----D---- C:\Program Files\trend micro
2012-06-28 13:14:02 ----D---- C:\rsit
2012-06-28 09:34:34 ----D---- C:\Users\Datart\AppData\Roaming\vlc
2012-06-28 09:30:43 ----D---- C:\Program Files\VideoLAN
2012-06-25 20:13:15 ----D---- C:\Program Files\Common Files\DESIGNER
2012-06-25 20:13:07 ----D---- C:\Program Files\Microsoft Application Virtualization Client
2012-06-25 20:12:32 ----D---- C:\Users\Datart\AppData\Roaming\TP
2012-06-25 16:49:50 ----D---- C:\Program Files\Common Files\Java
2012-06-25 16:47:52 ----A---- C:\Windows\system32\npdeployJava1.dll
2012-06-25 16:47:52 ----A---- C:\Windows\system32\javaws.exe
2012-06-25 16:47:51 ----A---- C:\Windows\system32\javaw.exe
2012-06-25 16:47:51 ----A---- C:\Windows\system32\java.exe
2012-06-25 16:47:08 ----D---- C:\Program Files\Java
2012-06-25 16:34:25 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-06-24 23:50:25 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-24 23:50:24 ----A---- C:\Windows\system32\iertutil.dll
2012-06-24 23:50:21 ----A---- C:\Windows\system32\ieui.dll
2012-06-24 23:50:20 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-24 23:50:16 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-24 23:50:15 ----A---- C:\Windows\system32\wininet.dll
2012-06-24 23:50:13 ----A---- C:\Windows\system32\jscript.dll
2012-06-24 23:50:10 ----A---- C:\Windows\system32\jscript9.dll
2012-06-24 23:50:09 ----A---- C:\Windows\system32\url.dll
2012-06-24 23:50:05 ----A---- C:\Windows\system32\urlmon.dll
2012-06-24 23:49:58 ----A---- C:\Windows\system32\mshtml.dll
2012-06-24 23:49:56 ----A---- C:\Windows\system32\ieframe.dll
2012-06-24 23:34:27 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-06-24 23:34:25 ----A---- C:\Windows\system32\wmi.dll
2012-06-24 23:34:25 ----A---- C:\Windows\system32\wintrust.dll
2012-06-24 23:34:24 ----A---- C:\Windows\system32\imagehlp.dll
2012-06-24 23:02:53 ----D---- C:\ProgramData\CyberLink
2012-06-24 23:02:52 ----D---- C:\Users\Datart\AppData\Roaming\CyberLink
2012-06-24 22:45:50 ----D---- C:\Users\Datart\AppData\Roaming\AVG
2012-06-24 22:42:18 ----N---- C:\Windows\system32\MpSigStub.exe
2012-06-24 21:58:38 ----D---- C:\Users\Datart\AppData\Roaming\ICQ
2012-06-24 21:57:30 ----D---- C:\Program Files\ICQ7M
2012-06-24 21:46:55 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2012-06-24 21:46:51 ----D---- C:\Users\Datart\AppData\Roaming\Spyware Terminator
2012-06-24 21:46:51 ----D---- C:\ProgramData\Spyware Terminator
2012-06-24 21:43:45 ----D---- C:\Program Files\Spyware Terminator
2012-06-24 21:25:38 ----D---- C:\Users\Datart\AppData\Roaming\AVG2012
2012-06-24 21:22:34 ----D---- C:\ProgramData\AVG Secure Search
2012-06-24 21:22:29 ----D---- C:\Program Files\Common Files\AVG Secure Search
2012-06-24 21:22:26 ----D---- C:\Program Files\AVG Secure Search
2012-06-24 21:20:55 ----D---- C:\Windows\system32\drivers\AVG
2012-06-24 21:20:55 ----D---- C:\ProgramData\AVG2012
2012-06-24 21:19:40 ----D---- C:\Program Files\AVG
2012-06-24 21:15:36 ----HD---- C:\ProgramData\Common Files
2012-06-24 21:15:07 ----D---- C:\ProgramData\MFAData
2012-06-24 21:07:19 ----D---- C:\Users\Datart\AppData\Roaming\OpenOffice.org
2012-06-24 21:03:19 ----D---- C:\Program Files\OpenOffice.org 3
2012-06-24 19:53:00 ----D---- C:\Users\Datart\AppData\Roaming\WildTangent
2012-06-24 19:27:57 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-24 19:27:47 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-06-24 19:27:21 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-06-24 19:27:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-24 19:27:01 ----A---- C:\Windows\system32\msi.dll
2012-06-24 19:26:57 ----A---- C:\Windows\system32\win32k.sys
2012-06-24 19:26:53 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-24 19:26:52 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-24 19:26:52 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-24 19:26:46 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-06-24 19:26:42 ----A---- C:\Windows\system32\profsvc.dll
2012-06-24 19:26:38 ----A---- C:\Windows\system32\DWrite.dll
2012-06-24 19:26:27 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-24 19:26:27 ----A---- C:\Windows\system32\crypt32.dll
2012-06-24 19:26:26 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-24 19:19:03 ----D---- C:\Users\Datart\AppData\Roaming\Media Player Classic
2012-06-24 19:11:11 ----A---- C:\Windows\system32\wups2.dll
2012-06-24 19:11:11 ----A---- C:\Windows\system32\wucltux.dll
2012-06-24 19:11:11 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-24 19:11:10 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-24 19:10:50 ----A---- C:\Windows\system32\wups.dll
2012-06-24 19:10:50 ----A---- C:\Windows\system32\wudriver.dll
2012-06-24 19:10:50 ----A---- C:\Windows\system32\wuapi.dll
2012-06-24 19:10:36 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-24 19:10:36 ----A---- C:\Windows\system32\wuapp.exe

======List of files/folders modified in the last 1 month======

2012-06-28 13:14:54 ----D---- C:\Windows\Temp
2012-06-28 13:14:05 ----RD---- C:\Program Files
2012-06-28 13:05:09 ----D---- C:\Windows\system32\config
2012-06-28 12:25:12 ----D---- C:\Windows\System32
2012-06-28 12:25:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-28 12:25:11 ----D---- C:\Windows\inf
2012-06-26 20:59:18 ----SHD---- C:\Windows\Installer
2012-06-26 07:19:38 ----D---- C:\Windows\system32\wdi
2012-06-26 07:19:37 ----D---- C:\Windows\Prefetch
2012-06-25 20:14:02 ----D---- C:\Windows\system32\Tasks
2012-06-25 20:14:02 ----D---- C:\Windows\system32\drivers
2012-06-25 20:13:19 ----D---- C:\Program Files\Common Files\microsoft shared
2012-06-25 20:13:15 ----D---- C:\Program Files\Common Files
2012-06-25 20:13:09 ----SD---- C:\ProgramData\Microsoft
2012-06-25 20:13:07 ----D---- C:\Program Files\Microsoft Office
2012-06-25 19:55:40 ----D---- C:\Windows\Microsoft.NET
2012-06-25 19:47:36 ----RSD---- C:\Windows\assembly
2012-06-25 18:14:18 ----D---- C:\Windows\system32\catroot2
2012-06-25 18:14:18 ----D---- C:\Windows\system32\catroot
2012-06-25 18:14:16 ----D---- C:\Windows\system32\DriverStore
2012-06-25 17:00:30 ----D---- C:\Windows\winsxs
2012-06-25 16:47:15 ----A---- C:\Windows\system32\deployJava1.dll
2012-06-25 16:43:45 ----SHD---- C:\System Volume Information
2012-06-25 16:38:42 ----D---- C:\Windows\rescache
2012-06-25 16:34:36 ----D---- C:\Windows\Tasks
2012-06-25 16:28:48 ----D---- C:\Program Files\Common Files\mcafee
2012-06-25 03:06:57 ----D---- C:\Windows\system32\cs-CZ
2012-06-25 03:06:53 ----D---- C:\Windows\system32\migration
2012-06-25 03:06:51 ----D---- C:\Program Files\Internet Explorer
2012-06-25 03:06:40 ----D---- C:\Program Files\Windows Sidebar
2012-06-25 03:06:38 ----D---- C:\Program Files\Windows Photo Viewer
2012-06-25 03:06:38 ----D---- C:\Program Files\Windows Media Player
2012-06-25 03:06:38 ----D---- C:\Program Files\Windows Mail
2012-06-25 03:06:38 ----D---- C:\Program Files\Windows Defender
2012-06-25 03:06:38 ----D---- C:\Program Files\DVD Maker
2012-06-25 03:06:38 ----D---- C:\Program Files\Common Files\System
2012-06-25 03:06:37 ----D---- C:\Windows\servicing
2012-06-25 03:06:37 ----D---- C:\Windows
2012-06-25 03:06:36 ----D---- C:\Windows\en-US
2012-06-25 03:06:35 ----D---- C:\Windows\system32\winrm
2012-06-25 03:06:34 ----D---- C:\Windows\system32\oobe
2012-06-25 03:06:34 ----D---- C:\Windows\system32\migwiz
2012-06-25 03:06:34 ----D---- C:\Windows\system32\en
2012-06-25 03:06:33 ----D---- C:\Windows\system32\sysprep
2012-06-25 03:06:33 ----D---- C:\Windows\system32\slmgr
2012-06-25 03:06:33 ----D---- C:\Windows\system32\Boot
2012-06-25 03:06:32 ----D---- C:\Windows\system32\sk-SK
2012-06-25 03:06:23 ----D---- C:\Windows\system32\drivers\en-US
2012-06-25 03:06:22 ----D---- C:\Windows\system32\en-US
2012-06-25 03:06:12 ----D---- C:\Windows\system32\WCN
2012-06-25 03:06:12 ----D---- C:\Windows\system32\Dism
2012-06-25 03:06:07 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2012-06-25 03:06:05 ----D---- C:\Windows\system32\wbem
2012-06-25 03:05:35 ----D---- C:\Windows\Speech
2012-06-25 02:52:09 ----AD---- C:\ProgramData\Temp
2012-06-24 23:20:54 ----SD---- C:\Users\Datart\AppData\Roaming\Microsoft
2012-06-24 23:12:35 ----D---- C:\ProgramData\Skype
2012-06-24 23:02:53 ----HD---- C:\ProgramData
2012-06-24 22:47:07 ----D---- C:\Windows\Downloaded Program Files
2012-06-24 22:00:04 ----HD---- C:\Program Files\InstallShield Installation Information
2012-06-24 21:03:35 ----RSD---- C:\Windows\Fonts
2012-06-24 20:20:45 ----D---- C:\Windows\Logs
2012-06-24 19:53:00 ----D---- C:\ProgramData\WildTangent
2012-06-03 23:35:34 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-26 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-26 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-26 62240]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-24 4807168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-02-11 3396136]
R3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2011-01-04 7435264]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-03-07 252520]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-12-28 327784]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 550760]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 195944]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 21864]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 19304]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 739944]
R2 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 NOBU;Norton Online Backup; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2057560]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-06-21 483024]
R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-06-26 935480]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
R3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 0294881340569512mcinstcleanup;McAfee Application Installer Cleanup (0294881340569512); C:\Users\Datart\AppData\Local\Temp\029488~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 257224]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4640000]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]

-----------------EOF-----------------

Dobre odpoledne ,

kde hlasi AVG rootkita?

Stáhněte MBAM a vložte sem jeho log podle návodu zde, při výběru skenu zvolte Úplný sken. Zatím nic nemažte, MBAM může mít falešné detekce.

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

(šablona © Vyosek)

Dobrý den, rootkit je na C:windows/system32/drivers/sp_rsdrv2.sys

hned udělám zbytek úkonů a pošlu...zatím děkuji

Jasne, kdybych neodpovidal hned, nepropadejte panice, nejpozdeji vecer se k tomu urcite dostanu.

Co se tyce uvedeneho souboru, je to driver Spyware Terminatora a jde zrejme o plany poplach, ale s konecnym verdiktem pockam na dalsi logy.

14:02:38.0420 5180 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
14:02:39.0884 5180 ============================================================
14:02:39.0884 5180 Current date / time: 2012/06/28 14:02:39.0884
14:02:39.0884 5180 SystemInfo:
14:02:39.0885 5180
14:02:39.0885 5180 OS Version: 6.1.7601 ServicePack: 1.0
14:02:39.0885 5180 Product type: Workstation
14:02:39.0886 5180 ComputerName: DATART-PC
14:02:39.0886 5180 UserName: Datart
14:02:39.0887 5180 Windows directory: C:\Windows
14:02:39.0887 5180 System windows directory: C:\Windows
14:02:39.0887 5180 Processor architecture: Intel x86
14:02:39.0887 5180 Number of processors: 4
14:02:39.0887 5180 Page size: 0x1000
14:02:39.0887 5180 Boot type: Normal boot
14:02:39.0887 5180 ============================================================
14:02:43.0931 5180 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:02:43.0960 5180 ============================================================
14:02:43.0961 5180 \Device\Harddisk0\DR0:
14:02:43.0961 5180 MBR partitions:
14:02:43.0961 5180 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x1A00800, BlocksNum 0x833800
14:02:43.0961 5180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2234000, BlocksNum 0x32000
14:02:43.0976 5180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2266800, BlocksNum 0x231C7800
14:02:43.0976 5180 ============================================================
14:02:44.0113 5180 C: <-> \Device\Harddisk0\DR0\Partition2
14:02:44.0134 5180 D: <-> \Device\Harddisk0\DR0\Partition0
14:02:44.0220 5180 ============================================================
14:02:44.0220 5180 Initialize success
14:02:44.0220 5180 ============================================================
14:03:30.0498 3276 ============================================================
14:03:30.0499 3276 Scan started
14:03:30.0499 3276 Mode: Manual; SigCheck; TDLFS;
14:03:30.0499 3276 ============================================================
14:03:31.0080 3276 0294881340569512mcinstcleanup - ok
14:03:31.0398 3276 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
14:03:31.0832 3276 1394ohci - ok
14:03:32.0517 3276 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
14:03:32.0595 3276 ACPI - ok
14:03:32.0705 3276 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
14:03:32.0892 3276 AcpiPmi - ok
14:03:33.0196 3276 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:03:33.0274 3276 AdobeFlashPlayerUpdateSvc - ok
14:03:33.0413 3276 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
14:03:33.0481 3276 adp94xx - ok
14:03:33.0541 3276 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
14:03:33.0603 3276 adpahci - ok
14:03:33.0642 3276 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
14:03:33.0769 3276 adpu320 - ok
14:03:33.0943 3276 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
14:03:34.0303 3276 AeLookupSvc - ok
14:03:34.0468 3276 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
14:03:34.0626 3276 AFD - ok
14:03:34.0657 3276 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
14:03:34.0708 3276 agp440 - ok
14:03:35.0021 3276 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
14:03:35.0115 3276 aic78xx - ok
14:03:35.0190 3276 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
14:03:35.0316 3276 ALG - ok
14:03:35.0411 3276 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
14:03:35.0463 3276 aliide - ok
14:03:35.0495 3276 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
14:03:35.0563 3276 amdagp - ok
14:03:35.0586 3276 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
14:03:35.0638 3276 amdide - ok
14:03:35.0665 3276 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
14:03:35.0748 3276 AmdK8 - ok
14:03:35.0764 3276 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys
14:03:35.0871 3276 AmdPPM - ok
14:03:35.0954 3276 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
14:03:36.0015 3276 amdsata - ok
14:03:36.0060 3276 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
14:03:36.0120 3276 amdsbs - ok
14:03:36.0174 3276 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
14:03:36.0232 3276 amdxata - ok
14:03:36.0354 3276 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
14:03:36.0510 3276 AppID - ok
14:03:36.0611 3276 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
14:03:36.0735 3276 AppIDSvc - ok
14:03:36.0857 3276 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
14:03:37.0009 3276 Appinfo - ok
14:03:37.0223 3276 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
14:03:37.0310 3276 arc - ok
14:03:37.0354 3276 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
14:03:37.0407 3276 arcsas - ok
14:03:37.0429 3276 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
14:03:37.0672 3276 AsyncMac - ok
14:03:37.0753 3276 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
14:03:37.0809 3276 atapi - ok
14:03:37.0933 3276 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
14:03:38.0059 3276 AudioEndpointBuilder - ok
14:03:38.0075 3276 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
14:03:38.0172 3276 Audiosrv - ok
14:03:40.0267 3276 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
14:03:40.0581 3276 AVGIDSAgent - ok
14:03:41.0015 3276 AVGIDSDriver (f6878b90a8a9795116bce335238e65af) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
14:03:41.0084 3276 AVGIDSDriver - ok
14:03:41.0167 3276 AVGIDSEH (19a08a6728a6e02099d64268218cd799) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
14:03:41.0210 3276 AVGIDSEH - ok
14:03:41.0279 3276 AVGIDSFilter (f8927ab1dd086edeff2924a64dc89869) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
14:03:41.0338 3276 AVGIDSFilter - ok
14:03:41.0403 3276 AVGIDSShim (dadca567891033dcf2ec4a3f9da46ae4) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
14:03:41.0446 3276 AVGIDSShim - ok
14:03:41.0603 3276 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
14:03:41.0662 3276 Avgldx86 - ok
14:03:41.0843 3276 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
14:03:41.0941 3276 Avgmfx86 - ok
14:03:42.0025 3276 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
14:03:42.0081 3276 Avgrkx86 - ok
14:03:42.0205 3276 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
14:03:42.0260 3276 Avgtdix - ok
14:03:42.0905 3276 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
14:03:42.0965 3276 avgwd - ok
14:03:43.0235 3276 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
14:03:43.0737 3276 AxInstSV - ok
14:03:44.0103 3276 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
14:03:44.0276 3276 b06bdrv - ok
14:03:44.0974 3276 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
14:03:45.0071 3276 b57nd60x - ok
14:03:45.0294 3276 BBSvc (87f3bcf82a63e900af896cd930bf7e05) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
14:03:45.0391 3276 BBSvc - ok
14:03:45.0531 3276 BBUpdate (78779ee07231c658b483b1f38b5088df) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
14:03:45.0595 3276 BBUpdate - ok
14:03:45.0679 3276 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
14:03:45.0814 3276 BDESVC - ok
14:03:45.0877 3276 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
14:03:46.0048 3276 Beep - ok
14:03:46.0254 3276 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
14:03:46.0395 3276 BFE - ok
14:03:46.0581 3276 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
14:03:46.0803 3276 BITS - ok
14:03:46.0844 3276 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\drivers\blbdrive.sys
14:03:46.0920 3276 blbdrive - ok
14:03:46.0956 3276 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
14:03:47.0076 3276 bowser - ok
14:03:47.0103 3276 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
14:03:47.0175 3276 BrFiltLo - ok
14:03:47.0195 3276 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
14:03:47.0277 3276 BrFiltUp - ok
14:03:47.0334 3276 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
14:03:47.0456 3276 Browser - ok
14:03:47.0683 3276 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
14:03:47.0803 3276 Brserid - ok
14:03:47.0818 3276 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
14:03:47.0932 3276 BrSerWdm - ok
14:03:47.0959 3276 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:03:48.0045 3276 BrUsbMdm - ok
14:03:48.0057 3276 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
14:03:48.0184 3276 BrUsbSer - ok
14:03:48.0198 3276 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
14:03:48.0276 3276 BTHMODEM - ok
14:03:48.0405 3276 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
14:03:48.0524 3276 bthserv - ok
14:03:48.0778 3276 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
14:03:48.0952 3276 cdfs - ok
14:03:49.0282 3276 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
14:03:49.0409 3276 cdrom - ok
14:03:49.0650 3276 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
14:03:49.0793 3276 CertPropSvc - ok
14:03:49.0834 3276 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
14:03:49.0915 3276 circlass - ok
14:03:50.0031 3276 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
14:03:50.0097 3276 CLFS - ok
14:03:50.0656 3276 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:03:50.0754 3276 clr_optimization_v2.0.50727_32 - ok
14:03:51.0411 3276 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:03:51.0550 3276 clr_optimization_v4.0.30319_32 - ok
14:03:51.0621 3276 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys
14:03:51.0705 3276 CmBatt - ok
14:03:51.0741 3276 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
14:03:51.0795 3276 cmdide - ok
14:03:51.0940 3276 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
14:03:52.0062 3276 CNG - ok
14:03:52.0119 3276 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys
14:03:52.0171 3276 Compbatt - ok
14:03:52.0197 3276 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
14:03:52.0272 3276 CompositeBus - ok
14:03:52.0306 3276 COMSysApp - ok
14:03:52.0353 3276 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
14:03:52.0407 3276 crcdisk - ok
14:03:52.0501 3276 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
14:03:52.0673 3276 CryptSvc - ok
14:03:53.0360 3276 cvhsvc (61a86809b62769643892bc0812b204aa) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:03:53.0482 3276 cvhsvc - ok
14:03:53.0667 3276 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
14:03:53.0794 3276 DcomLaunch - ok
14:03:53.0898 3276 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
14:03:54.0028 3276 defragsvc - ok
14:03:54.0386 3276 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
14:03:54.0545 3276 DfsC - ok
14:03:54.0649 3276 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
14:03:54.0756 3276 Dhcp - ok
14:03:54.0776 3276 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
14:03:54.0884 3276 discache - ok
14:03:54.0963 3276 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
14:03:55.0017 3276 Disk - ok
14:03:55.0073 3276 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
14:03:55.0276 3276 Dnscache - ok
14:03:55.0579 3276 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
14:03:55.0695 3276 dot3svc - ok
14:03:55.0781 3276 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
14:03:55.0933 3276 DPS - ok
14:03:56.0012 3276 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
14:03:56.0109 3276 drmkaud - ok
14:03:56.0356 3276 DsiWMIService (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files\Launch Manager\dsiwmis.exe
14:03:56.0418 3276 DsiWMIService - ok
14:03:56.0635 3276 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
14:03:56.0719 3276 DXGKrnl - ok
14:03:56.0971 3276 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
14:03:57.0133 3276 EapHost - ok
14:03:57.0826 3276 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
14:03:58.0035 3276 ebdrv - ok
14:03:58.0447 3276 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
14:03:58.0571 3276 EFS - ok
14:03:58.0995 3276 EgisTec Ticket Service (18dd872dd46acb24e106dc2c9c270466) C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
14:03:59.0081 3276 EgisTec Ticket Service - ok
14:03:59.0253 3276 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
14:03:59.0329 3276 elxstor - ok
14:03:59.0599 3276 ePowerSvc (7240a2abc6c2f982a6d7be2bb5eb8d78) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
14:03:59.0688 3276 ePowerSvc - ok
14:03:59.0734 3276 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
14:03:59.0830 3276 ErrDev - ok
14:04:00.0023 3276 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
14:04:00.0162 3276 EventSystem - ok
14:04:00.0232 3276 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
14:04:00.0372 3276 exfat - ok
14:04:00.0408 3276 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
14:04:00.0517 3276 fastfat - ok
14:04:00.0757 3276 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
14:04:00.0956 3276 Fax - ok
14:04:01.0007 3276 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys
14:04:01.0076 3276 fdc - ok
14:04:01.0165 3276 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
14:04:01.0325 3276 fdPHost - ok
14:04:01.0378 3276 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
14:04:01.0493 3276 FDResPub - ok
14:04:01.0655 3276 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
14:04:01.0759 3276 FileInfo - ok
14:04:01.0799 3276 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
14:04:01.0892 3276 Filetrace - ok
14:04:01.0952 3276 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys
14:04:02.0018 3276 flpydisk - ok
14:04:02.0122 3276 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
14:04:02.0186 3276 FltMgr - ok
14:04:02.0749 3276 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
14:04:02.0900 3276 FontCache - ok
14:04:03.0134 3276 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:04:03.0278 3276 FontCache3.0.0.0 - ok
14:04:03.0378 3276 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
14:04:03.0443 3276 FsDepends - ok
14:04:03.0515 3276 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
14:04:03.0576 3276 Fs_Rec - ok
14:04:03.0622 3276 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
14:04:03.0686 3276 fvevol - ok
14:04:03.0832 3276 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
14:04:03.0904 3276 gagp30kx - ok
14:04:04.0110 3276 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files\WildTangent Games\App\GamesAppService.exe
14:04:04.0189 3276 GamesAppService - ok
14:04:04.0545 3276 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
14:04:04.0692 3276 gpsvc - ok
14:04:04.0820 3276 GREGService (84e58fea8b1a7537696a20c59cb9b0c9) C:\Program Files\Acer\Registration\GREGsvc.exe
14:04:04.0853 3276 GREGService ( UnsignedFile.Multi.Generic ) - warning
14:04:04.0853 3276 GREGService - detected UnsignedFile.Multi.Generic (1)
14:04:04.0926 3276 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
14:04:05.0106 3276 hcw85cir - ok
14:04:05.0202 3276 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
14:04:05.0323 3276 HdAudAddService - ok
14:04:05.0421 3276 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
14:04:05.0492 3276 HDAudBus - ok
14:04:05.0533 3276 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
14:04:05.0610 3276 HidBatt - ok
14:04:05.0642 3276 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
14:04:05.0728 3276 HidBth - ok
14:04:05.0740 3276 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
14:04:05.0812 3276 HidIr - ok
14:04:05.0885 3276 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
14:04:05.0996 3276 hidserv - ok
14:04:06.0060 3276 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
14:04:06.0129 3276 HidUsb - ok
14:04:06.0284 3276 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
14:04:06.0415 3276 hkmsvc - ok
14:04:06.0470 3276 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
14:04:06.0659 3276 HomeGroupListener - ok
14:04:06.0722 3276 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
14:04:06.0850 3276 HomeGroupProvider - ok
14:04:06.0915 3276 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
14:04:06.0969 3276 HpSAMD - ok
14:04:07.0221 3276 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
14:04:07.0349 3276 HTTP - ok
14:04:07.0371 3276 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
14:04:07.0424 3276 hwpolicy - ok
14:04:07.0482 3276 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
14:04:07.0573 3276 i8042prt - ok
14:04:07.0676 3276 iaStor (f4037a3fedb92dd97c95f320766ea5c9) C:\Windows\system32\drivers\iaStor.sys
14:04:07.0763 3276 iaStor - ok
14:04:07.0964 3276 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:04:08.0019 3276 IAStorDataMgrSvc - ok
14:04:08.0122 3276 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
14:04:08.0200 3276 iaStorV - ok
14:04:08.0808 3276 IconMan_R (0dffba5ae3d2e1c076bd8e6f52c4fdfb) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
14:04:08.0935 3276 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
14:04:08.0936 3276 IconMan_R - detected UnsignedFile.Multi.Generic (1)
14:04:09.0306 3276 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:04:09.0416 3276 idsvc - ok
14:04:10.0371 3276 igfx (ba41e1bba410212ce6d30e0dac47972b) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:04:10.0690 3276 igfx - ok
14:04:11.0038 3276 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
14:04:11.0090 3276 iirsp - ok
14:04:11.0230 3276 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
14:04:11.0369 3276 IKEEXT - ok
14:04:11.0969 3276 IntcAzAudAddService (feaae1c549d14b9759b88c569f33cd4e) C:\Windows\system32\drivers\RTKVHDA.sys
14:04:12.0263 3276 IntcAzAudAddService - ok
14:04:12.0451 3276 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
14:04:12.0513 3276 intelide - ok
14:04:12.0677 3276 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
14:04:12.0788 3276 intelppm - ok
14:04:13.0043 3276 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
14:04:13.0191 3276 IPBusEnum - ok
14:04:13.0222 3276 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:04:13.0330 3276 IpFilterDriver - ok
14:04:13.0618 3276 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
14:04:13.0790 3276 iphlpsvc - ok
14:04:13.0881 3276 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
14:04:13.0963 3276 IPMIDRV - ok
14:04:13.0981 3276 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
14:04:14.0095 3276 IPNAT - ok
14:04:14.0164 3276 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
14:04:14.0265 3276 IRENUM - ok
14:04:14.0405 3276 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
14:04:14.0503 3276 isapnp - ok
14:04:14.0585 3276 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
14:04:14.0644 3276 iScsiPrt - ok
14:04:14.0757 3276 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
14:04:14.0872 3276 kbdclass - ok
14:04:14.0921 3276 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
14:04:14.0996 3276 kbdhid - ok
14:04:15.0049 3276 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:04:15.0115 3276 KeyIso - ok
14:04:15.0230 3276 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
14:04:15.0321 3276 KSecDD - ok
14:04:15.0612 3276 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
14:04:15.0719 3276 KSecPkg - ok
14:04:16.0277 3276 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
14:04:16.0452 3276 KtmRm - ok
14:04:16.0569 3276 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
14:04:16.0695 3276 LanmanServer - ok
14:04:16.0825 3276 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
14:04:16.0926 3276 LanmanWorkstation - ok
14:04:17.0490 3276 Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
14:04:17.0557 3276 Live Updater Service - ok
14:04:17.0646 3276 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
14:04:17.0756 3276 lltdio - ok
14:04:17.0821 3276 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
14:04:17.0939 3276 lltdsvc - ok
14:04:17.0997 3276 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
14:04:18.0113 3276 lmhosts - ok
14:04:18.0161 3276 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
14:04:18.0217 3276 LSI_FC - ok
14:04:18.0277 3276 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
14:04:18.0336 3276 LSI_SAS - ok
14:04:18.0358 3276 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
14:04:18.0414 3276 LSI_SAS2 - ok
14:04:18.0443 3276 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
14:04:18.0499 3276 LSI_SCSI - ok
14:04:18.0554 3276 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
14:04:18.0664 3276 luafv - ok
14:04:18.0769 3276 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
14:04:18.0873 3276 MBAMProtector - ok
14:04:19.0076 3276 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:04:19.0173 3276 MBAMService - ok
14:04:19.0365 3276 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
14:04:19.0446 3276 MBAMSwissArmy - ok
14:04:19.0557 3276 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
14:04:19.0621 3276 megasas - ok
14:04:19.0772 3276 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
14:04:19.0833 3276 MegaSR - ok
14:04:20.0007 3276 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
14:04:20.0169 3276 MMCSS - ok
14:04:20.0179 3276 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
14:04:20.0286 3276 Modem - ok
14:04:20.0341 3276 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
14:04:20.0430 3276 monitor - ok
14:04:20.0459 3276 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
14:04:20.0512 3276 mouclass - ok
14:04:20.0523 3276 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
14:04:20.0604 3276 mouhid - ok
14:04:20.0647 3276 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
14:04:20.0699 3276 mountmgr - ok
14:04:20.0982 3276 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
14:04:21.0083 3276 mpio - ok
14:04:21.0119 3276 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
14:04:21.0228 3276 mpsdrv - ok
14:04:21.0360 3276 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
14:04:21.0510 3276 MpsSvc - ok
14:04:21.0670 3276 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
14:04:21.0755 3276 MRxDAV - ok
14:04:21.0804 3276 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:04:21.0912 3276 mrxsmb - ok
14:04:22.0043 3276 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:04:22.0234 3276 mrxsmb10 - ok
14:04:22.0701 3276 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:04:22.0829 3276 mrxsmb20 - ok
14:04:22.0911 3276 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
14:04:22.0969 3276 msahci - ok
14:04:23.0058 3276 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
14:04:23.0137 3276 msdsm - ok
14:04:23.0319 3276 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
14:04:23.0618 3276 MSDTC - ok
14:04:23.0766 3276 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
14:04:23.0915 3276 Msfs - ok
14:04:23.0936 3276 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
14:04:24.0027 3276 mshidkmdf - ok
14:04:24.0057 3276 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
14:04:24.0108 3276 msisadrv - ok
14:04:24.0291 3276 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
14:04:24.0484 3276 MSiSCSI - ok
14:04:24.0492 3276 msiserver - ok
14:04:24.0543 3276 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
14:04:24.0657 3276 MSKSSRV - ok
14:04:24.0687 3276 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
14:04:24.0810 3276 MSPCLOCK - ok
14:04:24.0821 3276 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
14:04:24.0937 3276 MSPQM - ok
14:04:25.0002 3276 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
14:04:25.0071 3276 MsRPC - ok
14:04:25.0091 3276 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
14:04:25.0148 3276 mssmbios - ok
14:04:25.0159 3276 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
14:04:25.0279 3276 MSTEE - ok
14:04:25.0289 3276 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
14:04:25.0365 3276 MTConfig - ok
14:04:25.0426 3276 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
14:04:25.0536 3276 Mup - ok
14:04:25.0560 3276 mwlPSDFilter (383379f94280e5cce2c563711fd17f43) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
14:04:25.0608 3276 mwlPSDFilter - ok
14:04:25.0617 3276 mwlPSDNServ (9ddf22cffacfe91fb60336276a2f2524) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
14:04:25.0668 3276 mwlPSDNServ - ok
14:04:25.0680 3276 mwlPSDVDisk (755b8cefec291f42cdc560a68cdde6ef) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
14:04:25.0729 3276 mwlPSDVDisk - ok
14:04:25.0857 3276 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
14:04:25.0995 3276 napagent - ok
14:04:26.0099 3276 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
14:04:26.0187 3276 NativeWifiP - ok
14:04:26.0571 3276 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
14:04:26.0690 3276 NDIS - ok
14:04:26.0759 3276 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
14:04:26.0885 3276 NdisCap - ok
14:04:26.0909 3276 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
14:04:27.0022 3276 NdisTapi - ok
14:04:27.0135 3276 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
14:04:27.0249 3276 Ndisuio - ok
14:04:27.0266 3276 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
14:04:27.0376 3276 NdisWan - ok
14:04:27.0390 3276 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
14:04:27.0513 3276 NDProxy - ok
14:04:27.0539 3276 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
14:04:27.0645 3276 NetBIOS - ok
14:04:27.0700 3276 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
14:04:27.0794 3276 NetBT - ok
14:04:27.0826 3276 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:04:27.0895 3276 Netlogon - ok
14:04:28.0030 3276 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
14:04:28.0160 3276 Netman - ok
14:04:28.0195 3276 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
14:04:28.0322 3276 netprofm - ok
14:04:28.0528 3276 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:04:28.0580 3276 NetTcpPortSharing - ok
14:04:29.0681 3276 NETwNs32 (5c531e96643a74ce8bd9ab16b6c7ead7) C:\Windows\system32\DRIVERS\NETwNs32.sys
14:04:30.0105 3276 NETwNs32 - ok
14:04:30.0523 3276 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
14:04:30.0581 3276 nfrd960 - ok
14:04:30.0671 3276 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
14:04:30.0789 3276 NlaSvc - ok
14:04:31.0291 3276 NOBU (a634584c506f2c82680039371aa1772c) C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
14:04:31.0446 3276 NOBU - ok
14:04:31.0790 3276 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
14:04:31.0926 3276 Npfs - ok
14:04:32.0034 3276 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
14:04:32.0149 3276 nsi - ok
14:04:32.0161 3276 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
14:04:32.0267 3276 nsiproxy - ok
14:04:32.0640 3276 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
14:04:32.0763 3276 Ntfs - ok
14:04:32.0794 3276 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
14:04:32.0949 3276 Null - ok
14:04:33.0016 3276 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
14:04:33.0074 3276 nvraid - ok
14:04:33.0123 3276 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
14:04:33.0183 3276 nvstor - ok
14:04:33.0215 3276 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
14:04:33.0287 3276 nv_agp - ok
14:04:33.0303 3276 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
14:04:33.0376 3276 ohci1394 - ok
14:04:33.0562 3276 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:04:33.0632 3276 ose - ok
14:04:34.0352 3276 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:04:34.0651 3276 osppsvc - ok
14:04:34.0924 3276 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
14:04:35.0035 3276 p2pimsvc - ok
14:04:35.0250 3276 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
14:04:35.0351 3276 p2psvc - ok
14:04:35.0512 3276 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys
14:04:35.0635 3276 Parport - ok
14:04:35.0686 3276 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
14:04:35.0750 3276 partmgr - ok
14:04:35.0780 3276 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys
14:04:35.0848 3276 Parvdm - ok
14:04:35.0943 3276 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
14:04:36.0018 3276 PcaSvc - ok
14:04:36.0064 3276 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
14:04:36.0125 3276 pci - ok
14:04:36.0173 3276 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
14:04:36.0235 3276 pciide - ok
14:04:36.0281 3276 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
14:04:36.0346 3276 pcmcia - ok
14:04:36.0384 3276 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
14:04:36.0444 3276 pcw - ok
14:04:36.0568 3276 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
14:04:36.0735 3276 PEAUTH - ok
14:04:37.0203 3276 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
14:04:37.0410 3276 pla - ok
14:04:37.0765 3276 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
14:04:37.0875 3276 PlugPlay - ok
14:04:37.0914 3276 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
14:04:37.0999 3276 PNRPAutoReg - ok
14:04:38.0084 3276 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
14:04:38.0153 3276 PNRPsvc - ok
14:04:38.0259 3276 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
14:04:38.0389 3276 PolicyAgent - ok
14:04:38.0479 3276 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
14:04:38.0579 3276 Power - ok
14:04:38.0692 3276 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
14:04:38.0815 3276 PptpMiniport - ok
14:04:38.0856 3276 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
14:04:38.0936 3276 Processor - ok
14:04:38.0999 3276 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
14:04:39.0136 3276 ProfSvc - ok
14:04:39.0181 3276 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:04:39.0251 3276 ProtectedStorage - ok
14:04:39.0367 3276 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
14:04:39.0489 3276 Psched - ok
14:04:39.0720 3276 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
14:04:39.0851 3276 ql2300 - ok
14:04:40.0150 3276 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
14:04:40.0208 3276 ql40xx - ok
14:04:40.0313 3276 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
14:04:40.0408 3276 QWAVE - ok
14:04:40.0442 3276 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
14:04:40.0523 3276 QWAVEdrv - ok
14:04:40.0554 3276 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
14:04:40.0678 3276 RasAcd - ok
14:04:40.0737 3276 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:04:40.0845 3276 RasAgileVpn - ok
14:04:40.0922 3276 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
14:04:41.0070 3276 RasAuto - ok
14:04:41.0192 3276 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:04:41.0394 3276 Rasl2tp - ok
14:04:41.0534 3276 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
14:04:41.0694 3276 RasMan - ok
14:04:41.0744 3276 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
14:04:41.0851 3276 RasPppoe - ok
14:04:41.0888 3276 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
14:04:42.0001 3276 RasSstp - ok
14:04:42.0072 3276 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
14:04:42.0196 3276 rdbss - ok
14:04:42.0254 3276 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\drivers\rdpbus.sys
14:04:42.0371 3276 rdpbus - ok
14:04:42.0424 3276 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:04:42.0541 3276 RDPCDD - ok
14:04:42.0579 3276 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
14:04:42.0697 3276 RDPENCDD - ok
14:04:42.0713 3276 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
14:04:42.0826 3276 RDPREFMP - ok
14:04:42.0924 3276 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
14:04:43.0873 3276 RDPWD - ok
14:04:43.0944 3276 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
14:04:44.0003 3276 rdyboost - ok
14:04:44.0068 3276 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
14:04:44.0184 3276 RemoteAccess - ok
14:04:44.0262 3276 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
14:04:44.0380 3276 RemoteRegistry - ok
14:04:44.0422 3276 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
14:04:44.0530 3276 RpcEptMapper - ok
14:04:44.0566 3276 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
14:04:44.0643 3276 RpcLocator - ok
14:04:44.0792 3276 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
14:04:44.0921 3276 RpcSs - ok
14:04:45.0053 3276 RSPCIESTOR (5aff9074165f855b790d3a576b6b453b) C:\Windows\system32\DRIVERS\RtsPStor.sys
14:04:45.0117 3276 RSPCIESTOR - ok
14:04:45.0195 3276 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
14:04:45.0315 3276 rspndr - ok
14:04:45.0531 3276 RS_Service (7cb9f0fdd730f4a4ecf6cde15ea12e8a) C:\Program Files\Acer\Acer VCM\RS_Service.exe
14:04:45.0591 3276 RS_Service - ok
14:04:45.0684 3276 RTL8167 (f83feaf4c5a3a559a6cc98e112b62744) C:\Windows\system32\DRIVERS\Rt86win7.sys
14:04:45.0757 3276 RTL8167 - ok
14:04:45.0822 3276 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:04:45.0902 3276 SamSs - ok
14:04:46.0028 3276 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
14:04:46.0099 3276 sbp2port - ok
14:04:46.0180 3276 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
14:04:46.0310 3276 SCardSvr - ok
14:04:46.0415 3276 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
14:04:46.0579 3276 scfilter - ok
14:04:46.0760 3276 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
14:04:46.0912 3276 Schedule - ok
14:04:46.0970 3276 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
14:04:47.0080 3276 SCPolicySvc - ok
14:04:47.0136 3276 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
14:04:47.0267 3276 SDRSVC - ok
14:04:47.0319 3276 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:04:47.0452 3276 secdrv - ok
14:04:47.0493 3276 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
14:04:47.0625 3276 seclogon - ok
14:04:47.0652 3276 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
14:04:47.0769 3276 SENS - ok
14:04:47.0815 3276 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\drivers\serenum.sys
14:04:47.0915 3276 Serenum - ok
14:04:47.0994 3276 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\drivers\serial.sys
14:04:48.0081 3276 Serial - ok
14:04:48.0104 3276 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
14:04:48.0166 3276 sermouse - ok
14:04:48.0499 3276 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
14:04:48.0672 3276 SessionEnv - ok
14:04:48.0716 3276 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
14:04:48.0792 3276 sffdisk - ok
14:04:48.0830 3276 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
14:04:48.0899 3276 sffp_mmc - ok
14:04:48.0912 3276 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
14:04:49.0002 3276 sffp_sd - ok
14:04:49.0014 3276 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
14:04:49.0098 3276 sfloppy - ok
14:04:49.0714 3276 Sftfs (74744f4d9eb18ddd0eb45e03cfdd648e) C:\Windows\system32\DRIVERS\Sftfslh.sys
14:04:49.0807 3276 Sftfs - ok
14:04:50.0138 3276 sftlist (baf282373e79d08ce9510ac8b5a1f41d) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
14:04:50.0232 3276 sftlist - ok
14:04:50.0330 3276 Sftplay (cbc5be6f81e86cc73656e61767002da9) C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:04:50.0399 3276 Sftplay - ok
14:04:50.0447 3276 Sftredir (961e50666e6d6949328b1ffbc33adf43) C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:04:50.0510 3276 Sftredir - ok
14:04:50.0610 3276 Sftvol (c8c02c8fe267751ec62b7e7d8d214c63) C:\Windows\system32\DRIVERS\Sftvollh.sys
14:04:50.0669 3276 Sftvol - ok
14:04:50.0775 3276 sftvsa (ee28aeb3889a9cca894626ecd1fb1c8b) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
14:04:50.0836 3276 sftvsa - ok
14:04:50.0992 3276 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
14:04:51.0129 3276 SharedAccess - ok
14:04:51.0278 3276 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
14:04:51.0451 3276 ShellHWDetection - ok
14:04:51.0500 3276 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
14:04:51.0560 3276 sisagp - ok
14:04:51.0581 3276 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
14:04:51.0648 3276 SiSRaid2 - ok
14:04:51.0673 3276 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
14:04:51.0737 3276 SiSRaid4 - ok
14:04:51.0788 3276 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
14:04:51.0991 3276 Smb - ok
14:04:52.0089 3276 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
14:04:52.0186 3276 SNMPTRAP - ok
14:04:52.0230 3276 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
14:04:52.0308 3276 spldr - ok
14:04:52.0368 3276 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
14:04:52.0502 3276 Spooler - ok
14:04:56.0338 3276 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
14:04:56.0616 3276 sppsvc - ok
14:04:57.0197 3276 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
14:04:57.0365 3276 sppuinotify - ok
14:04:57.0543 3276 sp_rsdrv2 (7b426b8e809edf081d771ef429345528) C:\Windows\system32\drivers\sp_rsdrv2.sys
14:04:57.0597 3276 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - warning
14:04:57.0598 3276 sp_rsdrv2 - detected UnsignedFile.Multi.Generic (1)
14:04:57.0820 3276 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
14:04:57.0943 3276 srv - ok
14:04:57.0994 3276 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
14:04:58.0210 3276 srv2 - ok
14:04:58.0271 3276 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
14:04:58.0381 3276 srvnet - ok
14:04:58.0475 3276 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
14:04:58.0648 3276 SSDPSRV - ok
14:04:58.0675 3276 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
14:04:58.0797 3276 SstpSvc - ok
14:04:59.0223 3276 ST2012_Svc (b82ec9dc581ad46eac8ac5b7983807a2) C:\Program Files\Spyware Terminator\st_rsser.exe
14:04:59.0313 3276 ST2012_Svc - ok
14:04:59.0353 3276 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
14:04:59.0419 3276 stexstor - ok
14:04:59.0536 3276 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
14:04:59.0647 3276 StiSvc - ok
14:04:59.0730 3276 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
14:04:59.0785 3276 swenum - ok
14:04:59.0978 3276 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
14:05:00.0111 3276 swprv - ok
14:05:00.0630 3276 SynTP (31b6b2d25fcff1b71ae225000d656cd0) C:\Windows\system32\DRIVERS\SynTP.sys
14:05:00.0773 3276 SynTP - ok
14:05:01.0910 3276 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
14:05:02.0070 3276 SysMain - ok
14:05:02.0138 3276 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
14:05:02.0252 3276 TabletInputService - ok
14:05:02.0284 3276 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
14:05:02.0509 3276 TapiSrv - ok
14:05:02.0536 3276 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
14:05:02.0651 3276 TBS - ok
14:05:03.0370 3276 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
14:05:03.0623 3276 Tcpip - ok
14:05:03.0667 3276 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
14:05:03.0765 3276 TCPIP6 - ok
14:05:03.0817 3276 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
14:05:03.0949 3276 tcpipreg - ok
14:05:03.0982 3276 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
14:05:04.0189 3276 TDPIPE - ok
14:05:04.0243 3276 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
14:05:04.0320 3276 TDTCP - ok
14:05:04.0634 3276 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
14:05:04.0783 3276 tdx - ok
14:05:04.0897 3276 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
14:05:04.0974 3276 TermDD - ok
14:05:05.0164 3276 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
14:05:05.0308 3276 TermService - ok
14:05:05.0351 3276 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
14:05:05.0453 3276 Themes - ok
14:05:05.0546 3276 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
14:05:05.0672 3276 THREADORDER - ok
14:05:05.0855 3276 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
14:05:06.0028 3276 TrkWks - ok
14:05:06.0659 3276 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
14:05:06.0824 3276 TrustedInstaller - ok
14:05:06.0872 3276 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:05:06.0994 3276 tssecsrv - ok
14:05:07.0034 3276 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
14:05:07.0154 3276 TsUsbFlt - ok
14:05:07.0178 3276 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
14:05:07.0263 3276 TsUsbGD - ok
14:05:07.0391 3276 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
14:05:07.0536 3276 tunnel - ok
14:05:07.0583 3276 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
14:05:07.0653 3276 uagp35 - ok
14:05:07.0745 3276 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
14:05:07.0866 3276 udfs - ok
14:05:07.0978 3276 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
14:05:08.0069 3276 UI0Detect - ok
14:05:08.0136 3276 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
14:05:08.0195 3276 uliagpkx - ok
14:05:08.0363 3276 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
14:05:08.0469 3276 umbus - ok
14:05:08.0510 3276 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
14:05:08.0599 3276 UmPass - ok
14:05:08.0674 3276 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
14:05:08.0807 3276 upnphost - ok
14:05:08.0910 3276 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
14:05:09.0014 3276 usbccgp - ok
14:05:09.0259 3276 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
14:05:09.0403 3276 usbcir - ok
14:05:09.0519 3276 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
14:05:09.0610 3276 usbehci - ok
14:05:09.0889 3276 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\drivers\usbhub.sys
14:05:10.0038 3276 usbhub - ok
14:05:10.0081 3276 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
14:05:10.0162 3276 usbohci - ok
14:05:10.0205 3276 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
14:05:10.0281 3276 usbprint - ok
14:05:10.0296 3276 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:05:10.0433 3276 USBSTOR - ok
14:05:10.0657 3276 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
14:05:10.0758 3276 usbuhci - ok
14:05:11.0214 3276 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
14:05:11.0446 3276 usbvideo - ok
14:05:11.0668 3276 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
14:05:11.0796 3276 UxSms - ok
14:05:11.0899 3276 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:05:11.0969 3276 VaultSvc - ok
14:05:12.0181 3276 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
14:05:12.0254 3276 vdrvroot - ok
14:05:13.0788 3276 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
14:05:14.0007 3276 vds - ok
14:05:14.0135 3276 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
14:05:14.0215 3276 vga - ok
14:05:14.0273 3276 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
14:05:14.0398 3276 VgaSave - ok
14:05:14.0875 3276 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
14:05:14.0968 3276 vhdmp - ok
14:05:15.0029 3276 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
14:05:15.0082 3276 viaagp - ok
14:05:15.0321 3276 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
14:05:15.0461 3276 ViaC7 - ok
14:05:15.0597 3276 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
14:05:15.0670 3276 viaide - ok
14:05:15.0805 3276 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
14:05:15.0883 3276 volmgr - ok
14:05:15.0936 3276 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
14:05:16.0002 3276 volmgrx - ok
14:05:16.0081 3276 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
14:05:16.0161 3276 volsnap - ok
14:05:16.0572 3276 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
14:05:16.0662 3276 vsmraid - ok
14:05:17.0194 3276 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
14:05:17.0379 3276 VSS - ok
14:05:18.0910 3276 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
14:05:19.0037 3276 vToolbarUpdater11.1.0 - ok
14:05:20.0422 3276 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
14:05:20.0532 3276 vwifibus - ok
14:05:20.0779 3276 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
14:05:20.0941 3276 vwififlt - ok
14:05:21.0583 3276 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
14:05:21.0764 3276 W32Time - ok
14:05:21.0906 3276 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
14:05:21.0993 3276 WacomPen - ok
14:05:22.0324 3276 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:05:22.0513 3276 WANARP - ok
14:05:22.0522 3276 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:05:22.0623 3276 Wanarpv6 - ok
14:05:23.0998 3276 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
14:05:24.0246 3276 wbengine - ok
14:05:24.0393 3276 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
14:05:24.0604 3276 WbioSrvc - ok
14:05:24.0748 3276 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
14:05:24.0863 3276 wcncsvc - ok
14:05:24.0881 3276 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
14:05:25.0097 3276 WcsPlugInService - ok
14:05:25.0313 3276 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
14:05:25.0369 3276 Wd - ok
14:05:25.0524 3276 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:05:25.0599 3276 Wdf01000 - ok
14:05:25.0742 3276 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
14:05:25.0991 3276 WdiServiceHost - ok
14:05:26.0062 3276 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
14:05:26.0140 3276 WdiSystemHost - ok
14:05:26.0265 3276 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
14:05:26.0365 3276 WebClient - ok
14:05:26.0443 3276 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
14:05:26.0598 3276 Wecsvc - ok
14:05:26.0645 3276 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
14:05:26.0772 3276 wercplsupport - ok
14:05:26.0894 3276 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
14:05:27.0022 3276 WerSvc - ok
14:05:27.0232 3276 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
14:05:27.0343 3276 WfpLwf - ok
14:05:27.0370 3276 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
14:05:27.0426 3276 WIMMount - ok
14:05:27.0767 3276 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
14:05:27.0891 3276 WinDefend - ok
14:05:27.0984 3276 WinHttpAutoProxySvc - ok
14:05:28.0382 3276 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
14:05:28.0497 3276 Winmgmt - ok
14:05:28.0741 3276 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
14:05:28.0945 3276 WinRM - ok
14:05:30.0883 3276 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
14:05:31.0095 3276 Wlansvc - ok
14:05:31.0516 3276 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:05:31.0580 3276 wlcrasvc - ok
14:05:32.0188 3276 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:05:32.0332 3276 wlidsvc - ok
14:05:32.0729 3276 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
14:05:32.0904 3276 WmiAcpi - ok
14:05:33.0117 3276 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
14:05:33.0221 3276 wmiApSrv - ok
14:05:33.0858 3276 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:05:34.0034 3276 WMPNetworkSvc - ok
14:05:34.0142 3276 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
14:05:34.0237 3276 WPCSvc - ok
14:05:34.0280 3276 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
14:05:34.0531 3276 WPDBusEnum - ok
14:05:34.0787 3276 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
14:05:34.0933 3276 ws2ifsl - ok
14:05:35.0116 3276 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
14:05:35.0232 3276 wscsvc - ok
14:05:35.0244 3276 WSearch - ok
14:05:36.0010 3276 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
14:05:36.0288 3276 wuauserv - ok
14:05:36.0656 3276 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
14:05:36.0822 3276 WudfPf - ok
14:05:36.0863 3276 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:05:37.0008 3276 WUDFRd - ok
14:05:37.0273 3276 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
14:05:37.0426 3276 wudfsvc - ok
14:05:37.0640 3276 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
14:05:37.0759 3276 WwanSvc - ok
14:05:37.0824 3276 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:05:38.0625 3276 \Device\Harddisk0\DR0 - ok
14:05:38.0638 3276 Boot (0x1200) (42ccff0c72e2b5e5325a184d2c6eaf92) \Device\Harddisk0\DR0\Partition0
14:05:38.0640 3276 \Device\Harddisk0\DR0\Partition0 - ok
14:05:38.0655 3276 Boot (0x1200) (2a8243f31164d5c6acb5b7019d6ed89f) \Device\Harddisk0\DR0\Partition1
14:05:38.0660 3276 \Device\Harddisk0\DR0\Partition1 - ok
14:05:38.0702 3276 Boot (0x1200) (40464bb5fec3388be1674eb092dc50c5) \Device\Harddisk0\DR0\Partition2
14:05:38.0707 3276 \Device\Harddisk0\DR0\Partition2 - ok
14:05:38.0708 3276 ============================================================
14:05:38.0708 3276 Scan finished
14:05:38.0708 3276 ============================================================
14:05:38.0727 4856 Detected object count: 3
14:05:38.0727 4856 Actual detected object count: 3
14:11:52.0311 4856 GREGService ( UnsignedFile.Multi.Generic ) - skipped by user
14:11:52.0311 4856 GREGService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:11:52.0313 4856 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
14:11:52.0313 4856 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:11:52.0314 4856 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user
14:11:52.0314 4856 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

první test ještě není dokončen...vložím hned jak bude hotov...

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.06.28.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Datart :: DATART-PC [administrátor]

Ochrana: Povolena

28.6.2012 13:57:20
mbam-log-2012-06-28 (13-57-20).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 286802
Uplynulý čas: 1 hodin, 49 minut, 10 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Vypadá to čisté, jestli chcete, můžeme maximálně pročistit pár zbytečností. Inkriminovaný soubor klidně hoďte do výjimek, zjevně se jedná o planý poplach.

na druhém netbooku jsem Terminátora odinstaloval a je klid. asi je to nějaká špatná verze nebo jsou špatné aktualizace nebo nevím. mám terminátora ještě na dvou jiných počítačích a vše je ok. ze začátku to na novém netbooku ukazovalo 3 rootkity a potom už víc a když jich bylo už 8 tak jsem to raději odinstaloval.

Ono to nemusi byt jen kvuli tomu, ze by tam nejaka potvora opravdu byla. Stejne jako se malware maskuje pred antiviry, snazi se zase antiviry schovat pred malwarem, coz muze nejaka heuristika oznacit jako rootkit chovani.
Pro klid duse muzete jeste jednou udelat sken TDSSkilleru podle navodu vyse a dat sem log.