Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Malware - i.trkjmp.com

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
medvídeček
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 29 bře 2009 16:23

Malware - i.trkjmp.com

#1 Příspěvek od medvídeček »

Zdravím,

dnes se mi začali v prohlížečích zobrazovat náhodně u slov odkazy s reklamou. Odkazují na i.trkjmp.com.

Nejdříve jsem provedla scan Kaspersky TDSSKiller- ten nic nenašel, tak jsem spustila Malwarebytes Anti-Malware, který našel 1 vetřelce. Dala jsem odstranit, ale bohužel to byl nějaký jiný, protože tento je tu pořád.

Můžete mi prosím poradit, jak se ho zbavit?

Logfile of random's system information tool 1.09 (written by random/random)
Run by Kaja at 2013-01-26 21:16:36
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 174 GB (57%) free of 305 GB
Total RAM: 1977 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:17:11, on 26.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\BatteryCare\BatteryCare.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\Gmail Notifier\Gmail Notifier.exe
C:\Program Files\Synaptics\Scrybe\scrybe.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Kaja\Downloads\RSIT.exe
C:\Program Files\trend micro\Kaja.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zapni.tv/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: FoxyProxy - {5D4A582E-1F8B-4b0d-93F6-0FAA20B5B95D} - C:\ProgramData\fpie\FoxyProxyAdd-on.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\Scm Group\Xilog Plus\msdxm.ocx
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kaja\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Gmail Notifier.exe] C:\Program Files\Gmail Notifier\Gmail Notifier.exe /startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Scrybe.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: FoxyProxy - res://C:\ProgramData\fpie\FoxyProxyAdd-on.dll/IDR_HTML1
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: FoxyProxy - {5D4A582E-1F8B-4b0d-93F6-0FAA20B5B95D} - C:\ProgramData\fpie\FoxyProxyAdd-on.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Aktualizátor aplikace Scrybe (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9732 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-177100379-174471381-3026543983-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-177100379-174471381-3026543983-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\8u7zp0lf.default

prefs.js - "browser.startup.homepage" - "igoogle.com"
prefs.js - "keyword.URL" - "http://www.google.com/search? ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= "

"avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.4


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10516.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
afurladvisor@anchorfree.com
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
AskSearch.js
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\8u7zp0lf.default\extensions\
50feb1e078532@50feb1e07856b.com
cs@dictionaries.addons.mozilla.org
en-gb@flyingtophat.co.uk
foxyproxy@eric.h.jung
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D4A582E-1F8B-4b0d-93F6-0FAA20B5B95D}]
FoxyProxy Internet Explorer Add-on - C:\ProgramData\fpie\FoxyProxyAdd-on.dll [2011-08-31 638976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll [2012-11-23 1796552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\Program Files\Scm Group\Xilog Plus\msdxm.ocx [1999-05-05 810256]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll [2012-11-23 1796552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-31 2221352]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-10-17 11430504]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 135168]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 167424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 144384]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"AVG_UI"=C:\Program Files\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-11-23 997320]
"ROC_roc_ssl_v12"=C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe [2012-11-23 1020512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"Google Update"=C:\Users\Kaja\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-08 116648]
"Gmail Notifier.exe"=C:\Program Files\Gmail Notifier\Gmail Notifier.exe [2011-04-07 2155008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files\BlueStacks\HD-Agent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface]
C:\Program Files\FileZilla Server\FileZilla Server Interface.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free PDF Print Dispatcher]
C:\Program Files\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Kaja\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-08 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2012-12-18 578560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files\Samsung\Kies\KiesHelper.exe /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-01-10 844144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files\Samsung\Kies\Kies.exe [2013-01-10 1475952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-01-10 310128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-10-02 795936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Kaja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC WorkBreak.lnk]
C:\Users\Kaja\AppData\Local\Temp\Rar$EX42.824\PC WorkBreak.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Kaja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Shrink Pic.lnk]
C:\PROGRA~1\SHRINK~1\SHRINK~1.EXE [2009-05-04 2528256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Kaja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Scrybe.lnk - C:\Windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-02 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-01-26 21:16:36 ----D---- C:\rsit
2013-01-26 21:16:36 ----D---- C:\Program Files\trend micro
2013-01-26 20:50:04 ----D---- C:\Users\Kaja\AppData\Roaming\Malwarebytes
2013-01-26 20:49:48 ----D---- C:\ProgramData\Malwarebytes
2013-01-26 20:49:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-01-26 20:49:47 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-01-26 20:36:29 ----A---- C:\TDSSKiller.2.8.15.0_26.01.2013_20.36.29_log.txt
2013-01-25 14:20:01 ----D---- C:\Users\Kaja\AppData\Roaming\tor
2013-01-22 16:40:30 ----D---- C:\ProgramData\CLSoft LTD
2013-01-22 16:39:40 ----D---- C:\ProgramData\SaveByclick
2013-01-22 16:37:35 ----D---- C:\Users\Kaja\AppData\Roaming\pdfforge
2013-01-22 16:37:29 ----A---- C:\Windows\system32\pdfcmon.dll
2013-01-22 16:37:26 ----D---- C:\Program Files\PDFCreator
2013-01-22 16:37:26 ----A---- C:\Windows\system32\MSMPIDE.DLL
2013-01-22 16:32:28 ----D---- C:\Users\Kaja\AppData\Roaming\Hotspot Shield
2013-01-22 16:18:39 ----D---- C:\ProgramData\Hotspot Shield
2013-01-20 12:38:34 ----SHD---- C:\Windows\system32\AI_RecycleBin
2013-01-18 21:06:25 ----D---- C:\Program Files\Mozilla Firefox
2013-01-13 14:13:31 ----D---- C:\Program Files\VisualSubSync
2013-01-11 14:11:50 ----A---- C:\Windows\system32\javaws.exe
2013-01-10 20:41:34 ----A---- C:\Windows\system32\drivers\taphss6.sys
2013-01-10 20:27:44 ----A---- C:\Windows\system32\drivers\hssdrv6.sys
2013-01-09 21:52:37 ----A---- C:\Windows\system32\win32spl.dll
2013-01-09 21:52:23 ----A---- C:\Windows\system32\usp10.dll
2013-01-09 21:52:21 ----A---- C:\Windows\system32\win32k.sys
2013-01-09 21:52:17 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 21:52:08 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-09 21:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 21:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 21:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 21:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 21:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 21:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 21:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 21:52:07 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 21:52:07 ----A---- C:\Windows\system32\winsrv.dll
2013-01-09 21:52:07 ----A---- C:\Windows\system32\kernel32.dll
2013-01-09 21:52:07 ----A---- C:\Windows\system32\conhost.exe
2013-01-09 21:52:06 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 21:52:06 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 21:52:06 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 21:52:06 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 21:52:05 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 21:52:05 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 21:52:05 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 21:52:05 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 21:52:05 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 21:52:05 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 21:52:05 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 21:52:04 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 21:52:04 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 21:52:04 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 21:52:03 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 21:52:03 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 21:52:03 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 21:52:03 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 21:52:03 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 21:52:03 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 21:51:21 ----A---- C:\Windows\system32\gameux.dll
2013-01-09 21:51:20 ----A---- C:\Windows\system32\Wpc.dll
2013-01-09 21:50:58 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 21:50:56 ----A---- C:\Windows\system32\taskhost.exe

======List of files/folders modified in the last 1 month======

2013-01-26 21:17:08 ----D---- C:\Windows\Temp
2013-01-26 21:16:36 ----RD---- C:\Program Files
2013-01-26 21:15:30 ----D---- C:\Windows\system32\config
2013-01-26 21:12:47 ----D---- C:\Users\Kaja\AppData\Roaming\Gmail Notifier
2013-01-26 21:11:25 ----D---- C:\Windows\system32\drivers
2013-01-26 21:09:01 ----D---- C:\Windows\SchCache
2013-01-26 21:00:16 ----HD---- C:\ProgramData
2013-01-26 20:01:26 ----D---- C:\ProgramData\MFAData
2013-01-25 21:57:54 ----D---- C:\Users\Kaja\AppData\Roaming\FileZilla
2013-01-25 21:19:23 ----D---- C:\Users\Kaja\AppData\Roaming\BatteryCare
2013-01-25 15:07:35 ----D---- C:\Windows\System32
2013-01-25 15:07:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-25 15:07:34 ----D---- C:\Windows\inf
2013-01-23 22:59:20 ----D---- C:\Windows\system32\catroot2
2013-01-23 14:29:54 ----D---- C:\Windows
2013-01-22 16:46:45 ----SHD---- C:\Windows\Installer
2013-01-22 16:46:31 ----SHD---- C:\Config.Msi
2013-01-22 16:45:12 ----SHD---- C:\System Volume Information
2013-01-22 16:44:35 ----D---- C:\ProgramData\InstallMate
2013-01-22 16:42:06 ----D---- C:\Windows\Tasks
2013-01-22 16:42:06 ----D---- C:\Windows\system32\Tasks
2013-01-22 16:20:41 ----SD---- C:\ProgramData\Microsoft
2013-01-22 16:19:35 ----D---- C:\Windows\system32\catroot
2013-01-22 16:19:34 ----D---- C:\Windows\system32\DriverStore
2013-01-22 14:17:55 ----D---- C:\Users\Kaja\AppData\Roaming\Audacity
2013-01-20 17:44:59 ----RSD---- C:\Windows\assembly
2013-01-20 17:44:59 ----D---- C:\Windows\Microsoft.NET
2013-01-20 13:32:50 ----D---- C:\Users\Kaja\AppData\Roaming\uTorrent
2013-01-20 13:32:47 ----D---- C:\Windows\debug
2013-01-20 13:28:58 ----D---- C:\Program Files\CCleaner
2013-01-20 10:31:53 ----D---- C:\Users\Kaja\AppData\Roaming\vlc
2013-01-20 10:25:42 ----D---- C:\Users\Kaja\AppData\Roaming\dvdcss
2013-01-19 12:40:22 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-01-11 14:14:41 ----D---- C:\Program Files\Java
2013-01-10 21:30:18 ----D---- C:\Users\Kaja\AppData\Roaming\MediaMonkey
2013-01-10 12:27:10 ----D---- C:\Windows\winsxs
2013-01-10 12:24:25 ----D---- C:\Windows\system32\cs-CZ
2013-01-10 11:04:38 ----D---- C:\ProgramData\Microsoft Help
2013-01-10 10:20:14 ----A---- C:\Windows\system32\MRT.exe
2013-01-09 22:04:52 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-01-05 20:32:19 ----D---- C:\Program Files\LeeGT-Games
2012-12-31 16:22:00 ----D---- C:\ProgramData\Adobe
2012-12-31 14:01:58 ----D---- C:\Program Files\Common Files
2012-12-29 19:34:33 ----D---- C:\Windows\Prefetch
2012-12-29 15:05:36 ----D---- C:\Users\Kaja\AppData\Roaming\Skype
2012-12-28 16:40:18 ----SD---- C:\Users\Kaja\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2012-09-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2012-11-15 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-09-14 35552]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\system32\DRIVERS\PxHelp20.sys [2004-06-03 20016]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-04-07 473656]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2012-09-21 19936]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-10-02 159712]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-09-21 164832]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2012-11-23 26984]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-07 242240]
R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2013-01-10 36040]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2012-07-24 2987520]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-18 206848]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-02 5946368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-10-18 3546664]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 21104]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-04-15 51160]
R3 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sd.sys [2008-04-08 43736]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-31 1335472]
R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-01-10 37064]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968]
R3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\BatteryCare\WinRing0.sys [2008-07-26 14416]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-12-08 30312]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-10-02 86056]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-08-29 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-08-29 18472]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-12-08 114280]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2011-12-08 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2011-12-08 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2011-12-08 132424]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-10-02 595232]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2012-04-24 254512]
R2 ScrybeUpdater;Aktualizátor aplikace Scrybe; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-18 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe [2012-05-13 18432]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [2012-04-19 8177664]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-22 1343400]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S4 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-23 711112]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Malware - i.trkjmp.com

#2 Příspěvek od Rudy »

Také zdravím!
Poprosím o log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
medvídeček
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 29 bře 2009 16:23

Re: Malware - i.trkjmp.com

#3 Příspěvek od medvídeček »

ComboFix 13-01-26.02 - Kaja 26.01.2013 21:45:36.1.2 - x86
Spuštěný z: c:\users\Kaja\Downloads\ComboFix.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\setup.exe
c:\users\Kaja\AppData\Roaming\cacaoweb
c:\users\Kaja\AppData\Roaming\cacaoweb\npdfile.dat
c:\users\Kaja\AppData\Roaming\cacaoweb\storage.db
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-26 do 2013-01-26 )))))))))))))))))))))))))))))))
.
.
2013-01-26 20:57 . 2013-01-26 20:57 -------- d-----w- c:\users\Kaja\AppData\Local\temp
2013-01-26 20:57 . 2013-01-26 20:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-26 20:16 . 2013-01-26 20:17 -------- d-----w- C:\rsit
2013-01-26 20:16 . 2013-01-26 20:17 -------- d-----w- c:\program files\trend micro
2013-01-26 19:50 . 2013-01-26 19:50 -------- d-----w- c:\users\Kaja\AppData\Roaming\Malwarebytes
2013-01-26 19:49 . 2013-01-26 19:49 -------- d-----w- c:\programdata\Malwarebytes
2013-01-26 19:49 . 2013-01-26 19:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-26 19:49 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-25 13:20 . 2013-01-25 13:23 -------- d-----w- c:\users\Kaja\AppData\Roaming\tor
2013-01-25 13:18 . 2013-01-25 13:23 -------- d-----w- c:\users\Kaja\AppData\Local\Vidalia
2013-01-22 15:40 . 2013-01-22 15:40 -------- d-----w- c:\programdata\CLSoft LTD
2013-01-22 15:39 . 2013-01-22 15:44 -------- d-----w- c:\programdata\SaveByclick
2013-01-22 15:37 . 2013-01-22 15:37 -------- d-----w- c:\users\Kaja\AppData\Roaming\pdfforge
2013-01-22 15:37 . 2013-01-11 10:39 88576 ----a-w- c:\windows\system32\pdfcmon.dll
2013-01-22 15:37 . 2012-05-05 09:54 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2013-01-22 15:37 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2013-01-22 15:37 . 2013-01-22 15:40 -------- d-----w- c:\program files\PDFCreator
2013-01-22 15:37 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2013-01-22 15:32 . 2013-01-22 15:36 -------- d-----w- c:\users\Kaja\AppData\Roaming\Hotspot Shield
2013-01-22 15:18 . 2013-01-22 15:37 -------- d-----w- c:\programdata\Hotspot Shield
2013-01-20 11:38 . 2013-01-20 11:38 -------- d-----w- c:\users\Kaja\AppData\Local\CrashRpt
2013-01-20 11:38 . 2013-01-20 11:54 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2013-01-13 13:13 . 2013-01-13 13:13 -------- d-----w- c:\program files\VisualSubSync
2013-01-10 19:41 . 2013-01-10 19:41 37064 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-01-10 19:27 . 2013-01-10 19:27 36040 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2013-01-09 20:51 . 2012-12-07 12:20 2576384 ----a-w- c:\windows\system32\gameux.dll
2013-01-09 20:50 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 20:50 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 21:04 . 2012-04-02 07:45 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 21:04 . 2011-10-21 17:59 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 14:13 . 2012-12-21 11:42 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 11:42 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-11-24 11:06 . 2012-12-18 19:35 441220 ----a-w- c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRapid-0.9u1\lib\jnidispatch32.dll
2012-11-24 11:06 . 2012-12-18 19:35 35840 ----a-w- c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRapid-0.9u1\frd.exe
2012-11-24 11:06 . 2012-12-18 19:35 200192 ----a-w- c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRapid-0.9u1\lib\jnidispatch64.dll
2012-11-24 11:06 . 2012-12-18 19:35 153600 ----a-w- c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRapid-0.9u1\tools\gocr\gocr.exe
2012-11-23 19:13 . 2012-11-23 19:14 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-11-15 22:33 . 2012-11-15 22:33 94048 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2012-11-14 02:09 . 2012-12-12 20:07 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 20:07 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 20:07 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 20:07 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 20:07 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 20:07 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 18:39 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-08 18:00 . 2012-11-23 08:23 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{87B4BA5C-19C3-499C-93C7-D7BA497ABF84}\mpengine.dll
2012-11-02 05:11 . 2012-12-12 18:39 376832 ----a-w- c:\windows\system32\dpnet.dll
2013-01-18 20:06 . 2013-01-18 20:06 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5D4A582E-1F8B-4b0d-93F6-0FAA20B5B95D}]
2011-08-31 17:21 638976 ----a-w- c:\programdata\fpie\FoxyProxyAdd-on.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-11-23 19:13 1796552 ----a-w- c:\program files\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll" [2012-11-23 1796552]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"Gmail Notifier.exe"="c:\program files\Gmail Notifier\Gmail Notifier.exe" [2011-04-07 2155008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-03-31 2221352]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 167424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 144384]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-11-23 997320]
"ROC_roc_ssl_v12"="c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-11-23 1020512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Scrybe.lnk - c:\windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [2011-10-21 45056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Kaja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC WorkBreak.lnk]
path=c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC WorkBreak.lnk
backup=c:\windows\pss\PC WorkBreak.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Kaja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Shrink Pic.lnk]
path=c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shrink Pic.lnk
backup=c:\windows\pss\Shrink Pic.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Kaja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-02-13 08:06 3481408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-07-08 17:25 116648 ----atw- c:\users\Kaja\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
2012-12-18 01:10 578560 ----a-w- c:\program files\Samsung\Kies\KiesAirMessage.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2013-01-10 09:02 844144 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2013-01-10 09:02 1475952 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2013-01-10 09:02 310128 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R4 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [x]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2013\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [x]
S2 ScrybeUpdater;Aktualizátor aplikace Scrybe;c:\program files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [x]
S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [x]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\BatteryCare\WinRing0.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 21:04]
.
2013-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-177100379-174471381-3026543983-1001Core.job
- c:\users\Kaja\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-08 17:25]
.
2013-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-177100379-174471381-3026543983-1001UA.job
- c:\users\Kaja\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-08 17:25]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.zapni.tv/index.php
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: FoxyProxy - c:\programdata\fpie\FoxyProxyAdd-on.dll/IDR_HTML1
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{5D4A582E-1F8B-4b0d-93F6-0FAA20B5B95D} - {5D4A582E-1F8B-4b0d-93F6-0FAA20B5B95D} - c:\programdata\fpie\FoxyProxyAdd-on.dll
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\8u7zp0lf.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - igoogle.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search? ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-01-10 14:23; en-gb@flyingtophat.co.uk; c:\users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\8u7zp0lf.default\extensions\en-gb@flyingtophat.co.uk
FF - ExtSQL: 2013-01-22 16:16; afurladvisor@anchorfree.com; c:\program files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
FF - ExtSQL: 2013-01-22 16:40; 50feb1e078532@50feb1e07856b.com; c:\users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\8u7zp0lf.default\extensions\50feb1e078532@50feb1e07856b.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-BlueStacks Agent - c:\program files\BlueStacks\HD-Agent.exe
MSConfigStartUp-FileZilla Server Interface - c:\program files\FileZilla Server\FileZilla Server Interface.exe
MSConfigStartUp-Free PDF Print Dispatcher - c:\program files\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe
MSConfigStartUp-KiesHelper - c:\program files\Samsung\Kies\KiesHelper.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601
.
CreateFile("\\.\PHYSICALDRIVE0"): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{8E718888-423F-11D2-876E-00A0C9082467}"=hex:51,66,7a,6c,4c,1d,38,12,e6,8b,62,
8a,0d,0c,bc,54,f8,78,43,e0,cc,56,60,73
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}"=hex:51,66,7a,6c,4c,1d,38,12,81,2d,20,
35,ad,85,e1,00,d0,fd,90,4e,9f,38,f2,ae
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:6f,e1,96,48,40,26,cd,01
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Ά~]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Ά~\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*¨‚|]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*¨‚|\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ÎŮ~]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ÎŮ~\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*×>]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*×>\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*e;3f~*€ÎÓĽ]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*e;3f~*€ÎÓĽ\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*HT$|]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*HT$|\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*óZÓD]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*óZÓD\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*YŠ§F]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*YŠ§F\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘ďt]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘ďt\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ąźž+]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ąźž+\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*„¬śQ]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*„¬śQ\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*űČşY]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*űČşY\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*čD]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*čD\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*[čD]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*[čD\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ˇčD]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ˇčD\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*6˙i;]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*6˙i;\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-01-26 22:01:01
ComboFix-quarantined-files.txt 2013-01-26 21:01
.
Před spuštěním: Volných bajtů: 189 639 290 880
Po spuštění: Volných bajtů: 189 318 520 832
.
- - End Of File - - 14DDA19AFCE423216A73BAEDAC63BED7
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Malware - i.trkjmp.com

#4 Příspěvek od Rudy »

Nyní stáhněte a rozbalte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip . Spusťte, nechte pracovat a po skončení akce dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
medvídeček
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 29 bře 2009 16:23

Re: Malware - i.trkjmp.com

#5 Příspěvek od medvídeček »

22:16:26.0518 1144 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:16:26.0708 1144 ============================================================
22:16:26.0708 1144 Current date / time: 2013/01/26 22:16:26.0708
22:16:26.0708 1144 SystemInfo:
22:16:26.0708 1144
22:16:26.0708 1144 OS Version: 6.1.7601 ServicePack: 1.0
22:16:26.0708 1144 Product type: Workstation
22:16:26.0708 1144 ComputerName: KAJA-PC
22:16:26.0708 1144 UserName: Kaja
22:16:26.0708 1144 Windows directory: C:\Windows
22:16:26.0708 1144 System windows directory: C:\Windows
22:16:26.0708 1144 Processor architecture: Intel x86
22:16:26.0708 1144 Number of processors: 2
22:16:26.0708 1144 Page size: 0x1000
22:16:26.0708 1144 Boot type: Normal boot
22:16:26.0708 1144 ============================================================
22:16:28.0158 1144 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:16:28.0158 1144 ============================================================
22:16:28.0158 1144 \Device\Harddisk0\DR0:
22:16:28.0158 1144 MBR partitions:
22:16:28.0158 1144 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542EA71
22:16:28.0158 1144 ============================================================
22:16:28.0188 1144 C: <-> \Device\Harddisk0\DR0\Partition1
22:16:28.0188 1144 ============================================================
22:16:28.0188 1144 Initialize success
22:16:28.0188 1144 ============================================================
22:16:29.0438 0592 ============================================================
22:16:29.0438 0592 Scan started
22:16:29.0438 0592 Mode: Manual;
22:16:29.0438 0592 ============================================================
22:16:32.0128 0592 ================ Scan system memory ========================
22:16:32.0128 0592 System memory - ok
22:16:32.0128 0592 ================ Scan services =============================
22:16:32.0338 0592 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:16:32.0338 0592 1394ohci - ok
22:16:32.0368 0592 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:16:32.0446 0592 ACPI - ok
22:16:32.0483 0592 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:16:32.0488 0592 AcpiPmi - ok
22:16:32.0610 0592 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:16:32.0620 0592 AdobeARMservice - ok
22:16:32.0710 0592 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:16:32.0710 0592 AdobeFlashPlayerUpdateSvc - ok
22:16:32.0770 0592 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:16:32.0780 0592 adp94xx - ok
22:16:32.0810 0592 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:16:32.0810 0592 adpahci - ok
22:16:32.0840 0592 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:16:32.0840 0592 adpu320 - ok
22:16:32.0860 0592 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:16:32.0870 0592 AeLookupSvc - ok
22:16:32.0910 0592 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
22:16:32.0920 0592 AFD - ok
22:16:32.0950 0592 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
22:16:32.0960 0592 agp440 - ok
22:16:32.0990 0592 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:16:32.0990 0592 aic78xx - ok
22:16:33.0050 0592 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
22:16:33.0050 0592 ALG - ok
22:16:33.0080 0592 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
22:16:33.0080 0592 aliide - ok
22:16:33.0110 0592 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:16:33.0110 0592 amdagp - ok
22:16:33.0130 0592 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
22:16:33.0130 0592 amdide - ok
22:16:33.0160 0592 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:16:33.0200 0592 AmdK8 - ok
22:16:33.0250 0592 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:16:33.0270 0592 AmdPPM - ok
22:16:33.0460 0592 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:16:33.0470 0592 amdsata - ok
22:16:33.0490 0592 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:16:33.0490 0592 amdsbs - ok
22:16:33.0520 0592 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:16:33.0520 0592 amdxata - ok
22:16:33.0570 0592 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
22:16:33.0570 0592 androidusb - ok
22:16:33.0600 0592 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
22:16:33.0600 0592 AppID - ok
22:16:33.0630 0592 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:16:33.0630 0592 AppIDSvc - ok
22:16:33.0650 0592 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
22:16:33.0650 0592 Appinfo - ok
22:16:33.0700 0592 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
22:16:33.0700 0592 AppMgmt - ok
22:16:33.0740 0592 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
22:16:33.0740 0592 arc - ok
22:16:33.0750 0592 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:16:33.0760 0592 arcsas - ok
22:16:33.0780 0592 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:16:33.0780 0592 AsyncMac - ok
22:16:33.0800 0592 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
22:16:33.0800 0592 atapi - ok
22:16:33.0940 0592 [ 3CB1063F32FDE3C95AB31B46126C7AE2 ] athr C:\Windows\system32\DRIVERS\athr.sys
22:16:34.0020 0592 athr - ok
22:16:34.0090 0592 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:16:34.0100 0592 AudioEndpointBuilder - ok
22:16:34.0120 0592 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:16:34.0130 0592 Audiosrv - ok
22:16:34.0200 0592 [ 0FE7773CD592DAE0CA994BA987F44E85 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6x.sys
22:16:34.0200 0592 Avgfwfd - ok
22:16:34.0340 0592 [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws C:\Program Files\AVG\AVG2013\avgfws.exe
22:16:34.0370 0592 avgfws - ok
22:16:34.0520 0592 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
22:16:34.0660 0592 AVGIDSAgent - ok
22:16:34.0710 0592 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
22:16:34.0720 0592 AVGIDSDriver - ok
22:16:34.0760 0592 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
22:16:34.0770 0592 AVGIDSHX - ok
22:16:34.0800 0592 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
22:16:34.0800 0592 AVGIDSShim - ok
22:16:34.0850 0592 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
22:16:34.0850 0592 Avgldx86 - ok
22:16:34.0900 0592 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
22:16:34.0900 0592 Avglogx - ok
22:16:34.0950 0592 [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
22:16:34.0950 0592 Avgmfx86 - ok
22:16:35.0000 0592 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
22:16:35.0010 0592 Avgrkx86 - ok
22:16:35.0050 0592 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
22:16:35.0050 0592 Avgtdix - ok
22:16:35.0090 0592 [ 34F335FEC0D7A7A4D329390B7C7B59B8 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
22:16:35.0090 0592 avgtp - ok
22:16:35.0120 0592 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
22:16:35.0130 0592 avgwd - ok
22:16:35.0160 0592 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:16:35.0160 0592 AxInstSV - ok
22:16:35.0210 0592 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
22:16:35.0210 0592 b06bdrv - ok
22:16:35.0240 0592 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
22:16:35.0240 0592 b57nd60x - ok
22:16:35.0290 0592 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
22:16:35.0290 0592 BDESVC - ok
22:16:35.0310 0592 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
22:16:35.0310 0592 Beep - ok
22:16:35.0350 0592 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
22:16:35.0360 0592 BFE - ok
22:16:35.0400 0592 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
22:16:35.0400 0592 BITS - ok
22:16:35.0420 0592 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:16:35.0420 0592 blbdrive - ok
22:16:35.0450 0592 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:16:35.0450 0592 bowser - ok
22:16:35.0490 0592 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:16:35.0490 0592 BrFiltLo - ok
22:16:35.0500 0592 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:16:35.0510 0592 BrFiltUp - ok
22:16:35.0560 0592 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:16:35.0560 0592 BridgeMP - ok
22:16:35.0610 0592 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
22:16:35.0610 0592 Browser - ok
22:16:35.0640 0592 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:16:35.0650 0592 Brserid - ok
22:16:35.0660 0592 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:16:35.0670 0592 BrSerWdm - ok
22:16:35.0690 0592 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:16:35.0690 0592 BrUsbMdm - ok
22:16:35.0700 0592 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:16:35.0700 0592 BrUsbSer - ok
22:16:35.0770 0592 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:16:35.0770 0592 BthEnum - ok
22:16:35.0780 0592 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:16:35.0790 0592 BTHMODEM - ok
22:16:35.0810 0592 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:16:35.0810 0592 BthPan - ok
22:16:35.0860 0592 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:16:35.0860 0592 BTHPORT - ok
22:16:35.0900 0592 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
22:16:35.0900 0592 bthserv - ok
22:16:35.0940 0592 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:16:35.0950 0592 BTHUSB - ok
22:16:35.0990 0592 [ 7E826BE3B3558208D5C9B00034E51BE5 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:16:35.0990 0592 btwaudio - ok
22:16:36.0020 0592 [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
22:16:36.0030 0592 btwavdt - ok
22:16:36.0090 0592 [ 0E3EE2BC0EC56BFE869FCDE3E5806684 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:16:36.0100 0592 btwdins - ok
22:16:36.0120 0592 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:16:36.0120 0592 btwl2cap - ok
22:16:36.0160 0592 [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:16:36.0170 0592 btwrchid - ok
22:16:36.0250 0592 catchme - ok
22:16:36.0300 0592 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:16:36.0300 0592 cdfs - ok
22:16:36.0340 0592 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:16:36.0340 0592 cdrom - ok
22:16:36.0380 0592 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
22:16:36.0390 0592 CertPropSvc - ok
22:16:36.0400 0592 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
22:16:36.0400 0592 circlass - ok
22:16:36.0430 0592 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
22:16:36.0440 0592 CLFS - ok
22:16:36.0490 0592 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:16:36.0520 0592 clr_optimization_v2.0.50727_32 - ok
22:16:36.0590 0592 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:16:36.0590 0592 clr_optimization_v4.0.30319_32 - ok
22:16:36.0610 0592 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:16:36.0610 0592 CmBatt - ok
22:16:36.0630 0592 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:16:36.0630 0592 cmdide - ok
22:16:36.0670 0592 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
22:16:36.0680 0592 CNG - ok
22:16:36.0720 0592 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:16:36.0720 0592 Compbatt - ok
22:16:36.0740 0592 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:16:36.0740 0592 CompositeBus - ok
22:16:36.0750 0592 COMSysApp - ok
22:16:36.0780 0592 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:16:36.0780 0592 crcdisk - ok
22:16:36.0830 0592 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:16:36.0840 0592 CryptSvc - ok
22:16:36.0880 0592 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
22:16:36.0890 0592 CSC - ok
22:16:36.0910 0592 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
22:16:36.0920 0592 CscService - ok
22:16:36.0970 0592 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
22:16:36.0970 0592 DcomLaunch - ok
22:16:37.0000 0592 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
22:16:37.0000 0592 defragsvc - ok
22:16:37.0030 0592 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:16:37.0030 0592 DfsC - ok
22:16:37.0070 0592 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:16:37.0080 0592 Dhcp - ok
22:16:37.0110 0592 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
22:16:37.0120 0592 discache - ok
22:16:37.0150 0592 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
22:16:37.0150 0592 Disk - ok
22:16:37.0190 0592 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
22:16:37.0190 0592 dmvsc - ok
22:16:37.0220 0592 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:16:37.0220 0592 Dnscache - ok
22:16:37.0240 0592 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
22:16:37.0250 0592 dot3svc - ok
22:16:37.0390 0592 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
22:16:37.0390 0592 DPS - ok
22:16:37.0430 0592 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:16:37.0440 0592 drmkaud - ok
22:16:37.0490 0592 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:16:37.0490 0592 dtsoftbus01 - ok
22:16:37.0540 0592 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:16:37.0560 0592 DXGKrnl - ok
22:16:37.0590 0592 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
22:16:37.0590 0592 EapHost - ok
22:16:37.0690 0592 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
22:16:37.0770 0592 ebdrv - ok
22:16:37.0810 0592 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
22:16:37.0810 0592 EFS - ok
22:16:37.0880 0592 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:16:37.0890 0592 ehRecvr - ok
22:16:37.0910 0592 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
22:16:37.0910 0592 ehSched - ok
22:16:37.0960 0592 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:16:37.0970 0592 elxstor - ok
22:16:37.0980 0592 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:16:37.0980 0592 ErrDev - ok
22:16:38.0040 0592 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
22:16:38.0040 0592 EventSystem - ok
22:16:38.0060 0592 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
22:16:38.0070 0592 exfat - ok
22:16:38.0090 0592 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:16:38.0090 0592 fastfat - ok
22:16:38.0150 0592 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
22:16:38.0160 0592 Fax - ok
22:16:38.0170 0592 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
22:16:38.0180 0592 fdc - ok
22:16:38.0210 0592 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
22:16:38.0210 0592 fdPHost - ok
22:16:38.0220 0592 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
22:16:38.0230 0592 FDResPub - ok
22:16:38.0270 0592 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:16:38.0270 0592 FileInfo - ok
22:16:38.0280 0592 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:16:38.0290 0592 Filetrace - ok
22:16:38.0300 0592 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:16:38.0300 0592 flpydisk - ok
22:16:38.0330 0592 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:16:38.0330 0592 FltMgr - ok
22:16:38.0390 0592 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
22:16:38.0400 0592 FontCache - ok
22:16:38.0470 0592 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:16:38.0530 0592 FontCache3.0.0.0 - ok
22:16:38.0590 0592 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:16:38.0600 0592 FsDepends - ok
22:16:38.0640 0592 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:16:38.0680 0592 Fs_Rec - ok
22:16:38.0740 0592 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:16:38.0740 0592 fvevol - ok
22:16:38.0760 0592 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:16:38.0760 0592 gagp30kx - ok
22:16:38.0800 0592 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
22:16:38.0810 0592 gpsvc - ok
22:16:38.0830 0592 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:16:38.0830 0592 hcw85cir - ok
22:16:38.0890 0592 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:16:38.0890 0592 HdAudAddService - ok
22:16:38.0920 0592 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:16:38.0920 0592 HDAudBus - ok
22:16:38.0940 0592 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:16:38.0940 0592 HidBatt - ok
22:16:38.0980 0592 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:16:38.0980 0592 HidBth - ok
22:16:39.0010 0592 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:16:39.0020 0592 HidIr - ok
22:16:39.0040 0592 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
22:16:39.0040 0592 hidserv - ok
22:16:39.0060 0592 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:16:39.0060 0592 HidUsb - ok
22:16:39.0080 0592 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:16:39.0080 0592 hkmsvc - ok
22:16:39.0100 0592 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:16:39.0100 0592 HomeGroupListener - ok
22:16:39.0130 0592 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:16:39.0140 0592 HomeGroupProvider - ok
22:16:39.0170 0592 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:16:39.0170 0592 HpSAMD - ok
22:16:39.0230 0592 [ 53229DCF431D76434816CD29251168A0 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
22:16:39.0260 0592 HSF_DPV - ok
22:16:39.0300 0592 [ E1E8005C35F97A39C1672EDD24B03587 ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
22:16:39.0300 0592 HssDRV6 - ok
22:16:39.0320 0592 [ 31F949D452201F2F0AF0C88D7DB512CD ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
22:16:39.0320 0592 HSXHWAZL - ok
22:16:39.0360 0592 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:16:39.0370 0592 HTTP - ok
22:16:39.0380 0592 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:16:39.0380 0592 hwpolicy - ok
22:16:39.0400 0592 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:16:39.0410 0592 i8042prt - ok
22:16:39.0450 0592 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:16:39.0460 0592 iaStorV - ok
22:16:39.0530 0592 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:16:39.0550 0592 idsvc - ok
22:16:39.0750 0592 [ 36CC40B02AE593D6152AC8BD657720AF ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
22:16:39.0900 0592 igfx - ok
22:16:39.0940 0592 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:16:39.0940 0592 iirsp - ok
22:16:40.0110 0592 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
22:16:40.0130 0592 IKEEXT - ok
22:16:40.0280 0592 [ 345AC48D17F5C2F2AA1EE50D34C3978B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:16:40.0370 0592 IntcAzAudAddService - ok
22:16:40.0430 0592 [ 81486F0EB4238B65C317F97DE246C4AC ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
22:16:40.0440 0592 IntcHdmiAddService - ok
22:16:40.0450 0592 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
22:16:40.0450 0592 intelide - ok
22:16:40.0490 0592 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:16:40.0500 0592 intelppm - ok
22:16:40.0530 0592 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:16:40.0530 0592 IPBusEnum - ok
22:16:40.0560 0592 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:16:40.0560 0592 IpFilterDriver - ok
22:16:40.0620 0592 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:16:40.0630 0592 iphlpsvc - ok
22:16:40.0670 0592 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:16:40.0680 0592 IPMIDRV - ok
22:16:40.0700 0592 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:16:40.0700 0592 IPNAT - ok
22:16:40.0730 0592 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:16:40.0730 0592 IRENUM - ok
22:16:40.0740 0592 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:16:40.0750 0592 isapnp - ok
22:16:40.0770 0592 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:16:40.0770 0592 iScsiPrt - ok
22:16:40.0810 0592 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:16:40.0810 0592 kbdclass - ok
22:16:40.0830 0592 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:16:40.0830 0592 kbdhid - ok
22:16:40.0860 0592 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
22:16:40.0860 0592 KeyIso - ok
22:16:40.0890 0592 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:16:40.0900 0592 KSecDD - ok
22:16:40.0930 0592 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:16:40.0930 0592 KSecPkg - ok
22:16:40.0980 0592 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
22:16:40.0980 0592 KtmRm - ok
22:16:41.0030 0592 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
22:16:41.0030 0592 LanmanServer - ok
22:16:41.0070 0592 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:16:41.0070 0592 LanmanWorkstation - ok
22:16:41.0130 0592 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:16:41.0140 0592 lltdio - ok
22:16:41.0170 0592 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:16:41.0180 0592 lltdsvc - ok
22:16:41.0200 0592 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
22:16:41.0210 0592 lmhosts - ok
22:16:41.0250 0592 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:16:41.0250 0592 LSI_FC - ok
22:16:41.0300 0592 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:16:41.0300 0592 LSI_SAS - ok
22:16:41.0320 0592 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:16:41.0320 0592 LSI_SAS2 - ok
22:16:41.0330 0592 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:16:41.0340 0592 LSI_SCSI - ok
22:16:41.0360 0592 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
22:16:41.0360 0592 luafv - ok
22:16:41.0410 0592 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:16:41.0410 0592 MBAMProtector - ok
22:16:41.0470 0592 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:16:41.0480 0592 MBAMScheduler - ok
22:16:41.0510 0592 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:16:41.0530 0592 MBAMService - ok
22:16:41.0550 0592 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:16:41.0560 0592 Mcx2Svc - ok
22:16:41.0600 0592 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:16:41.0600 0592 mdmxsdk - ok
22:16:41.0640 0592 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
22:16:41.0650 0592 megasas - ok
22:16:41.0730 0592 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:16:41.0740 0592 MegaSR - ok
22:16:41.0760 0592 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
22:16:41.0770 0592 MMCSS - ok
22:16:41.0780 0592 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
22:16:41.0780 0592 Modem - ok
22:16:41.0810 0592 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:16:41.0810 0592 monitor - ok
22:16:41.0840 0592 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:16:41.0840 0592 mouclass - ok
22:16:41.0860 0592 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:16:41.0860 0592 mouhid - ok
22:16:41.0880 0592 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:16:41.0890 0592 mountmgr - ok
22:16:41.0970 0592 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:16:41.0970 0592 MozillaMaintenance - ok
22:16:42.0008 0592 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
22:16:42.0013 0592 mpio - ok
22:16:42.0062 0592 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:16:42.0072 0592 mpsdrv - ok
22:16:42.0112 0592 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:16:42.0122 0592 MpsSvc - ok
22:16:42.0132 0592 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:16:42.0142 0592 MRxDAV - ok
22:16:42.0172 0592 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:16:42.0182 0592 mrxsmb - ok
22:16:42.0212 0592 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:16:42.0212 0592 mrxsmb10 - ok
22:16:42.0232 0592 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:16:42.0242 0592 mrxsmb20 - ok
22:16:42.0262 0592 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
22:16:42.0262 0592 msahci - ok
22:16:42.0292 0592 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:16:42.0292 0592 msdsm - ok
22:16:42.0312 0592 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
22:16:42.0322 0592 MSDTC - ok
22:16:42.0372 0592 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:16:42.0382 0592 Msfs - ok
22:16:42.0392 0592 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:16:42.0392 0592 mshidkmdf - ok
22:16:42.0412 0592 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:16:42.0412 0592 msisadrv - ok
22:16:42.0462 0592 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:16:42.0462 0592 MSiSCSI - ok
22:16:42.0472 0592 msiserver - ok
22:16:42.0502 0592 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:16:42.0502 0592 MSKSSRV - ok
22:16:42.0542 0592 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:16:42.0542 0592 MSPCLOCK - ok
22:16:42.0562 0592 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:16:42.0562 0592 MSPQM - ok
22:16:42.0582 0592 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:16:42.0592 0592 MsRPC - ok
22:16:42.0602 0592 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:16:42.0612 0592 mssmbios - ok
22:16:42.0622 0592 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:16:42.0632 0592 MSTEE - ok
22:16:42.0652 0592 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:16:42.0652 0592 MTConfig - ok
22:16:42.0662 0592 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
22:16:42.0672 0592 Mup - ok
22:16:42.0754 0592 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
22:16:42.0774 0592 napagent - ok
22:16:42.0824 0592 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:16:42.0834 0592 NativeWifiP - ok
22:16:42.0894 0592 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:16:42.0904 0592 NDIS - ok
22:16:42.0946 0592 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:16:42.0950 0592 NdisCap - ok
22:16:42.0986 0592 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:16:42.0996 0592 NdisTapi - ok
22:16:43.0026 0592 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:16:43.0026 0592 Ndisuio - ok
22:16:43.0054 0592 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:16:43.0061 0592 NdisWan - ok
22:16:43.0088 0592 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:16:43.0095 0592 NDProxy - ok
22:16:43.0131 0592 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:16:43.0135 0592 NetBIOS - ok
22:16:43.0164 0592 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:16:43.0170 0592 NetBT - ok
22:16:43.0206 0592 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
22:16:43.0212 0592 Netlogon - ok
22:16:43.0278 0592 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
22:16:43.0278 0592 Netman - ok
22:16:43.0329 0592 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
22:16:43.0338 0592 netprofm - ok
22:16:43.0383 0592 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:16:43.0388 0592 NetTcpPortSharing - ok
22:16:43.0442 0592 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:16:43.0452 0592 nfrd960 - ok
22:16:43.0504 0592 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
22:16:43.0514 0592 NlaSvc - ok
22:16:43.0544 0592 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:16:43.0544 0592 Npfs - ok
22:16:43.0578 0592 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
22:16:43.0582 0592 nsi - ok
22:16:43.0606 0592 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:16:43.0606 0592 nsiproxy - ok
22:16:43.0686 0592 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:16:43.0739 0592 Ntfs - ok
22:16:43.0784 0592 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
22:16:43.0787 0592 Null - ok
22:16:43.0818 0592 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:16:43.0828 0592 nvraid - ok
22:16:43.0882 0592 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:16:43.0888 0592 nvstor - ok
22:16:43.0910 0592 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:16:43.0920 0592 nv_agp - ok
22:16:44.0001 0592 [ D955D5DE998DB2476BF0892BE3A96C26 ] o2flash C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
22:16:44.0004 0592 o2flash - ok
22:16:44.0052 0592 [ 78575368974962042472F18B24D3CF28 ] O2MDRDR C:\Windows\system32\DRIVERS\o2media.sys
22:16:44.0052 0592 O2MDRDR - ok
22:16:44.0092 0592 [ B6DBDA8C79DC4333AD9B0C15067B8247 ] O2SDRDR C:\Windows\system32\DRIVERS\o2sd.sys
22:16:44.0092 0592 O2SDRDR - ok
22:16:44.0184 0592 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:16:44.0214 0592 odserv - ok
22:16:44.0296 0592 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:16:44.0306 0592 ohci1394 - ok
22:16:44.0356 0592 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:16:44.0356 0592 ose - ok
22:16:44.0396 0592 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:16:44.0406 0592 p2pimsvc - ok
22:16:44.0436 0592 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
22:16:44.0457 0592 p2psvc - ok
22:16:44.0508 0592 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
22:16:44.0508 0592 Parport - ok
22:16:44.0558 0592 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:16:44.0578 0592 partmgr - ok
22:16:44.0598 0592 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:16:44.0598 0592 Parvdm - ok
22:16:44.0628 0592 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:16:44.0628 0592 PcaSvc - ok
22:16:44.0648 0592 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
22:16:44.0658 0592 pci - ok
22:16:44.0668 0592 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
22:16:44.0668 0592 pciide - ok
22:16:44.0698 0592 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:16:44.0698 0592 pcmcia - ok
22:16:44.0718 0592 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
22:16:44.0718 0592 pcw - ok
22:16:44.0758 0592 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:16:44.0768 0592 PEAUTH - ok
22:16:44.0828 0592 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:16:44.0868 0592 PeerDistSvc - ok
22:16:44.0948 0592 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
22:16:44.0988 0592 pla - ok
22:16:45.0048 0592 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:16:45.0048 0592 PlugPlay - ok
22:16:45.0068 0592 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:16:45.0068 0592 PNRPAutoReg - ok
22:16:45.0098 0592 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:16:45.0098 0592 PNRPsvc - ok
22:16:45.0128 0592 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:16:45.0138 0592 PolicyAgent - ok
22:16:45.0168 0592 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
22:16:45.0178 0592 Power - ok
22:16:45.0208 0592 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:16:45.0208 0592 PptpMiniport - ok
22:16:45.0228 0592 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
22:16:45.0228 0592 Processor - ok
22:16:45.0278 0592 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
22:16:45.0278 0592 ProfSvc - ok
22:16:45.0298 0592 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:16:45.0308 0592 ProtectedStorage - ok
22:16:45.0338 0592 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:16:45.0338 0592 Psched - ok
22:16:45.0408 0592 [ B572ED0C3E6165643FA116AF20425A54 ] PxHelp20 C:\Windows\system32\DRIVERS\PxHelp20.sys
22:16:45.0448 0592 PxHelp20 - ok
22:16:45.0538 0592 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:16:45.0568 0592 ql2300 - ok
22:16:45.0588 0592 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:16:45.0588 0592 ql40xx - ok
22:16:45.0628 0592 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
22:16:45.0628 0592 QWAVE - ok
22:16:45.0648 0592 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:16:45.0648 0592 QWAVEdrv - ok
22:16:45.0678 0592 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:16:45.0688 0592 RasAcd - ok
22:16:45.0728 0592 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:16:45.0728 0592 RasAgileVpn - ok
22:16:45.0768 0592 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
22:16:45.0768 0592 RasAuto - ok
22:16:45.0788 0592 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:16:45.0788 0592 Rasl2tp - ok
22:16:45.0838 0592 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
22:16:45.0838 0592 RasMan - ok
22:16:45.0858 0592 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:16:45.0858 0592 RasPppoe - ok
22:16:45.0888 0592 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:16:45.0898 0592 RasSstp - ok
22:16:45.0918 0592 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:16:45.0928 0592 rdbss - ok
22:16:45.0938 0592 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:16:45.0938 0592 rdpbus - ok
22:16:45.0958 0592 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:16:45.0958 0592 RDPCDD - ok
22:16:45.0998 0592 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:16:45.0998 0592 RDPDR - ok
22:16:46.0028 0592 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:16:46.0038 0592 RDPENCDD - ok
22:16:46.0058 0592 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:16:46.0058 0592 RDPREFMP - ok
22:16:46.0128 0592 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:16:46.0128 0592 RdpVideoMiniport - ok
22:16:46.0178 0592 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:16:46.0188 0592 RDPWD - ok
22:16:46.0228 0592 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:16:46.0228 0592 rdyboost - ok
22:16:46.0248 0592 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
22:16:46.0258 0592 RemoteAccess - ok
22:16:46.0288 0592 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:16:46.0298 0592 RemoteRegistry - ok
22:16:46.0338 0592 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:16:46.0338 0592 RFCOMM - ok
22:16:46.0448 0592 [ 41DDCF1ADD1FB7DE23DCF671740DDBE6 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
22:16:46.0448 0592 RichVideo - ok
22:16:46.0488 0592 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:16:46.0498 0592 RpcEptMapper - ok
22:16:46.0518 0592 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
22:16:46.0518 0592 RpcLocator - ok
22:16:46.0548 0592 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
22:16:46.0548 0592 RpcSs - ok
22:16:46.0598 0592 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:16:46.0598 0592 rspndr - ok
22:16:46.0638 0592 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:16:46.0638 0592 s3cap - ok
22:16:46.0648 0592 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
22:16:46.0648 0592 SamSs - ok
22:16:46.0678 0592 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:16:46.0678 0592 sbp2port - ok
22:16:46.0708 0592 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:16:46.0718 0592 SCardSvr - ok
22:16:46.0728 0592 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:16:46.0728 0592 scfilter - ok
22:16:46.0768 0592 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
22:16:46.0778 0592 Schedule - ok
22:16:46.0798 0592 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:16:46.0798 0592 SCPolicySvc - ok
22:16:46.0868 0592 [ B60E9769655DDEE8368E3ABB6668E076 ] ScrybeUpdater C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
22:16:46.0908 0592 ScrybeUpdater - ok
22:16:46.0948 0592 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:16:46.0948 0592 sdbus - ok
22:16:46.0978 0592 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:16:46.0988 0592 SDRSVC - ok
22:16:47.0038 0592 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:16:47.0038 0592 secdrv - ok
22:16:47.0048 0592 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
22:16:47.0058 0592 seclogon - ok
22:16:47.0088 0592 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
22:16:47.0088 0592 SENS - ok
22:16:47.0118 0592 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:16:47.0128 0592 SensrSvc - ok
22:16:47.0158 0592 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:16:47.0158 0592 Serenum - ok
22:16:47.0188 0592 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
22:16:47.0188 0592 Serial - ok
22:16:47.0198 0592 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:16:47.0198 0592 sermouse - ok
22:16:47.0248 0592 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
22:16:47.0248 0592 SessionEnv - ok
22:16:47.0258 0592 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:16:47.0268 0592 sffdisk - ok
22:16:47.0288 0592 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:16:47.0288 0592 sffp_mmc - ok
22:16:47.0308 0592 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:16:47.0308 0592 sffp_sd - ok
22:16:47.0328 0592 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:16:47.0328 0592 sfloppy - ok
22:16:47.0368 0592 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:16:47.0378 0592 SharedAccess - ok
22:16:47.0408 0592 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:16:47.0408 0592 ShellHWDetection - ok
22:16:47.0438 0592 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:16:47.0438 0592 sisagp - ok
22:16:47.0478 0592 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:16:47.0478 0592 SiSRaid2 - ok
22:16:47.0498 0592 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:16:47.0498 0592 SiSRaid4 - ok
22:16:47.0598 0592 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:16:47.0598 0592 SkypeUpdate - ok
22:16:47.0628 0592 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:16:47.0628 0592 Smb - ok
22:16:47.0658 0592 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:16:47.0668 0592 SNMPTRAP - ok
22:16:47.0678 0592 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
22:16:47.0688 0592 spldr - ok
22:16:47.0728 0592 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
22:16:47.0738 0592 Spooler - ok
22:16:47.0828 0592 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
22:16:47.0908 0592 sppsvc - ok
22:16:47.0928 0592 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:16:47.0938 0592 sppuinotify - ok
22:16:48.0028 0592 [ AB5C8F6E63674DBAD9C1E449E8FD77CE ] sptd C:\Windows\System32\Drivers\sptd.sys
22:16:48.0038 0592 sptd - ok
22:16:48.0078 0592 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:16:48.0088 0592 srv - ok
22:16:48.0108 0592 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:16:48.0118 0592 srv2 - ok
22:16:48.0168 0592 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:16:48.0178 0592 SrvHsfHDA - ok
22:16:48.0228 0592 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:16:48.0258 0592 SrvHsfV92 - ok
22:16:48.0298 0592 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:16:48.0308 0592 SrvHsfWinac - ok
22:16:48.0358 0592 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:16:48.0358 0592 srvnet - ok
22:16:48.0398 0592 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
22:16:48.0408 0592 ssadbus - ok
22:16:48.0438 0592 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:16:48.0438 0592 ssadmdfl - ok
22:16:48.0468 0592 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
22:16:48.0478 0592 ssadmdm - ok
22:16:48.0488 0592 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
22:16:48.0498 0592 ssadserd - ok
22:16:48.0558 0592 [ 069351A1D7D291013177A90AE6EDCCBC ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
22:16:48.0568 0592 sscdbus - ok
22:16:48.0598 0592 [ 1C925BE223A5C0F9F469252292A48DF6 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
22:16:48.0598 0592 sscdmdfl - ok
22:16:48.0638 0592 [ AE3E77AE0FBDB07EB1AC3FED74A0695E ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
22:16:48.0638 0592 sscdmdm - ok
22:16:48.0678 0592 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:16:48.0688 0592 SSDPSRV - ok
22:16:48.0708 0592 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:16:48.0708 0592 SstpSvc - ok
22:16:48.0738 0592 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:16:48.0748 0592 stexstor - ok
22:16:48.0778 0592 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
22:16:48.0788 0592 StiSvc - ok
22:16:48.0818 0592 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:16:48.0818 0592 storflt - ok
22:16:48.0858 0592 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
22:16:48.0858 0592 StorSvc - ok
22:16:48.0888 0592 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:16:48.0888 0592 storvsc - ok
22:16:48.0918 0592 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:16:48.0918 0592 swenum - ok
22:16:48.0958 0592 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
22:16:48.0968 0592 swprv - ok
22:16:49.0058 0592 [ 2185CC5BE9922562108CF87F42E4BBAF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:16:49.0088 0592 SynTP - ok
22:16:49.0128 0592 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
22:16:49.0158 0592 SysMain - ok
22:16:49.0178 0592 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:16:49.0188 0592 TabletInputService - ok
22:16:49.0238 0592 [ 3A710AB5FD0F7F32CC3F65067FB27B12 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
22:16:49.0238 0592 taphss6 - ok
22:16:49.0278 0592 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
22:16:49.0278 0592 TapiSrv - ok
22:16:49.0298 0592 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
22:16:49.0298 0592 TBS - ok
22:16:49.0358 0592 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:16:49.0388 0592 Tcpip - ok
22:16:49.0418 0592 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:16:49.0438 0592 TCPIP6 - ok
22:16:49.0478 0592 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:16:49.0478 0592 tcpipreg - ok
22:16:49.0518 0592 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:16:49.0518 0592 TDPIPE - ok
22:16:49.0548 0592 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:16:49.0558 0592 TDTCP - ok
22:16:49.0578 0592 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:16:49.0578 0592 tdx - ok
22:16:49.0588 0592 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:16:49.0598 0592 TermDD - ok
22:16:49.0638 0592 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
22:16:49.0648 0592 TermService - ok
22:16:49.0668 0592 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
22:16:49.0668 0592 Themes - ok
22:16:49.0688 0592 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
22:16:49.0688 0592 THREADORDER - ok
22:16:49.0708 0592 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
22:16:49.0718 0592 TrkWks - ok
22:16:49.0778 0592 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:16:49.0788 0592 TrustedInstaller - ok
22:16:49.0808 0592 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:16:49.0808 0592 tssecsrv - ok
22:16:49.0838 0592 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:16:49.0848 0592 TsUsbFlt - ok
22:16:49.0878 0592 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:16:49.0878 0592 TsUsbGD - ok
22:16:49.0928 0592 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:16:49.0928 0592 tunnel - ok
22:16:49.0948 0592 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:16:49.0948 0592 uagp35 - ok
22:16:49.0978 0592 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:16:49.0988 0592 udfs - ok
22:16:50.0038 0592 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:16:50.0038 0592 UI0Detect - ok
22:16:50.0058 0592 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:16:50.0068 0592 uliagpkx - ok
22:16:50.0088 0592 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:16:50.0088 0592 umbus - ok
22:16:50.0118 0592 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
22:16:50.0118 0592 UmPass - ok
22:16:50.0168 0592 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
22:16:50.0168 0592 UmRdpService - ok
22:16:50.0198 0592 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
22:16:50.0198 0592 upnphost - ok
22:16:50.0238 0592 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:16:50.0248 0592 usbccgp - ok
22:16:50.0278 0592 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:16:50.0288 0592 usbcir - ok
22:16:50.0328 0592 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:16:50.0328 0592 usbehci - ok
22:16:50.0358 0592 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:16:50.0358 0592 usbhub - ok
22:16:50.0378 0592 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:16:50.0388 0592 usbohci - ok
22:16:50.0428 0592 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:16:50.0428 0592 usbprint - ok
22:16:50.0468 0592 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:16:50.0468 0592 USBSTOR - ok
22:16:50.0488 0592 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:16:50.0488 0592 usbuhci - ok
22:16:50.0538 0592 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:16:50.0538 0592 usbvideo - ok
22:16:50.0568 0592 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
22:16:50.0568 0592 UxSms - ok
22:16:50.0578 0592 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
22:16:50.0578 0592 VaultSvc - ok
22:16:50.0628 0592 [ 226CD9E42BE28A84EC56430FBB57224F ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:16:50.0628 0592 VBoxNetAdp - ok
22:16:50.0638 0592 VBoxNetFlt - ok
22:16:50.0678 0592 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:16:50.0688 0592 vdrvroot - ok
22:16:50.0718 0592 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
22:16:50.0728 0592 vds - ok
22:16:50.0758 0592 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:16:50.0758 0592 vga - ok
22:16:50.0778 0592 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:16:50.0778 0592 VgaSave - ok
22:16:50.0788 0592 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:16:50.0798 0592 vhdmp - ok
22:16:50.0838 0592 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:16:50.0838 0592 viaagp - ok
22:16:50.0848 0592 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:16:50.0858 0592 ViaC7 - ok
22:16:50.0878 0592 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
22:16:50.0878 0592 viaide - ok
22:16:50.0908 0592 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:16:50.0918 0592 vmbus - ok
22:16:50.0938 0592 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:16:50.0938 0592 VMBusHID - ok
22:16:50.0968 0592 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:16:50.0968 0592 volmgr - ok
22:16:50.0998 0592 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:16:50.0998 0592 volmgrx - ok
22:16:51.0018 0592 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:16:51.0028 0592 volsnap - ok
22:16:51.0058 0592 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:16:51.0058 0592 vsmraid - ok
22:16:51.0118 0592 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
22:16:51.0148 0592 VSS - ok
22:16:51.0238 0592 [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
22:16:51.0258 0592 vToolbarUpdater13.2.0 - ok
22:16:51.0288 0592 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:16:51.0298 0592 vwifibus - ok
22:16:51.0328 0592 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:16:51.0338 0592 vwififlt - ok
22:16:51.0378 0592 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:16:51.0378 0592 vwifimp - ok
22:16:51.0408 0592 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
22:16:51.0408 0592 W32Time - ok
22:16:51.0438 0592 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:16:51.0438 0592 WacomPen - ok
22:16:51.0578 0592 [ 5D81DFEDC21830764B02F12415AFAE2B ] wampapache c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
22:16:51.0588 0592 wampapache - ok
22:16:51.0668 0592 wampmysqld - ok
22:16:51.0698 0592 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:16:51.0698 0592 WANARP - ok
22:16:51.0708 0592 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:16:51.0708 0592 Wanarpv6 - ok
22:16:51.0798 0592 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:16:51.0828 0592 WatAdminSvc - ok
22:16:51.0898 0592 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
22:16:51.0928 0592 wbengine - ok
22:16:51.0958 0592 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:16:51.0968 0592 WbioSrvc - ok
22:16:51.0998 0592 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:16:52.0008 0592 wcncsvc - ok
22:16:52.0018 0592 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:16:52.0028 0592 WcsPlugInService - ok
22:16:52.0058 0592 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
22:16:52.0068 0592 Wd - ok
22:16:52.0118 0592 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:16:52.0118 0592 Wdf01000 - ok
22:16:52.0148 0592 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:16:52.0148 0592 WdiServiceHost - ok
22:16:52.0158 0592 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:16:52.0158 0592 WdiSystemHost - ok
22:16:52.0188 0592 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
22:16:52.0198 0592 WebClient - ok
22:16:52.0218 0592 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:16:52.0228 0592 Wecsvc - ok
22:16:52.0238 0592 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:16:52.0248 0592 wercplsupport - ok
22:16:52.0278 0592 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
22:16:52.0278 0592 WerSvc - ok
22:16:52.0298 0592 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:16:52.0308 0592 WfpLwf - ok
22:16:52.0328 0592 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:16:52.0328 0592 WIMMount - ok
22:16:52.0388 0592 [ 6D2350BB6E77E800FC4BE4E5B7A2E89A ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:16:52.0398 0592 winachsf - ok
22:16:52.0488 0592 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:16:52.0498 0592 WinDefend - ok
22:16:52.0508 0592 WinHttpAutoProxySvc - ok
22:16:52.0568 0592 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:16:52.0578 0592 Winmgmt - ok
22:16:52.0668 0592 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Program Files\BatteryCare\WinRing0.sys
22:16:52.0668 0592 WinRing0_1_2_0 - ok
22:16:52.0728 0592 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
22:16:52.0758 0592 WinRM - ok
22:16:52.0838 0592 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:16:52.0838 0592 WinUsb - ok
22:16:52.0878 0592 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:16:52.0918 0592 Wlansvc - ok
22:16:53.0018 0592 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:16:53.0068 0592 wlidsvc - ok
22:16:53.0088 0592 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:16:53.0088 0592 WmiAcpi - ok
22:16:53.0128 0592 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:16:53.0128 0592 wmiApSrv - ok
22:16:53.0228 0592 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:16:53.0268 0592 WMPNetworkSvc - ok
22:16:53.0298 0592 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:16:53.0298 0592 WPCSvc - ok
22:16:53.0328 0592 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:16:53.0328 0592 WPDBusEnum - ok
22:16:53.0368 0592 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:16:53.0368 0592 ws2ifsl - ok
22:16:53.0388 0592 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
22:16:53.0388 0592 wscsvc - ok
22:16:53.0398 0592 WSearch - ok
22:16:53.0490 0592 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:16:53.0550 0592 wuauserv - ok
22:16:53.0590 0592 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:16:53.0590 0592 WudfPf - ok
22:16:53.0630 0592 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:16:53.0630 0592 WUDFRd - ok
22:16:53.0670 0592 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:16:53.0670 0592 wudfsvc - ok
22:16:53.0710 0592 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:16:53.0720 0592 WwanSvc - ok
22:16:53.0750 0592 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
22:16:53.0750 0592 XAudio - ok
22:16:53.0780 0592 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
22:16:53.0780 0592 XAudioService - ok
22:16:53.0840 0592 ================ Scan global ===============================
22:16:53.0860 0592 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
22:16:53.0900 0592 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
22:16:53.0920 0592 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
22:16:53.0940 0592 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
22:16:53.0990 0592 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
22:16:53.0990 0592 [Global] - ok
22:16:53.0990 0592 ================ Scan MBR ==================================
22:16:54.0010 0592 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:16:54.0210 0592 \Device\Harddisk0\DR0 - ok
22:16:54.0210 0592 ================ Scan VBR ==================================
22:16:54.0210 0592 [ 1FDDF349744370F49FC417E15F670D0B ] \Device\Harddisk0\DR0\Partition1
22:16:54.0220 0592 \Device\Harddisk0\DR0\Partition1 - ok
22:16:54.0220 0592 ============================================================
22:16:54.0220 0592 Scan finished
22:16:54.0220 0592 ============================================================
22:16:54.0250 5656 Detected object count: 0
22:16:54.0250 5656 Actual detected object count: 0
22:17:56.0710 3928 ============================================================
22:17:56.0710 3928 Scan started
22:17:56.0710 3928 Mode: Manual;
22:17:56.0710 3928 ============================================================
22:17:58.0290 3928 ================ Scan system memory ========================
22:17:58.0290 3928 System memory - ok
22:17:58.0290 3928 ================ Scan services =============================
22:17:58.0572 3928 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:17:58.0572 3928 1394ohci - ok
22:17:58.0602 3928 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:17:58.0602 3928 ACPI - ok
22:17:58.0622 3928 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:17:58.0622 3928 AcpiPmi - ok
22:17:58.0722 3928 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:17:58.0722 3928 AdobeARMservice - ok
22:17:58.0792 3928 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:17:58.0802 3928 AdobeFlashPlayerUpdateSvc - ok
22:17:58.0832 3928 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:17:58.0842 3928 adp94xx - ok
22:17:58.0872 3928 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:17:58.0872 3928 adpahci - ok
22:17:58.0912 3928 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:17:58.0912 3928 adpu320 - ok
22:17:58.0942 3928 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:17:58.0942 3928 AeLookupSvc - ok
22:17:58.0992 3928 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
22:17:58.0992 3928 AFD - ok
22:17:59.0022 3928 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
22:17:59.0022 3928 agp440 - ok
22:17:59.0042 3928 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:17:59.0042 3928 aic78xx - ok
22:17:59.0062 3928 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
22:17:59.0062 3928 ALG - ok
22:17:59.0082 3928 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
22:17:59.0082 3928 aliide - ok
22:17:59.0112 3928 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:17:59.0112 3928 amdagp - ok
22:17:59.0122 3928 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
22:17:59.0122 3928 amdide - ok
22:17:59.0177 3928 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:17:59.0178 3928 AmdK8 - ok
22:17:59.0201 3928 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:17:59.0202 3928 AmdPPM - ok
22:17:59.0234 3928 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:17:59.0234 3928 amdsata - ok
22:17:59.0254 3928 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:17:59.0254 3928 amdsbs - ok
22:17:59.0274 3928 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:17:59.0274 3928 amdxata - ok
22:17:59.0364 3928 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
22:17:59.0374 3928 androidusb - ok
22:17:59.0434 3928 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
22:17:59.0434 3928 AppID - ok
22:17:59.0524 3928 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:17:59.0524 3928 AppIDSvc - ok
22:17:59.0574 3928 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
22:17:59.0574 3928 Appinfo - ok
22:17:59.0644 3928 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
22:17:59.0644 3928 AppMgmt - ok
22:17:59.0684 3928 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
22:17:59.0684 3928 arc - ok
22:17:59.0704 3928 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:17:59.0704 3928 arcsas - ok
22:17:59.0734 3928 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:17:59.0734 3928 AsyncMac - ok
22:17:59.0744 3928 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
22:17:59.0744 3928 atapi - ok
22:17:59.0944 3928 [ 3CB1063F32FDE3C95AB31B46126C7AE2 ] athr C:\Windows\system32\DRIVERS\athr.sys
22:17:59.0974 3928 athr - ok
22:18:00.0046 3928 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:18:00.0046 3928 AudioEndpointBuilder - ok
22:18:00.0076 3928 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:18:00.0086 3928 Audiosrv - ok
22:18:00.0126 3928 [ 0FE7773CD592DAE0CA994BA987F44E85 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6x.sys
22:18:00.0136 3928 Avgfwfd - ok
22:18:00.0246 3928 [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws C:\Program Files\AVG\AVG2013\avgfws.exe
22:18:00.0256 3928 avgfws - ok
22:18:00.0408 3928 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
22:18:00.0458 3928 AVGIDSAgent - ok
22:18:00.0511 3928 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
22:18:00.0514 3928 AVGIDSDriver - ok
22:18:00.0550 3928 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
22:18:00.0550 3928 AVGIDSHX - ok
22:18:00.0590 3928 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
22:18:00.0590 3928 AVGIDSShim - ok
22:18:00.0630 3928 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
22:18:00.0640 3928 Avgldx86 - ok
22:18:00.0680 3928 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
22:18:00.0680 3928 Avglogx - ok
22:18:00.0730 3928 [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
22:18:00.0730 3928 Avgmfx86 - ok
22:18:00.0770 3928 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
22:18:00.0770 3928 Avgrkx86 - ok
22:18:00.0810 3928 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
22:18:00.0820 3928 Avgtdix - ok
22:18:00.0850 3928 [ 34F335FEC0D7A7A4D329390B7C7B59B8 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
22:18:00.0850 3928 avgtp - ok
22:18:00.0900 3928 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
22:18:00.0900 3928 avgwd - ok
22:18:00.0940 3928 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:18:00.0940 3928 AxInstSV - ok
22:18:00.0980 3928 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
22:18:00.0990 3928 b06bdrv - ok
22:18:01.0020 3928 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
22:18:01.0020 3928 b57nd60x - ok
22:18:01.0052 3928 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
22:18:01.0062 3928 BDESVC - ok
22:18:01.0072 3928 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
22:18:01.0072 3928 Beep - ok
22:18:01.0102 3928 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
22:18:01.0112 3928 BFE - ok
22:18:01.0154 3928 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
22:18:01.0164 3928 BITS - ok
22:18:01.0184 3928 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:18:01.0184 3928 blbdrive - ok
22:18:01.0238 3928 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:18:01.0240 3928 bowser - ok
22:18:01.0276 3928 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:18:01.0276 3928 BrFiltLo - ok
22:18:01.0296 3928 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:18:01.0296 3928 BrFiltUp - ok
22:18:01.0326 3928 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:18:01.0326 3928 BridgeMP - ok
22:18:01.0376 3928 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
22:18:01.0376 3928 Browser - ok
22:18:01.0406 3928 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:18:01.0406 3928 Brserid - ok
22:18:01.0426 3928 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:18:01.0436 3928 BrSerWdm - ok
22:18:01.0456 3928 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
Nahoru
medvídeček
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 29 bře 2009 16:23

Re: Malware - i.trkjmp.com

#6 Příspěvek od medvídeček »

22:18:01.0456 3928 BrUsbMdm - ok
22:18:01.0476 3928 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:18:01.0476 3928 BrUsbSer - ok
22:18:01.0514 3928 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:18:01.0515 3928 BthEnum - ok
22:18:01.0542 3928 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:18:01.0544 3928 BTHMODEM - ok
22:18:01.0568 3928 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:18:01.0568 3928 BthPan - ok
22:18:01.0608 3928 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:18:01.0618 3928 BTHPORT - ok
22:18:01.0648 3928 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
22:18:01.0658 3928 bthserv - ok
22:18:01.0698 3928 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:18:01.0698 3928 BTHUSB - ok
22:18:01.0738 3928 [ 7E826BE3B3558208D5C9B00034E51BE5 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:18:01.0738 3928 btwaudio - ok
22:18:01.0758 3928 [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
22:18:01.0758 3928 btwavdt - ok
22:18:01.0828 3928 [ 0E3EE2BC0EC56BFE869FCDE3E5806684 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:18:01.0838 3928 btwdins - ok
22:18:01.0858 3928 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:18:01.0858 3928 btwl2cap - ok
22:18:01.0898 3928 [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:18:01.0898 3928 btwrchid - ok
22:18:01.0978 3928 catchme - ok
22:18:01.0998 3928 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:18:01.0998 3928 cdfs - ok
22:18:02.0038 3928 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:18:02.0038 3928 cdrom - ok
22:18:02.0078 3928 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
22:18:02.0088 3928 CertPropSvc - ok
22:18:02.0098 3928 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
22:18:02.0098 3928 circlass - ok
22:18:02.0128 3928 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
22:18:02.0128 3928 CLFS - ok
22:18:02.0188 3928 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:18:02.0188 3928 clr_optimization_v2.0.50727_32 - ok
22:18:02.0228 3928 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:18:02.0238 3928 clr_optimization_v4.0.30319_32 - ok
22:18:02.0248 3928 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:18:02.0248 3928 CmBatt - ok
22:18:02.0288 3928 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:18:02.0288 3928 cmdide - ok
22:18:02.0328 3928 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
22:18:02.0328 3928 CNG - ok
22:18:02.0348 3928 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:18:02.0348 3928 Compbatt - ok
22:18:02.0358 3928 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:18:02.0368 3928 CompositeBus - ok
22:18:02.0368 3928 COMSysApp - ok
22:18:02.0406 3928 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:18:02.0407 3928 crcdisk - ok
22:18:02.0440 3928 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:18:02.0450 3928 CryptSvc - ok
22:18:02.0490 3928 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
22:18:02.0500 3928 CSC - ok
22:18:02.0520 3928 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
22:18:02.0530 3928 CscService - ok
22:18:02.0580 3928 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
22:18:02.0586 3928 DcomLaunch - ok
22:18:02.0611 3928 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
22:18:02.0612 3928 defragsvc - ok
22:18:02.0632 3928 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:18:02.0632 3928 DfsC - ok
22:18:02.0662 3928 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:18:02.0662 3928 Dhcp - ok
22:18:02.0702 3928 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
22:18:02.0702 3928 discache - ok
22:18:02.0712 3928 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
22:18:02.0722 3928 Disk - ok
22:18:02.0767 3928 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
22:18:02.0769 3928 dmvsc - ok
22:18:02.0794 3928 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:18:02.0794 3928 Dnscache - ok
22:18:02.0834 3928 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
22:18:02.0834 3928 dot3svc - ok
22:18:02.0864 3928 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
22:18:02.0864 3928 DPS - ok
22:18:02.0896 3928 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:18:02.0906 3928 drmkaud - ok
22:18:02.0956 3928 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:18:02.0956 3928 dtsoftbus01 - ok
22:18:03.0016 3928 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:18:03.0026 3928 DXGKrnl - ok
22:18:03.0061 3928 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
22:18:03.0065 3928 EapHost - ok
22:18:03.0158 3928 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
22:18:03.0178 3928 ebdrv - ok
22:18:03.0220 3928 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
22:18:03.0220 3928 EFS - ok
22:18:03.0300 3928 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:18:03.0310 3928 ehRecvr - ok
22:18:03.0320 3928 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
22:18:03.0320 3928 ehSched - ok
22:18:03.0360 3928 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:18:03.0370 3928 elxstor - ok
22:18:03.0380 3928 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:18:03.0380 3928 ErrDev - ok
22:18:03.0420 3928 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
22:18:03.0430 3928 EventSystem - ok
22:18:03.0450 3928 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
22:18:03.0450 3928 exfat - ok
22:18:03.0480 3928 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:18:03.0480 3928 fastfat - ok
22:18:03.0530 3928 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
22:18:03.0530 3928 Fax - ok
22:18:03.0550 3928 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
22:18:03.0550 3928 fdc - ok
22:18:03.0590 3928 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
22:18:03.0590 3928 fdPHost - ok
22:18:03.0600 3928 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
22:18:03.0600 3928 FDResPub - ok
22:18:03.0640 3928 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:18:03.0640 3928 FileInfo - ok
22:18:03.0660 3928 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:18:03.0660 3928 Filetrace - ok
22:18:03.0690 3928 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:18:03.0690 3928 flpydisk - ok
22:18:03.0700 3928 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:18:03.0710 3928 FltMgr - ok
22:18:03.0760 3928 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
22:18:03.0770 3928 FontCache - ok
22:18:03.0820 3928 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:18:03.0830 3928 FontCache3.0.0.0 - ok
22:18:03.0840 3928 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:18:03.0850 3928 FsDepends - ok
22:18:03.0880 3928 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:18:03.0880 3928 Fs_Rec - ok
22:18:03.0920 3928 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:18:03.0920 3928 fvevol - ok
22:18:03.0940 3928 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:18:03.0940 3928 gagp30kx - ok
22:18:03.0980 3928 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
22:18:03.0990 3928 gpsvc - ok
22:18:04.0030 3928 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:18:04.0030 3928 hcw85cir - ok
22:18:04.0080 3928 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:18:04.0080 3928 HdAudAddService - ok
22:18:04.0110 3928 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:18:04.0110 3928 HDAudBus - ok
22:18:04.0130 3928 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:18:04.0130 3928 HidBatt - ok
22:18:04.0150 3928 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:18:04.0160 3928 HidBth - ok
22:18:04.0180 3928 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:18:04.0180 3928 HidIr - ok
22:18:04.0220 3928 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
22:18:04.0220 3928 hidserv - ok
22:18:04.0306 3928 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:18:04.0308 3928 HidUsb - ok
22:18:04.0325 3928 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:18:04.0329 3928 hkmsvc - ok
22:18:04.0357 3928 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:18:04.0362 3928 HomeGroupListener - ok
22:18:04.0390 3928 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:18:04.0390 3928 HomeGroupProvider - ok
22:18:04.0410 3928 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:18:04.0420 3928 HpSAMD - ok
22:18:04.0480 3928 [ 53229DCF431D76434816CD29251168A0 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
22:18:04.0510 3928 HSF_DPV - ok
22:18:04.0540 3928 [ E1E8005C35F97A39C1672EDD24B03587 ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
22:18:04.0540 3928 HssDRV6 - ok
22:18:04.0570 3928 [ 31F949D452201F2F0AF0C88D7DB512CD ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
22:18:04.0580 3928 HSXHWAZL - ok
22:18:04.0610 3928 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:18:04.0620 3928 HTTP - ok
22:18:04.0630 3928 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:18:04.0640 3928 hwpolicy - ok
22:18:04.0660 3928 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:18:04.0660 3928 i8042prt - ok
22:18:04.0710 3928 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:18:04.0710 3928 iaStorV - ok
22:18:04.0790 3928 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:18:04.0810 3928 idsvc - ok
22:18:05.0000 3928 [ 36CC40B02AE593D6152AC8BD657720AF ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
22:18:05.0160 3928 igfx - ok
22:18:05.0180 3928 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:18:05.0180 3928 iirsp - ok
22:18:05.0242 3928 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
22:18:05.0252 3928 IKEEXT - ok
22:18:05.0372 3928 [ 345AC48D17F5C2F2AA1EE50D34C3978B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:18:05.0462 3928 IntcAzAudAddService - ok
22:18:05.0502 3928 [ 81486F0EB4238B65C317F97DE246C4AC ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
22:18:05.0502 3928 IntcHdmiAddService - ok
22:18:05.0512 3928 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
22:18:05.0522 3928 intelide - ok
22:18:05.0552 3928 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:18:05.0552 3928 intelppm - ok
22:18:05.0582 3928 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:18:05.0582 3928 IPBusEnum - ok
22:18:05.0612 3928 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:18:05.0612 3928 IpFilterDriver - ok
22:18:05.0652 3928 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:18:05.0662 3928 iphlpsvc - ok
22:18:05.0682 3928 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:18:05.0682 3928 IPMIDRV - ok
22:18:05.0711 3928 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:18:05.0714 3928 IPNAT - ok
22:18:05.0724 3928 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:18:05.0734 3928 IRENUM - ok
22:18:05.0744 3928 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:18:05.0744 3928 isapnp - ok
22:18:05.0764 3928 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:18:05.0774 3928 iScsiPrt - ok
22:18:05.0794 3928 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:18:05.0794 3928 kbdclass - ok
22:18:05.0814 3928 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:18:05.0814 3928 kbdhid - ok
22:18:05.0834 3928 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
22:18:05.0834 3928 KeyIso - ok
22:18:05.0874 3928 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:18:05.0874 3928 KSecDD - ok
22:18:05.0904 3928 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:18:05.0904 3928 KSecPkg - ok
22:18:05.0954 3928 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
22:18:05.0954 3928 KtmRm - ok
22:18:05.0994 3928 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
22:18:06.0004 3928 LanmanServer - ok
22:18:06.0034 3928 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:18:06.0034 3928 LanmanWorkstation - ok
22:18:06.0074 3928 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:18:06.0084 3928 lltdio - ok
22:18:06.0114 3928 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:18:06.0114 3928 lltdsvc - ok
22:18:06.0134 3928 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
22:18:06.0134 3928 lmhosts - ok
22:18:06.0154 3928 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:18:06.0164 3928 LSI_FC - ok
22:18:06.0184 3928 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:18:06.0184 3928 LSI_SAS - ok
22:18:06.0204 3928 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:18:06.0214 3928 LSI_SAS2 - ok
22:18:06.0224 3928 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:18:06.0224 3928 LSI_SCSI - ok
22:18:06.0244 3928 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
22:18:06.0244 3928 luafv - ok
22:18:06.0274 3928 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:18:06.0284 3928 MBAMProtector - ok
22:18:06.0334 3928 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:18:06.0344 3928 MBAMScheduler - ok
22:18:06.0374 3928 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:18:06.0394 3928 MBAMService - ok
22:18:06.0424 3928 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:18:06.0434 3928 Mcx2Svc - ok
22:18:06.0464 3928 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:18:06.0464 3928 mdmxsdk - ok
22:18:06.0494 3928 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
22:18:06.0504 3928 megasas - ok
22:18:06.0514 3928 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:18:06.0524 3928 MegaSR - ok
22:18:06.0554 3928 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
22:18:06.0554 3928 MMCSS - ok
22:18:06.0564 3928 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
22:18:06.0564 3928 Modem - ok
22:18:06.0584 3928 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:18:06.0594 3928 monitor - ok
22:18:06.0606 3928 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:18:06.0608 3928 mouclass - ok
22:18:06.0626 3928 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:18:06.0626 3928 mouhid - ok
22:18:06.0636 3928 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:18:06.0636 3928 mountmgr - ok
22:18:06.0676 3928 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:18:06.0676 3928 MozillaMaintenance - ok
22:18:06.0686 3928 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
22:18:06.0696 3928 mpio - ok
22:18:06.0716 3928 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:18:06.0726 3928 mpsdrv - ok
22:18:06.0766 3928 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:18:06.0766 3928 MpsSvc - ok
22:18:06.0786 3928 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:18:06.0786 3928 MRxDAV - ok
22:18:06.0816 3928 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:18:06.0816 3928 mrxsmb - ok
22:18:06.0836 3928 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:18:06.0846 3928 mrxsmb10 - ok
22:18:06.0866 3928 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:18:06.0866 3928 mrxsmb20 - ok
22:18:06.0896 3928 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
22:18:06.0896 3928 msahci - ok
22:18:06.0926 3928 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:18:06.0926 3928 msdsm - ok
22:18:06.0946 3928 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
22:18:06.0946 3928 MSDTC - ok
22:18:06.0976 3928 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:18:06.0976 3928 Msfs - ok
22:18:06.0986 3928 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:18:06.0996 3928 mshidkmdf - ok
22:18:07.0006 3928 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:18:07.0006 3928 msisadrv - ok
22:18:07.0026 3928 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:18:07.0026 3928 MSiSCSI - ok
22:18:07.0036 3928 msiserver - ok
22:18:07.0056 3928 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:18:07.0056 3928 MSKSSRV - ok
22:18:07.0086 3928 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:18:07.0086 3928 MSPCLOCK - ok
22:18:07.0106 3928 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:18:07.0106 3928 MSPQM - ok
22:18:07.0126 3928 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:18:07.0126 3928 MsRPC - ok
22:18:07.0146 3928 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:18:07.0156 3928 mssmbios - ok
22:18:07.0166 3928 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:18:07.0176 3928 MSTEE - ok
22:18:07.0196 3928 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:18:07.0196 3928 MTConfig - ok
22:18:07.0206 3928 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
22:18:07.0216 3928 Mup - ok
22:18:07.0246 3928 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
22:18:07.0246 3928 napagent - ok
22:18:07.0266 3928 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:18:07.0276 3928 NativeWifiP - ok
22:18:07.0316 3928 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:18:07.0326 3928 NDIS - ok
22:18:07.0336 3928 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:18:07.0346 3928 NdisCap - ok
22:18:07.0356 3928 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:18:07.0366 3928 NdisTapi - ok
22:18:07.0376 3928 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:18:07.0376 3928 Ndisuio - ok
22:18:07.0406 3928 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:18:07.0406 3928 NdisWan - ok
22:18:07.0426 3928 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:18:07.0426 3928 NDProxy - ok
22:18:07.0446 3928 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:18:07.0446 3928 NetBIOS - ok
22:18:07.0466 3928 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:18:07.0476 3928 NetBT - ok
22:18:07.0486 3928 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
22:18:07.0496 3928 Netlogon - ok
22:18:07.0526 3928 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
22:18:07.0536 3928 Netman - ok
22:18:07.0556 3928 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
22:18:07.0566 3928 netprofm - ok
22:18:07.0586 3928 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:18:07.0596 3928 NetTcpPortSharing - ok
22:18:07.0616 3928 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:18:07.0616 3928 nfrd960 - ok
22:18:07.0656 3928 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
22:18:07.0666 3928 NlaSvc - ok
22:18:07.0686 3928 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:18:07.0686 3928 Npfs - ok
22:18:07.0716 3928 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
22:18:07.0716 3928 nsi - ok
22:18:07.0736 3928 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:18:07.0736 3928 nsiproxy - ok
22:18:07.0806 3928 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:18:07.0816 3928 Ntfs - ok
22:18:07.0856 3928 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
22:18:07.0856 3928 Null - ok
22:18:07.0876 3928 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:18:07.0876 3928 nvraid - ok
22:18:07.0916 3928 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:18:07.0926 3928 nvstor - ok
22:18:07.0946 3928 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:18:07.0946 3928 nv_agp - ok
22:18:07.0986 3928 [ D955D5DE998DB2476BF0892BE3A96C26 ] o2flash C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
22:18:07.0986 3928 o2flash - ok
22:18:08.0006 3928 [ 78575368974962042472F18B24D3CF28 ] O2MDRDR C:\Windows\system32\DRIVERS\o2media.sys
22:18:08.0006 3928 O2MDRDR - ok
22:18:08.0036 3928 [ B6DBDA8C79DC4333AD9B0C15067B8247 ] O2SDRDR C:\Windows\system32\DRIVERS\o2sd.sys
22:18:08.0036 3928 O2SDRDR - ok
22:18:08.0106 3928 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:18:08.0116 3928 odserv - ok
22:18:08.0146 3928 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:18:08.0146 3928 ohci1394 - ok
22:18:08.0176 3928 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:18:08.0176 3928 ose - ok
22:18:08.0216 3928 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:18:08.0226 3928 p2pimsvc - ok
22:18:08.0246 3928 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
22:18:08.0256 3928 p2psvc - ok
22:18:08.0276 3928 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
22:18:08.0286 3928 Parport - ok
22:18:08.0316 3928 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:18:08.0316 3928 partmgr - ok
22:18:08.0336 3928 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:18:08.0336 3928 Parvdm - ok
22:18:08.0366 3928 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:18:08.0376 3928 PcaSvc - ok
22:18:08.0396 3928 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
22:18:08.0396 3928 pci - ok
22:18:08.0436 3928 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
22:18:08.0436 3928 pciide - ok
22:18:08.0466 3928 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:18:08.0466 3928 pcmcia - ok
22:18:08.0476 3928 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
22:18:08.0476 3928 pcw - ok
22:18:08.0516 3928 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:18:08.0526 3928 PEAUTH - ok
22:18:08.0586 3928 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:18:08.0596 3928 PeerDistSvc - ok
22:18:08.0688 3928 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
22:18:08.0708 3928 pla - ok
22:18:08.0738 3928 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:18:08.0748 3928 PlugPlay - ok
22:18:08.0758 3928 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:18:08.0768 3928 PNRPAutoReg - ok
22:18:08.0798 3928 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:18:08.0798 3928 PNRPsvc - ok
22:18:08.0828 3928 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:18:08.0838 3928 PolicyAgent - ok
22:18:08.0858 3928 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
22:18:08.0858 3928 Power - ok
22:18:08.0898 3928 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:18:08.0898 3928 PptpMiniport - ok
22:18:08.0908 3928 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
22:18:08.0918 3928 Processor - ok
22:18:08.0948 3928 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
22:18:08.0958 3928 ProfSvc - ok
22:18:08.0978 3928 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:18:08.0978 3928 ProtectedStorage - ok
22:18:08.0998 3928 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:18:09.0008 3928 Psched - ok
22:18:09.0038 3928 [ B572ED0C3E6165643FA116AF20425A54 ] PxHelp20 C:\Windows\system32\DRIVERS\PxHelp20.sys
22:18:09.0038 3928 PxHelp20 - ok
22:18:09.0098 3928 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:18:09.0148 3928 ql2300 - ok
22:18:09.0168 3928 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:18:09.0178 3928 ql40xx - ok
22:18:09.0218 3928 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
22:18:09.0218 3928 QWAVE - ok
22:18:09.0238 3928 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:18:09.0238 3928 QWAVEdrv - ok
22:18:09.0268 3928 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:18:09.0268 3928 RasAcd - ok
22:18:09.0308 3928 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:18:09.0308 3928 RasAgileVpn - ok
22:18:09.0338 3928 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
22:18:09.0348 3928 RasAuto - ok
22:18:09.0368 3928 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:18:09.0368 3928 Rasl2tp - ok
22:18:09.0388 3928 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
22:18:09.0398 3928 RasMan - ok
22:18:09.0408 3928 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:18:09.0408 3928 RasPppoe - ok
22:18:09.0448 3928 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:18:09.0448 3928 RasSstp - ok
22:18:09.0478 3928 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:18:09.0478 3928 rdbss - ok
22:18:09.0508 3928 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:18:09.0508 3928 rdpbus - ok
22:18:09.0528 3928 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:18:09.0528 3928 RDPCDD - ok
22:18:09.0578 3928 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:18:09.0578 3928 RDPDR - ok
22:18:09.0588 3928 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:18:09.0588 3928 RDPENCDD - ok
22:18:09.0608 3928 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:18:09.0608 3928 RDPREFMP - ok
22:18:09.0668 3928 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:18:09.0668 3928 RdpVideoMiniport - ok
22:18:09.0728 3928 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:18:09.0728 3928 RDPWD - ok
22:18:09.0768 3928 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:18:09.0768 3928 rdyboost - ok
22:18:09.0798 3928 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
22:18:09.0798 3928 RemoteAccess - ok
22:18:09.0838 3928 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:18:09.0838 3928 RemoteRegistry - ok
22:18:09.0878 3928 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:18:09.0878 3928 RFCOMM - ok
22:18:09.0968 3928 [ 41DDCF1ADD1FB7DE23DCF671740DDBE6 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
22:18:09.0968 3928 RichVideo - ok
22:18:09.0988 3928 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:18:09.0988 3928 RpcEptMapper - ok
22:18:10.0018 3928 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
22:18:10.0018 3928 RpcLocator - ok
22:18:10.0038 3928 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
22:18:10.0048 3928 RpcSs - ok
22:18:10.0078 3928 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:18:10.0078 3928 rspndr - ok
22:18:10.0108 3928 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:18:10.0108 3928 s3cap - ok
22:18:10.0238 3928 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
22:18:10.0238 3928 SamSs - ok
22:18:10.0288 3928 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:18:10.0318 3928 sbp2port - ok
22:18:10.0378 3928 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:18:10.0378 3928 SCardSvr - ok
22:18:10.0428 3928 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:18:10.0428 3928 scfilter - ok
22:18:10.0458 3928 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
22:18:10.0468 3928 Schedule - ok
22:18:10.0478 3928 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:18:10.0488 3928 SCPolicySvc - ok
22:18:10.0558 3928 [ B60E9769655DDEE8368E3ABB6668E076 ] ScrybeUpdater C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
22:18:10.0578 3928 ScrybeUpdater - ok
22:18:10.0608 3928 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:18:10.0608 3928 sdbus - ok
22:18:10.0648 3928 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:18:10.0648 3928 SDRSVC - ok
22:18:10.0698 3928 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:18:10.0698 3928 secdrv - ok
22:18:10.0718 3928 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
22:18:10.0718 3928 seclogon - ok
22:18:10.0738 3928 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
22:18:10.0748 3928 SENS - ok
22:18:10.0778 3928 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:18:10.0778 3928 SensrSvc - ok
22:18:10.0798 3928 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:18:10.0808 3928 Serenum - ok
22:18:10.0828 3928 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
22:18:10.0828 3928 Serial - ok
22:18:10.0838 3928 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:18:10.0838 3928 sermouse - ok
22:18:10.0878 3928 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
22:18:10.0878 3928 SessionEnv - ok
22:18:10.0898 3928 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:18:10.0898 3928 sffdisk - ok
22:18:10.0918 3928 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:18:10.0918 3928 sffp_mmc - ok
22:18:10.0938 3928 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:18:10.0938 3928 sffp_sd - ok
22:18:10.0958 3928 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:18:10.0968 3928 sfloppy - ok
22:18:10.0998 3928 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:18:11.0008 3928 SharedAccess - ok
22:18:11.0048 3928 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:18:11.0058 3928 ShellHWDetection - ok
22:18:11.0078 3928 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:18:11.0078 3928 sisagp - ok
22:18:11.0108 3928 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:18:11.0108 3928 SiSRaid2 - ok
22:18:11.0128 3928 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:18:11.0138 3928 SiSRaid4 - ok
22:18:11.0188 3928 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:18:11.0198 3928 SkypeUpdate - ok
22:18:11.0208 3928 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:18:11.0208 3928 Smb - ok
22:18:11.0258 3928 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:18:11.0268 3928 SNMPTRAP - ok
22:18:11.0278 3928 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
22:18:11.0278 3928 spldr - ok
22:18:11.0328 3928 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
22:18:11.0338 3928 Spooler - ok
22:18:11.0428 3928 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
22:18:11.0458 3928 sppsvc - ok
22:18:11.0478 3928 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:18:11.0478 3928 sppuinotify - ok
22:18:11.0528 3928 [ AB5C8F6E63674DBAD9C1E449E8FD77CE ] sptd C:\Windows\System32\Drivers\sptd.sys
22:18:11.0528 3928 sptd - ok
22:18:11.0568 3928 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:18:11.0578 3928 srv - ok
22:18:11.0598 3928 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:18:11.0598 3928 srv2 - ok
22:18:11.0638 3928 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:18:11.0638 3928 SrvHsfHDA - ok
22:18:11.0688 3928 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:18:11.0718 3928 SrvHsfV92 - ok
22:18:11.0758 3928 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:18:11.0888 3928 SrvHsfWinac - ok
22:18:11.0918 3928 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:18:11.0928 3928 srvnet - ok
22:18:11.0968 3928 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
22:18:11.0968 3928 ssadbus - ok
22:18:11.0998 3928 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:18:12.0008 3928 ssadmdfl - ok
22:18:12.0038 3928 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
22:18:12.0048 3928 ssadmdm - ok
22:18:12.0068 3928 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
22:18:12.0068 3928 ssadserd - ok
22:18:12.0128 3928 [ 069351A1D7D291013177A90AE6EDCCBC ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
22:18:12.0128 3928 sscdbus - ok
22:18:12.0158 3928 [ 1C925BE223A5C0F9F469252292A48DF6 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
22:18:12.0158 3928 sscdmdfl - ok
22:18:12.0168 3928 [ AE3E77AE0FBDB07EB1AC3FED74A0695E ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
22:18:12.0168 3928 sscdmdm - ok
22:18:12.0208 3928 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:18:12.0208 3928 SSDPSRV - ok
22:18:12.0228 3928 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:18:12.0228 3928 SstpSvc - ok
22:18:12.0268 3928 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:18:12.0268 3928 stexstor - ok
22:18:12.0298 3928 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
22:18:12.0308 3928 StiSvc - ok
22:18:12.0338 3928 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:18:12.0348 3928 storflt - ok
22:18:12.0378 3928 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
22:18:12.0388 3928 StorSvc - ok
22:18:12.0398 3928 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:18:12.0408 3928 storvsc - ok
22:18:12.0428 3928 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:18:12.0428 3928 swenum - ok
22:18:12.0468 3928 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
22:18:12.0478 3928 swprv - ok
22:18:12.0528 3928 [ 2185CC5BE9922562108CF87F42E4BBAF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:18:12.0558 3928 SynTP - ok
22:18:12.0598 3928 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
22:18:12.0618 3928 SysMain - ok
22:18:12.0628 3928 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:18:12.0638 3928 TabletInputService - ok
22:18:12.0678 3928 [ 3A710AB5FD0F7F32CC3F65067FB27B12 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
22:18:12.0688 3928 taphss6 - ok
22:18:12.0718 3928 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
22:18:12.0728 3928 TapiSrv - ok
22:18:12.0738 3928 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
22:18:12.0738 3928 TBS - ok
22:18:12.0808 3928 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:18:12.0818 3928 Tcpip - ok
22:18:12.0870 3928 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:18:12.0880 3928 TCPIP6 - ok
22:18:12.0920 3928 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:18:12.0920 3928 tcpipreg - ok
22:18:12.0960 3928 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:18:12.0960 3928 TDPIPE - ok
22:18:13.0022 3928 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:18:13.0022 3928 TDTCP - ok
22:18:13.0042 3928 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:18:13.0042 3928 tdx - ok
22:18:13.0052 3928 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:18:13.0062 3928 TermDD - ok
22:18:13.0102 3928 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
22:18:13.0112 3928 TermService - ok
22:18:13.0132 3928 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
22:18:13.0132 3928 Themes - ok
22:18:13.0152 3928 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
22:18:13.0152 3928 THREADORDER - ok
22:18:13.0172 3928 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
22:18:13.0182 3928 TrkWks - ok
22:18:13.0242 3928 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:18:13.0252 3928 TrustedInstaller - ok
22:18:13.0272 3928 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:18:13.0272 3928 tssecsrv - ok
22:18:13.0312 3928 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:18:13.0312 3928 TsUsbFlt - ok
22:18:13.0352 3928 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:18:13.0352 3928 TsUsbGD - ok
22:18:13.0392 3928 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:18:13.0392 3928 tunnel - ok
22:18:13.0412 3928 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:18:13.0422 3928 uagp35 - ok
22:18:13.0482 3928 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:18:13.0482 3928 udfs - ok
22:18:13.0522 3928 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:18:13.0522 3928 UI0Detect - ok
22:18:13.0552 3928 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:18:13.0552 3928 uliagpkx - ok
22:18:13.0562 3928 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:18:13.0562 3928 umbus - ok
22:18:13.0582 3928 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
22:18:13.0592 3928 UmPass - ok
22:18:13.0632 3928 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
22:18:13.0632 3928 UmRdpService - ok
22:18:13.0672 3928 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
22:18:13.0682 3928 upnphost - ok
22:18:13.0722 3928 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:18:13.0722 3928 usbccgp - ok
22:18:13.0762 3928 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:18:13.0762 3928 usbcir - ok
22:18:13.0802 3928 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:18:13.0802 3928 usbehci - ok
22:18:13.0832 3928 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:18:13.0832 3928 usbhub - ok
22:18:13.0862 3928 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:18:13.0862 3928 usbohci - ok
22:18:13.0882 3928 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:18:13.0882 3928 usbprint - ok
22:18:13.0922 3928 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:18:13.0922 3928 USBSTOR - ok
22:18:13.0942 3928 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:18:13.0942 3928 usbuhci - ok
22:18:13.0982 3928 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:18:13.0982 3928 usbvideo - ok
22:18:14.0012 3928 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
22:18:14.0012 3928 UxSms - ok
22:18:14.0022 3928 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
22:18:14.0022 3928 VaultSvc - ok
22:18:14.0072 3928 [ 226CD9E42BE28A84EC56430FBB57224F ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:18:14.0072 3928 VBoxNetAdp - ok
22:18:14.0082 3928 VBoxNetFlt - ok
22:18:14.0152 3928 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:18:14.0152 3928 vdrvroot - ok
22:18:14.0172 3928 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
22:18:14.0182 3928 vds - ok
22:18:14.0202 3928 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:18:14.0202 3928 vga - ok
22:18:14.0222 3928 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:18:14.0222 3928 VgaSave - ok
22:18:14.0232 3928 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:18:14.0242 3928 vhdmp - ok
22:18:14.0272 3928 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:18:14.0272 3928 viaagp - ok
22:18:14.0282 3928 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:18:14.0282 3928 ViaC7 - ok
22:18:14.0312 3928 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
22:18:14.0312 3928 viaide - ok
22:18:14.0342 3928 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:18:14.0342 3928 vmbus - ok
22:18:14.0362 3928 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:18:14.0372 3928 VMBusHID - ok
22:18:14.0382 3928 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:18:14.0382 3928 volmgr - ok
22:18:14.0412 3928 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:18:14.0422 3928 volmgrx - ok
22:18:14.0442 3928 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:18:14.0442 3928 volsnap - ok
22:18:14.0472 3928 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:18:14.0472 3928 vsmraid - ok
22:18:14.0532 3928 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
22:18:14.0542 3928 VSS - ok
22:18:14.0612 3928 [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
22:18:14.0622 3928 vToolbarUpdater13.2.0 - ok
22:18:14.0652 3928 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:18:14.0662 3928 vwifibus - ok
22:18:14.0672 3928 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:18:14.0672 3928 vwififlt - ok
22:18:14.0712 3928 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:18:14.0712 3928 vwifimp - ok
22:18:14.0742 3928 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
22:18:14.0742 3928 W32Time - ok
22:18:14.0772 3928 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:18:14.0772 3928 WacomPen - ok
22:18:14.0882 3928 [ 5D81DFEDC21830764B02F12415AFAE2B ] wampapache c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
22:18:14.0882 3928 wampapache - ok
22:18:14.0982 3928 wampmysqld - ok
22:18:15.0002 3928 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:18:15.0012 3928 WANARP - ok
22:18:15.0012 3928 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:18:15.0012 3928 Wanarpv6 - ok
22:18:15.0102 3928 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:18:15.0132 3928 WatAdminSvc - ok
22:18:15.0182 3928 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
22:18:15.0202 3928 wbengine - ok
22:18:15.0222 3928 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:18:15.0222 3928 WbioSrvc - ok
22:18:15.0252 3928 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:18:15.0262 3928 wcncsvc - ok
22:18:15.0272 3928 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:18:15.0282 3928 WcsPlugInService - ok
22:18:15.0312 3928 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
22:18:15.0322 3928 Wd - ok
22:18:15.0372 3928 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:18:15.0372 3928 Wdf01000 - ok
22:18:15.0392 3928 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:18:15.0392 3928 WdiServiceHost - ok
22:18:15.0402 3928 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:18:15.0402 3928 WdiSystemHost - ok
22:18:15.0484 3928 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
22:18:15.0484 3928 WebClient - ok
22:18:15.0544 3928 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:18:15.0544 3928 Wecsvc - ok
22:18:15.0584 3928 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:18:15.0584 3928 wercplsupport - ok
22:18:15.0654 3928 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
22:18:15.0654 3928 WerSvc - ok
22:18:15.0704 3928 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:18:15.0704 3928 WfpLwf - ok
22:18:15.0734 3928 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:18:15.0734 3928 WIMMount - ok
22:18:15.0764 3928 [ 6D2350BB6E77E800FC4BE4E5B7A2E89A ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:18:15.0774 3928 winachsf - ok
22:18:15.0864 3928 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:18:15.0864 3928 WinDefend - ok
22:18:15.0874 3928 WinHttpAutoProxySvc - ok
22:18:15.0934 3928 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:18:15.0934 3928 Winmgmt - ok
22:18:16.0004 3928 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Program Files\BatteryCare\WinRing0.sys
22:18:16.0004 3928 WinRing0_1_2_0 - ok
22:18:16.0054 3928 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
22:18:16.0094 3928 WinRM - ok
22:18:16.0144 3928 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:18:16.0144 3928 WinUsb - ok
22:18:16.0194 3928 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:18:16.0204 3928 Wlansvc - ok
22:18:16.0294 3928 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:18:16.0314 3928 wlidsvc - ok
22:18:16.0324 3928 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:18:16.0324 3928 WmiAcpi - ok
22:18:16.0364 3928 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:18:16.0364 3928 wmiApSrv - ok
22:18:16.0444 3928 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:18:16.0454 3928 WMPNetworkSvc - ok
22:18:16.0484 3928 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:18:16.0484 3928 WPCSvc - ok
22:18:16.0514 3928 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:18:16.0524 3928 WPDBusEnum - ok
22:18:16.0554 3928 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:18:16.0554 3928 ws2ifsl - ok
22:18:16.0574 3928 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
22:18:16.0574 3928 wscsvc - ok
22:18:16.0584 3928 WSearch - ok
22:18:16.0684 3928 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:18:16.0704 3928 wuauserv - ok
22:18:16.0734 3928 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:18:16.0734 3928 WudfPf - ok
22:18:16.0744 3928 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:18:16.0754 3928 WUDFRd - ok
22:18:16.0784 3928 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:18:16.0794 3928 wudfsvc - ok
22:18:16.0844 3928 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:18:16.0844 3928 WwanSvc - ok
22:18:16.0884 3928 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
22:18:16.0884 3928 XAudio - ok
22:18:16.0914 3928 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
22:18:16.0914 3928 XAudioService - ok
22:18:16.0944 3928 ================ Scan global ===============================
22:18:16.0977 3928 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
22:18:17.0016 3928 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
22:18:17.0026 3928 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
22:18:17.0056 3928 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
22:18:17.0096 3928 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
22:18:17.0106 3928 [Global] - ok
22:18:17.0106 3928 ================ Scan MBR ==================================
22:18:17.0116 3928 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:18:17.0316 3928 \Device\Harddisk0\DR0 - ok
22:18:17.0326 3928 ================ Scan VBR ==================================
22:18:17.0326 3928 [ 1FDDF349744370F49FC417E15F670D0B ] \Device\Harddisk0\DR0\Partition1
22:18:17.0326 3928 \Device\Harddisk0\DR0\Partition1 - ok
22:18:17.0326 3928 ============================================================
22:18:17.0326 3928 Scan finished
22:18:17.0326 3928 ============================================================
22:18:17.0346 5720 Detected object count: 0
22:18:17.0346 5720 Actual detected object count: 0
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Malware - i.trkjmp.com

#7 Příspěvek od Rudy »

Nyní přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-177100379-174471381-3026543983-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-177100379-174471381-3026543983-1001UA.job

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
medvídeček
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 29 bře 2009 16:23

Re: Malware - i.trkjmp.com

#8 Příspěvek od medvídeček »

ComboFix 13-01-26.02 - Kaja 26.01.2013 22:33:05.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1977.779 [GMT 1:00]
Spuštěný z: c:\users\Kaja\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Kaja\Desktop\CFScript.txt
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-177100379-174471381-3026543983-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-177100379-174471381-3026543983-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\muzapp.exe
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-177100379-174471381-3026543983-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-177100379-174471381-3026543983-1001UA.job
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-26 do 2013-01-26 )))))))))))))))))))))))))))))))
.
.
2013-01-26 21:43 . 2013-01-26 21:46 -------- d-----w- c:\users\Kaja\AppData\Local\temp
2013-01-26 20:16 . 2013-01-26 20:17 -------- d-----w- C:\rsit
2013-01-26 20:16 . 2013-01-26 20:17 -------- d-----w- c:\program files\trend micro
2013-01-26 19:50 . 2013-01-26 19:50 -------- d-----w- c:\users\Kaja\AppData\Roaming\Malwarebytes
2013-01-26 19:49 . 2013-01-26 19:49 -------- d-----w- c:\programdata\Malwarebytes
2013-01-26 19:49 . 2013-01-26 19:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-26 19:49 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-25 13:20 . 2013-01-25 13:23 -------- d-----w- c:\users\Kaja\AppData\Roaming\tor
2013-01-25 13:18 . 2013-01-25 13:23 -------- d-----w- c:\users\Kaja\AppData\Local\Vidalia
2013-01-22 15:40 . 2013-01-22 15:40 -------- d-----w- c:\programdata\CLSoft LTD
2013-01-22 15:39 . 2013-01-22 15:44 -------- d-----w- c:\programdata\SaveByclick
2013-01-22 15:37 . 2013-01-22 15:37 -------- d-----w- c:\users\Kaja\AppData\Roaming\pdfforge
2013-01-22 15:37 . 2013-01-11 10:39 88576 ----a-w- c:\windows\system32\pdfcmon.dll
2013-01-22 15:37 . 2012-05-05 09:54 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2013-01-22 15:37 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2013-01-22 15:37 . 2013-01-22 15:40 -------- d-----w- c:\program files\PDFCreator
2013-01-22 15:37 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2013-01-22 15:32 . 2013-01-22 15:36 -------- d-----w- c:\users\Kaja\AppData\Roaming\Hotspot Shield
2013-01-22 15:18 . 2013-01-22 15:37 -------- d-----w- c:\programdata\Hotspot Shield
2013-01-20 11:38 . 2013-01-20 11:38 -------- d-----w- c:\users\Kaja\AppData\Local\CrashRpt
2013-01-20 11:38 . 2013-01-20 11:54 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2013-01-13 13:13 . 2013-01-13 13:13 -------- d-----w- c:\program files\VisualSubSync
2013-01-10 19:41 . 2013-01-10 19:41 37064 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-01-10 19:27 . 2013-01-10 19:27 36040 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2013-01-09 20:51 . 2012-12-07 12:20 2576384 ----a-w- c:\windows\system32\gameux.dll
2013-01-09 20:50 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 20:50 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 21:04 . 2012-04-02 07:45 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 21:04 . 2011-10-21 17:59 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 14:13 . 2012-12-21 11:42 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 11:42 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-11-24 11:06 . 2012-12-18 19:35 441220 ----a-w- c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRapid-0.9u1\lib\jnidispatch32.dll
2012-11-24 11:06 . 2012-12-18 19:35 35840 ----a-w- c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRapid-0.9u1\frd.exe
2012-11-24 11:06 . 2012-12-18 19:35 200192 ----a-w- c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRapid-0.9u1\lib\jnidispatch64.dll
2012-11-24 11:06 . 2012-12-18 19:35 153600 ----a-w- c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRapid-0.9u1\tools\gocr\gocr.exe
2012-11-23 19:13 . 2012-11-23 19:14 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-11-15 22:33 . 2012-11-15 22:33 94048 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2012-11-14 02:09 . 2012-12-12 20:07 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 20:07 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 20:07 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 20:07 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 20:07 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 20:07 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 18:39 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-08 18:00 . 2012-11-23 08:23 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{87B4BA5C-19C3-499C-93C7-D7BA497ABF84}\mpengine.dll
2012-11-02 05:11 . 2012-12-12 18:39 376832 ----a-w- c:\windows\system32\dpnet.dll
2013-01-18 20:06 . 2013-01-18 20:06 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5D4A582E-1F8B-4b0d-93F6-0FAA20B5B95D}]
2011-08-31 17:21 638976 ----a-w- c:\programdata\fpie\FoxyProxyAdd-on.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-11-23 19:13 1796552 ----a-w- c:\program files\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll" [2012-11-23 1796552]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"Gmail Notifier.exe"="c:\program files\Gmail Notifier\Gmail Notifier.exe" [2011-04-07 2155008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-03-31 2221352]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 167424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 144384]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-11-23 997320]
"ROC_roc_ssl_v12"="c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-11-23 1020512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Scrybe.lnk - c:\windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [2011-10-21 45056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Kaja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC WorkBreak.lnk]
path=c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC WorkBreak.lnk
backup=c:\windows\pss\PC WorkBreak.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Kaja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Shrink Pic.lnk]
path=c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shrink Pic.lnk
backup=c:\windows\pss\Shrink Pic.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Kaja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-02-13 08:06 3481408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-07-08 17:25 116648 ----atw- c:\users\Kaja\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
2012-12-18 01:10 578560 ----a-w- c:\program files\Samsung\Kies\KiesAirMessage.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2013-01-10 09:02 844144 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2013-01-10 09:02 1475952 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2013-01-10 09:02 310128 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R4 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [x]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2013\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 ScrybeUpdater;Aktualizátor aplikace Scrybe;c:\program files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [x]
S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [x]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\BatteryCare\WinRing0.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WINRING0_1_2_0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 21:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.zapni.tv/index.php
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: FoxyProxy - c:\programdata\fpie\FoxyProxyAdd-on.dll/IDR_HTML1
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{5D4A582E-1F8B-4b0d-93F6-0FAA20B5B95D} - {5D4A582E-1F8B-4b0d-93F6-0FAA20B5B95D} - c:\programdata\fpie\FoxyProxyAdd-on.dll
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\8u7zp0lf.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - igoogle.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search? ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - ExtSQL: 2013-01-10 14:23; en-gb@flyingtophat.co.uk; c:\users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\8u7zp0lf.default\extensions\en-gb@flyingtophat.co.uk
FF - ExtSQL: 2013-01-22 16:16; afurladvisor@anchorfree.com; c:\program files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
FF - ExtSQL: 2013-01-22 16:40; 50feb1e078532@50feb1e07856b.com; c:\users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\8u7zp0lf.default\extensions\50feb1e078532@50feb1e07856b.com
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Ά~]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Ά~\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*¨‚|]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*¨‚|\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ÎŮ~]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ÎŮ~\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*×>]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*×>\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*e;3f~*€ÎÓĽ]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*e;3f~*€ÎÓĽ\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*HT$|]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*HT$|\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*óZÓD]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*óZÓD\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*YŠ§F]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*YŠ§F\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘ďt]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘ďt\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ąźž+]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ąźž+\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*„¬śQ]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*„¬śQ\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*űČşY]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*űČşY\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*čD]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*čD\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*[čD]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*[čD\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ˇčD]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ˇčD\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*6˙i;]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-177100379-174471381-3026543983-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*6˙i;\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4884)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG2013\avgrsx.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\taskhost.exe
c:\program files\AVG\AVG2013\avgnsx.exe
c:\program files\AVG\AVG2013\avgemcx.exe
c:\program files\BatteryCare\BatteryCare.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\program files\Synaptics\Scrybe\scrybe.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\wbem\WmiApSrv.exe
.
**************************************************************************
.
Celkový čas: 2013-01-26 22:51:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-26 21:51
ComboFix2.txt 2013-01-26 21:01
.
Před spuštěním: Volných bajtů: 189 385 330 688
Po spuštění: Volných bajtů: 189 334 507 520
.
- - End Of File - - FD2C6E43664D54A6DF94482D73E6B2AC
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Malware - i.trkjmp.com

#9 Příspěvek od Rudy »

Log je již OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
medvídeček
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 29 bře 2009 16:23

Re: Malware - i.trkjmp.com

#10 Příspěvek od medvídeček »

bohužel ne :(
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Malware - i.trkjmp.com

#11 Příspěvek od Rudy »

Kde se nachází?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
medvídeček
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 29 bře 2009 16:23

Re: Malware - i.trkjmp.com

#12 Příspěvek od medvídeček »

Nějak nerozumím otázce.

Pokud myslíte, kde na stránce, tak v tuto chvíli třeba:

Obrázek

Je to různé, po znovu načtení stránky je odkaz zase u jiného slova. Na stránce se jich pak zobrazuje i více. A je úplně jedno jestli používám Chrome nebo Firefox.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Malware - i.trkjmp.com

#13 Příspěvek od Rudy »

OK. Stáhněte, nainstalujte a spusťte SuperAntispyware: http://www.stahuj.centrum.cz/utility_a_ ... tispyware/ . Updatujte a proveď sken. Smažte všechno, co najde.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
medvídeček
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 29 bře 2009 16:23

Re: Malware - i.trkjmp.com

#14 Příspěvek od medvídeček »

Během toho co SuperAntispyware skenoval, jsem trochu pátrala po netu a narazila tuto stránku
http://forums.anvisoft.com/viewtopic-53-1342-0.html

Je to postup jak se ho zbavit. Po přečtení jsem tedy koukla do rozšíření prohlížečů, kde jsem sice i.trkjmp.com nenašla, za to tam byl savebyclick. Ten se mi nainstaloval s aktualizací pdfcreatoru, sice jsem ho hnedka odinstalovala přes revo unistaller, ale v prohlížečích evidentně zůstal. Takže jsem jej odebrala a teď to vypadá, že problém je vyřešen. :)


Takže moc děkuji za pomoc.


PS: SuperAntispyware našel a smazal jen cookies.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Malware - i.trkjmp.com

#15 Příspěvek od Rudy »

OK, nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“