VIRY.CZ

Dobrý deň,

môj antivírusový program(ESET Smart security 6 )detektoval vírus Win 32/sirefef.ez v operačnej pamati. Antivirusový program ho nevie viliečiť. Počitač sa prehrieva, je pomalý, vírus pravdepodobne spomaľuje internetovú sieť a blokuje prístup k niektorým stránkam.

prikladám log z RSIT a prosím Vás o pomoc.

Dakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by johny at 2013-01-31 22:43:15
Microsoft Windows 7 Ultimate
System drive C: has 49 GB (37%) free of 131 GB
Total RAM: 3071 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:43:30, on 31.01.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\johny\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\johny\Downloads\RSIT.exe
C:\Program Files\trend micro\johny.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/?s=CBJe0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.euba:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SBCONVERT - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\grabber.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\johny\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{4A90B40D-BDA4-42DB-9C32-43776342353B}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: vToolbarUpdater14.0.1 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe

--
End of file - 9760 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3726182656-2076420735-390528189-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3726182656-2076420735-390528189-1000UA.job
C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task aa080bb9-30de-4f38-886f-d5bda75c70d1.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task ef27f5fd-3e3f-424e-b903-13e78dbcfb43.job

=========Mozilla firefox=========

ProfilePath - C:\Users\johny\AppData\Roaming\Mozilla\Firefox\Profiles\8m1n5ob1.default

"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\14.0.2.14
"searchpredict@speedbit.com"=C:\Program Files\SearchPredict\PRFireFox
"{0329E7D6-6F54-462D-93F6-F5C3118BADF2}"=C:\Program Files\SPEEDbit Video Downloader\SPFireFox


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
avg-secure-search.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Users\johny\AppData\Roaming\Mozilla\Firefox\Profiles\8m1n5ob1.default\searchplugins\
speedbit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
SearchPredictObj Class - C:\Program Files\SearchPredict\SearchPredict.dll [2012-10-02 510144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-12 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92A9ACF4-9333-43AE-9698-DB283326F87F}]
SBCONVERT Class - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll [2012-11-20 2660016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll [2013-01-26 1883824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-12 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000}]
GrabberObj Class - C:\Program Files\SPEEDbit Video Downloader\Toolbar\grabber.dll [2012-11-20 361696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B922D405-6D13-4A2B-AE89-08A030DA4402} -
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll [2013-01-26 1883824]
{0329E7D6-6F54-462D-93F6-F5C3118BADF2} - SpeedBit Video Downloader - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll [2012-11-20 2660016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-26 85160]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
""= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-01-26 1101488]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-11-26 5074384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-10-22 641400]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-06-18 1173504]
"Google Update"=C:\Users\johny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-09 136176]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-11-01 4763008]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\johny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-01-31 22:43:15 ----D---- C:\Program Files\trend micro
2013-01-31 22:43:14 ----D---- C:\rsit
2013-01-29 17:04:35 ----D---- C:\Users\johny\AppData\Roaming\SUPERAntiSpyware.com
2013-01-29 17:03:09 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2013-01-29 17:03:09 ----D---- C:\Program Files\SUPERAntiSpyware
2013-01-29 13:36:13 ----A---- C:\Windows\ntbtlog.txt
2013-01-29 12:09:21 ----D---- C:\Program Files\CCleaner
2013-01-29 00:35:25 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-01-29 00:35:25 ----A---- C:\Windows\system32\javaw.exe
2013-01-29 00:35:25 ----A---- C:\Windows\system32\java.exe
2013-01-25 15:13:50 ----D---- C:\ProgramData\ESET
2013-01-25 15:13:50 ----D---- C:\Program Files\ESET

======List of files/folders modified in the last 1 month======

2013-01-31 22:43:26 ----D---- C:\Windows\Prefetch
2013-01-31 22:43:17 ----D---- C:\Windows\Temp
2013-01-31 22:43:15 ----RD---- C:\Program Files
2013-01-31 22:19:06 ----D---- C:\Windows\System32
2013-01-31 22:19:06 ----D---- C:\Windows\inf
2013-01-31 22:19:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-31 22:11:13 ----D---- C:\Windows\tracing
2013-01-31 21:34:08 ----D---- C:\Users\johny\AppData\Roaming\uTorrent
2013-01-31 08:47:19 ----D---- C:\Windows\system32\drivers
2013-01-29 21:34:16 ----D---- C:\Windows\system32\config
2013-01-29 21:14:47 ----D---- C:\Windows\rescache
2013-01-29 17:04:52 ----D---- C:\Windows\Tasks
2013-01-29 17:04:52 ----D---- C:\Windows\system32\Tasks
2013-01-29 17:04:35 ----HD---- C:\ProgramData
2013-01-29 14:34:33 ----D---- C:\Windows
2013-01-29 14:11:52 ----SD---- C:\ProgramData\Microsoft
2013-01-29 12:13:05 ----D---- C:\Windows\SoftwareDistribution
2013-01-29 12:13:05 ----D---- C:\Windows\Panther
2013-01-29 12:13:05 ----D---- C:\Windows\ModemLogs
2013-01-29 12:13:05 ----D---- C:\Windows\Logs
2013-01-29 12:13:05 ----D---- C:\Windows\debug
2013-01-29 00:35:36 ----SHD---- C:\Windows\Installer
2013-01-29 00:35:35 ----HD---- C:\Config.Msi
2013-01-29 00:35:25 ----D---- C:\Program Files\Java
2013-01-29 00:33:45 ----SHD---- C:\System Volume Information
2013-01-28 20:18:37 ----D---- C:\Windows\winsxs
2013-01-28 20:18:30 ----D---- C:\Windows\system32\en-US
2013-01-28 19:48:52 ----D---- C:\ProgramData\AVG Secure Search
2013-01-26 00:52:01 ----D---- C:\Program Files\AVG Secure Search
2013-01-26 00:51:45 ----D---- C:\Program Files\Common Files\AVG Secure Search
2013-01-25 16:19:45 ----D---- C:\Windows\system32\DriverStore
2013-01-25 16:19:45 ----D---- C:\Windows\system32\catroot
2013-01-21 09:15:26 ----D---- C:\Windows\system32\catroot2
2013-01-21 09:13:45 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-01-20 20:06:53 ----D---- C:\Program Files\Mozilla Firefox
2013-01-10 18:57:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-11-28 47056]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-01-26 31576]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-06-18 387584]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-10-08 170656]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-10-08 121216]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 46056]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS [2012-03-02 51072]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-10-08 149568]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-06 72576]
R3 netr28;Ralink 802.11n Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr28.sys [2009-07-13 530944]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 DynCal;Dynamic Calibration Service; C:\Windows\system32\drivers\Dyncal.sys [2007-11-07 12928]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2012-04-06 102784]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-06 85248]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2010-06-18 175752]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 xnacc;XBOX 360 Controller For Windows Driver Service; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 465408]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-11-26 1329304]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [2013-01-26 945328]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-13 116648]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-10 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-13 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-20 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-09 1343400]
S4 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2012-06-13 792512]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

-----------------EOF-----------------

Zdravim

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V okne Additional Option zakliknete vsechny moznosti
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

postupoval som podla návodu a prípájam log.

23:02:07.0572 4892 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:02:07.0696 4892 ============================================================
23:02:07.0696 4892 Current date / time: 2013/01/31 23:02:07.0696
23:02:07.0696 4892 SystemInfo:
23:02:07.0696 4892
23:02:07.0696 4892 OS Version: 6.1.7600 ServicePack: 0.0
23:02:07.0696 4892 Product type: Workstation
23:02:07.0696 4892 ComputerName: JOHNY-PC
23:02:07.0697 4892 UserName: johny
23:02:07.0697 4892 Windows directory: C:\Windows
23:02:07.0697 4892 System windows directory: C:\Windows
23:02:07.0697 4892 Processor architecture: Intel x86
23:02:07.0697 4892 Number of processors: 2
23:02:07.0697 4892 Page size: 0x1000
23:02:07.0697 4892 Boot type: Normal boot
23:02:07.0697 4892 ============================================================
23:02:09.0620 4892 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:02:09.0623 4892 ============================================================
23:02:09.0623 4892 \Device\Harddisk0\DR0:
23:02:09.0623 4892 MBR partitions:
23:02:09.0623 4892 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFF5219A
23:02:09.0623 4892 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFF521D9, BlocksNum 0x2A432A68
23:02:09.0623 4892 ============================================================
23:02:09.0642 4892 C: <-> \Device\Harddisk0\DR0\Partition1
23:02:09.0685 4892 D: <-> \Device\Harddisk0\DR0\Partition2
23:02:09.0686 4892 ============================================================
23:02:09.0686 4892 Initialize success
23:02:09.0686 4892 ============================================================
23:03:25.0523 4644 ============================================================
23:03:25.0524 4644 Scan started
23:03:25.0524 4644 Mode: Manual; SigCheck; TDLFS;
23:03:25.0524 4644 ============================================================
23:03:26.0177 4644 ================ Scan system memory ========================
23:03:26.0177 4644 System memory - ok
23:03:26.0178 4644 ================ Scan services =============================
23:03:26.0269 4644 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
23:03:26.0358 4644 !SASCORE - ok
23:03:26.0523 4644 [ 04DAA77E1E752109AEA17BEEF16E6EBF ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
23:03:26.0576 4644 1394ohci - ok
23:03:26.0607 4644 [ 4984C69B47AEDEBEF33EB90572160D30 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
23:03:26.0639 4644 ACPI - ok
23:03:26.0666 4644 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
23:03:26.0741 4644 AcpiPmi - ok
23:03:26.0829 4644 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:03:26.0858 4644 AdobeFlashPlayerUpdateSvc - ok
23:03:26.0888 4644 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:03:26.0927 4644 adp94xx - ok
23:03:26.0958 4644 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:03:26.0992 4644 adpahci - ok
23:03:27.0012 4644 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:03:27.0043 4644 adpu320 - ok
23:03:27.0079 4644 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:03:27.0107 4644 AeLookupSvc - ok
23:03:27.0162 4644 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
23:03:27.0227 4644 AFD - ok
23:03:27.0271 4644 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
23:03:27.0296 4644 agp440 - ok
23:03:27.0320 4644 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
23:03:27.0345 4644 aic78xx - ok
23:03:27.0382 4644 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
23:03:27.0422 4644 ALG - ok
23:03:27.0442 4644 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
23:03:27.0466 4644 aliide - ok
23:03:27.0505 4644 [ B19505648F033393E907E2E419FDE8B3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:03:27.0584 4644 AMD External Events Utility - ok
23:03:27.0608 4644 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
23:03:27.0634 4644 amdagp - ok
23:03:27.0649 4644 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
23:03:27.0676 4644 amdide - ok
23:03:27.0719 4644 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:03:27.0770 4644 AmdK8 - ok
23:03:27.0780 4644 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:03:27.0829 4644 AmdPPM - ok
23:03:27.0877 4644 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:03:27.0902 4644 amdsata - ok
23:03:27.0932 4644 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:03:27.0962 4644 amdsbs - ok
23:03:27.0982 4644 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:03:28.0007 4644 amdxata - ok
23:03:28.0056 4644 [ 4A8CB8FEA9DCB6F93017F413E2646001 ] Angelnt C:\Windows\System32\Drivers\ANGELNT.SYS
23:03:28.0083 4644 Angelnt ( UnsignedFile.Multi.Generic ) - warning
23:03:28.0083 4644 Angelnt - detected UnsignedFile.Multi.Generic (1)
23:03:28.0123 4644 [ A1136E9BEE592DF0814DBD2FA5695973 ] AppID C:\Windows\system32\drivers\appid.sys
23:03:28.0164 4644 AppID - ok
23:03:28.0200 4644 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:03:28.0239 4644 AppIDSvc - ok
23:03:28.0259 4644 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
23:03:28.0302 4644 Appinfo - ok
23:03:28.0384 4644 [ 592F7AE254995274E166EEC95C28F551 ] Application Updater C:\Program Files\Application Updater\ApplicationUpdater.exe
23:03:28.0440 4644 Application Updater - ok
23:03:28.0473 4644 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
23:03:28.0504 4644 AppMgmt - ok
23:03:28.0535 4644 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
23:03:28.0563 4644 arc - ok
23:03:28.0587 4644 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:03:28.0613 4644 arcsas - ok
23:03:28.0639 4644 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:03:28.0746 4644 AsyncMac - ok
23:03:28.0781 4644 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
23:03:28.0806 4644 atapi - ok
23:03:28.0978 4644 [ 04F09923A393E4E0E8453A8F78361E73 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:03:29.0189 4644 atikmdag - ok
23:03:29.0234 4644 [ 3D487F48CAF2C75CC7185ED34A4894C1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:03:29.0296 4644 AudioEndpointBuilder - ok
23:03:29.0323 4644 [ 3D487F48CAF2C75CC7185ED34A4894C1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:03:29.0356 4644 Audiosrv - ok
23:03:29.0400 4644 [ 740970262714E0575F23A917A2A53A31 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
23:03:29.0435 4644 avgtp - ok
23:03:29.0470 4644 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:03:29.0576 4644 AxInstSV - ok
23:03:29.0623 4644 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
23:03:29.0688 4644 b06bdrv - ok
23:03:29.0729 4644 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
23:03:29.0764 4644 b57nd60x - ok
23:03:29.0807 4644 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
23:03:29.0851 4644 BDESVC - ok
23:03:29.0880 4644 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
23:03:29.0944 4644 Beep - ok
23:03:29.0989 4644 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
23:03:30.0064 4644 BFE - ok
23:03:30.0087 4644 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:03:30.0131 4644 blbdrive - ok
23:03:30.0169 4644 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:03:30.0229 4644 bowser - ok
23:03:30.0263 4644 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:03:30.0304 4644 BrFiltLo - ok
23:03:30.0320 4644 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:03:30.0359 4644 BrFiltUp - ok
23:03:30.0404 4644 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
23:03:30.0459 4644 Browser - ok
23:03:30.0491 4644 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:03:30.0534 4644 Brserid - ok
23:03:30.0558 4644 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:03:30.0605 4644 BrSerWdm - ok
23:03:30.0631 4644 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:03:30.0672 4644 BrUsbMdm - ok
23:03:30.0692 4644 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:03:30.0731 4644 BrUsbSer - ok
23:03:30.0757 4644 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:03:30.0798 4644 BTHMODEM - ok
23:03:30.0849 4644 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
23:03:30.0929 4644 bthserv - ok
23:03:30.0975 4644 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:03:31.0042 4644 cdfs - ok
23:03:31.0085 4644 [ BB63132C854BC53D2826F4D4B92C9C35 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:03:31.0129 4644 cdrom - ok
23:03:31.0156 4644 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
23:03:31.0230 4644 CertPropSvc - ok
23:03:31.0266 4644 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:03:31.0316 4644 circlass - ok
23:03:31.0349 4644 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
23:03:31.0381 4644 CLFS - ok
23:03:31.0430 4644 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:03:31.0454 4644 clr_optimization_v2.0.50727_32 - ok
23:03:31.0539 4644 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:03:31.0586 4644 clr_optimization_v4.0.30319_32 - ok
23:03:31.0616 4644 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:03:31.0642 4644 CmBatt - ok
23:03:31.0659 4644 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
23:03:31.0683 4644 cmdide - ok
23:03:31.0732 4644 [ F1D4C07CACFB4D1A1A7B06493F4F4EF4 ] CNG C:\Windows\system32\Drivers\cng.sys
23:03:31.0779 4644 CNG - ok
23:03:31.0815 4644 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:03:31.0841 4644 Compbatt - ok
23:03:31.0858 4644 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:03:31.0896 4644 CompositeBus - ok
23:03:31.0916 4644 COMSysApp - ok
23:03:31.0935 4644 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:03:31.0959 4644 crcdisk - ok
23:03:32.0025 4644 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:03:32.0066 4644 CryptSvc - ok
23:03:32.0111 4644 [ 149A72B731B29557BE1CD2AC99039688 ] CSC C:\Windows\system32\drivers\csc.sys
23:03:32.0118 4644 Suspicious file (Forged): C:\Windows\system32\drivers\csc.sys. Real md5: 149A72B731B29557BE1CD2AC99039688, Fake md5: 89385BE480B225C72E2B8E84D5E00426
23:03:32.0125 4644 CSC ( Virus.Win32.ZAccess.aml ) - infected
23:03:32.0125 4644 CSC - detected Virus.Win32.ZAccess.aml (0)
23:03:32.0162 4644 [ 340C7FB0942F80D785E4FB2FC1B1FF14 ] CscService C:\Windows\System32\cscsvc.dll
23:03:32.0228 4644 CscService - ok
23:03:32.0273 4644 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
23:03:32.0367 4644 DcomLaunch - ok
23:03:32.0401 4644 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
23:03:32.0461 4644 defragsvc - ok
23:03:32.0495 4644 [ 886E8C1608146CC355DDD455F5C8DD87 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:03:32.0559 4644 DfsC - ok
23:03:32.0597 4644 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:03:32.0689 4644 Dhcp - ok
23:03:32.0707 4644 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
23:03:32.0776 4644 discache - ok
23:03:32.0818 4644 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:03:32.0844 4644 Disk - ok
23:03:32.0883 4644 [ B3A0A4414D8EC1DD28018004CE8DCBEE ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:03:32.0919 4644 Dnscache - ok
23:03:32.0946 4644 [ F72EF8E6BE6D41691A23F2F07D3E1682 ] dot3svc C:\Windows\System32\dot3svc.dll
23:03:32.0995 4644 dot3svc - ok
23:03:33.0062 4644 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
23:03:33.0112 4644 Dot4 - ok
23:03:33.0165 4644 [ C25FEA07A8E7767E8B89AB96A3B96519 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:03:33.0211 4644 Dot4Print - ok
23:03:33.0264 4644 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
23:03:33.0301 4644 dot4usb - ok
23:03:33.0356 4644 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
23:03:33.0421 4644 DPS - ok
23:03:33.0459 4644 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:03:33.0499 4644 drmkaud - ok
23:03:33.0553 4644 [ 7F4D13F3F468F8EC3C698A154AC52C93 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:03:33.0612 4644 DXGKrnl - ok
23:03:33.0656 4644 [ 1D995CF2789E2844FC538C540E8563DE ] DynCal C:\Windows\system32\drivers\Dyncal.sys
23:03:33.0664 4644 DynCal ( UnsignedFile.Multi.Generic ) - warning
23:03:33.0665 4644 DynCal - detected UnsignedFile.Multi.Generic (1)
23:03:33.0726 4644 [ C73D90A437907C2398D32CCE618FE808 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
23:03:33.0750 4644 eamonm - ok
23:03:33.0804 4644 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
23:03:33.0876 4644 EapHost - ok
23:03:33.0987 4644 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
23:03:34.0137 4644 ebdrv - ok
23:03:34.0169 4644 [ A6034689ACF9D14973F8384AD5A5451E ] EFS C:\Windows\System32\lsass.exe
23:03:34.0210 4644 EFS - ok
23:03:34.0281 4644 [ 4F72DD48A2ED63A57C1210228A472020 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
23:03:34.0302 4644 ehdrv - ok
23:03:34.0367 4644 [ BC667D6C0A8A857CABA77818F1A953FD ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:03:34.0438 4644 ehRecvr - ok
23:03:34.0464 4644 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
23:03:34.0508 4644 ehSched - ok
23:03:34.0618 4644 [ E95AB781773870BD68ABE1AE1B57A8AC ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
23:03:34.0692 4644 ekrn - ok
23:03:34.0731 4644 [ 178CC9403816C082D22A1D47FA1F9C85 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
23:03:34.0754 4644 ElbyCDIO - ok
23:03:34.0794 4644 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:03:34.0847 4644 elxstor - ok
23:03:34.0895 4644 [ 0C0C50813FC59C145B604B1DCCFFB377 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
23:03:34.0919 4644 epfw - ok
23:03:34.0948 4644 [ A047420F4A55C1695A46468341558136 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
23:03:34.0967 4644 EpfwLWF - ok
23:03:35.0008 4644 [ 0C42AA79B74E0454465FAA2D28A5B980 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
23:03:35.0026 4644 epfwwfp - ok
23:03:35.0048 4644 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
23:03:35.0086 4644 ErrDev - ok
23:03:35.0140 4644 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
23:03:35.0221 4644 EventSystem - ok
23:03:35.0274 4644 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
23:03:35.0319 4644 ew_hwusbdev - ok
23:03:35.0348 4644 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
23:03:35.0419 4644 exfat - ok
23:03:35.0446 4644 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:03:35.0528 4644 fastfat - ok
23:03:35.0582 4644 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
23:03:35.0650 4644 Fax - ok
23:03:35.0664 4644 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:03:35.0708 4644 fdc - ok
23:03:35.0727 4644 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
23:03:35.0796 4644 fdPHost - ok
23:03:35.0824 4644 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
23:03:35.0895 4644 FDResPub - ok
23:03:35.0923 4644 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:03:35.0948 4644 FileInfo - ok
23:03:35.0968 4644 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:03:36.0022 4644 Filetrace - ok
23:03:36.0031 4644 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:03:36.0079 4644 flpydisk - ok
23:03:36.0111 4644 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:03:36.0142 4644 FltMgr - ok
23:03:36.0191 4644 [ D76CFBF028DCC4B6FA287CAA3DA29D78 ] FontCache C:\Windows\system32\FntCache.dll
23:03:36.0267 4644 FontCache - ok
23:03:36.0317 4644 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:03:36.0337 4644 FontCache3.0.0.0 - ok
23:03:36.0358 4644 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:03:36.0383 4644 FsDepends - ok
23:03:36.0398 4644 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:03:36.0424 4644 Fs_Rec - ok
23:03:36.0455 4644 [ 0C0386C5B33812BE2E7188E5E82621DC ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:03:36.0492 4644 fvevol - ok
23:03:36.0517 4644 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:03:36.0544 4644 gagp30kx - ok
23:03:36.0584 4644 [ 161670809D3F25A464C4B67FEA088F57 ] gpsvc C:\Windows\System32\gpsvc.dll
23:03:36.0657 4644 gpsvc - ok
23:03:36.0734 4644 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:03:36.0755 4644 gupdate - ok
23:03:36.0763 4644 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:03:36.0785 4644 gupdatem - ok
23:03:36.0818 4644 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
23:03:36.0837 4644 hamachi - ok
23:03:36.0860 4644 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:03:36.0906 4644 hcw85cir - ok
23:03:36.0951 4644 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:03:37.0003 4644 HdAudAddService - ok
23:03:37.0036 4644 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:03:37.0076 4644 HDAudBus - ok
23:03:37.0087 4644 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:03:37.0119 4644 HidBatt - ok
23:03:37.0131 4644 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:03:37.0174 4644 HidBth - ok
23:03:37.0200 4644 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:03:37.0244 4644 HidIr - ok
23:03:37.0282 4644 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
23:03:37.0348 4644 hidserv - ok
23:03:37.0392 4644 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:03:37.0421 4644 HidUsb - ok
23:03:37.0436 4644 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:03:37.0500 4644 hkmsvc - ok
23:03:37.0532 4644 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:03:37.0583 4644 HomeGroupListener - ok
23:03:37.0622 4644 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:03:37.0674 4644 HomeGroupProvider - ok
23:03:37.0821 4644 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:03:37.0849 4644 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
23:03:37.0849 4644 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
23:03:37.0905 4644 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:03:37.0929 4644 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
23:03:37.0929 4644 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
23:03:37.0958 4644 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
23:03:37.0983 4644 HpSAMD - ok
23:03:38.0084 4644 [ 79737E0F7D25DE8405CB34D4C9882253 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
23:03:38.0134 4644 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
23:03:38.0135 4644 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
23:03:38.0189 4644 [ 33BD3B302AAF1BAE758B1A73D0279972 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:03:38.0275 4644 HTTP - ok
23:03:38.0313 4644 [ B93F069ECDF7449EAAC5B887D59A23D1 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
23:03:38.0341 4644 huawei_cdcacm - ok
23:03:38.0366 4644 [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
23:03:38.0431 4644 huawei_enumerator - ok
23:03:38.0471 4644 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:03:38.0495 4644 hwpolicy - ok
23:03:38.0548 4644 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:03:38.0588 4644 i8042prt - ok
23:03:38.0621 4644 [ B9039A34C2F8769490DCC494E2402445 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:03:38.0655 4644 iaStorV - ok
23:03:38.0724 4644 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:03:38.0789 4644 idsvc - ok
23:03:38.0819 4644 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:03:38.0844 4644 iirsp - ok
23:03:38.0898 4644 [ 259CC9088CBAC6571478428B03B50FED ] IKEEXT C:\Windows\System32\ikeext.dll
23:03:38.0964 4644 IKEEXT - ok
23:03:39.0000 4644 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
23:03:39.0025 4644 intelide - ok
23:03:39.0049 4644 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:03:39.0081 4644 intelppm - ok
23:03:39.0112 4644 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:03:39.0185 4644 IPBusEnum - ok
23:03:39.0206 4644 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:03:39.0259 4644 IpFilterDriver - ok
23:03:39.0321 4644 [ F610F234638F0F42B55E0FE268033FA8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:03:39.0374 4644 iphlpsvc - ok
23:03:39.0385 4644 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:03:39.0446 4644 IPMIDRV - ok
23:03:39.0457 4644 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:03:39.0517 4644 IPNAT - ok
23:03:39.0546 4644 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:03:39.0590 4644 IRENUM - ok
23:03:39.0624 4644 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
23:03:39.0648 4644 isapnp - ok
23:03:39.0684 4644 [ BB1B120FED24D379A9D523EB27F78953 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:03:39.0715 4644 iScsiPrt - ok
23:03:39.0741 4644 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:03:39.0768 4644 kbdclass - ok
23:03:39.0807 4644 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:03:39.0849 4644 kbdhid - ok
23:03:39.0868 4644 [ A6034689ACF9D14973F8384AD5A5451E ] KeyIso C:\Windows\system32\lsass.exe
23:03:39.0894 4644 KeyIso - ok
23:03:39.0934 4644 [ 5A07985C21039E42AC014853B7CD5A05 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:03:39.0960 4644 KSecDD - ok
23:03:39.0992 4644 [ C6D3E16C897C88BF65949B49CE58DD83 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:03:40.0020 4644 KSecPkg - ok
23:03:40.0057 4644 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
23:03:40.0132 4644 KtmRm - ok
23:03:40.0166 4644 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
23:03:40.0228 4644 LanmanServer - ok
23:03:40.0256 4644 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:03:40.0327 4644 LanmanWorkstation - ok
23:03:40.0367 4644 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:03:40.0433 4644 lltdio - ok
23:03:40.0463 4644 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:03:40.0532 4644 lltdsvc - ok
23:03:40.0556 4644 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
23:03:40.0623 4644 lmhosts - ok
23:03:40.0658 4644 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:03:40.0687 4644 LSI_FC - ok
23:03:40.0708 4644 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:03:40.0734 4644 LSI_SAS - ok
23:03:40.0756 4644 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:03:40.0782 4644 LSI_SAS2 - ok
23:03:40.0806 4644 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:03:40.0833 4644 LSI_SCSI - ok
23:03:40.0864 4644 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
23:03:40.0933 4644 luafv - ok
23:03:40.0960 4644 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:03:40.0992 4644 Mcx2Svc - ok
23:03:41.0012 4644 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:03:41.0036 4644 megasas - ok
23:03:41.0064 4644 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:03:41.0097 4644 MegaSR - ok
23:03:41.0180 4644 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:03:41.0203 4644 Microsoft Office Groove Audit Service - ok
23:03:41.0229 4644 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
23:03:41.0297 4644 MMCSS - ok
23:03:41.0322 4644 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
23:03:41.0390 4644 Modem - ok
23:03:41.0427 4644 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:03:41.0472 4644 monitor - ok
23:03:41.0508 4644 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:03:41.0533 4644 mouclass - ok
23:03:41.0557 4644 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:03:41.0602 4644 mouhid - ok
23:03:41.0623 4644 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:03:41.0649 4644 mountmgr - ok
23:03:41.0700 4644 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:03:41.0726 4644 MozillaMaintenance - ok
23:03:41.0743 4644 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
23:03:41.0773 4644 mpio - ok
23:03:41.0795 4644 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:03:41.0859 4644 mpsdrv - ok
23:03:41.0916 4644 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
23:03:42.0008 4644 MpsSvc - ok
23:03:42.0028 4644 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:03:42.0062 4644 MRxDAV - ok
23:03:42.0090 4644 [ AE6248D356C6C1DE1623F0610B7FB0A3 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:03:42.0128 4644 mrxsmb - ok
23:03:42.0144 4644 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:03:42.0186 4644 mrxsmb10 - ok
23:03:42.0207 4644 [ 05FCF029FB6915DF707222D3806C760A ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:03:42.0243 4644 mrxsmb20 - ok
23:03:42.0263 4644 [ 0ED67F9A46BCF83092AE8691E3459C32 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
23:03:42.0287 4644 msahci - ok
23:03:42.0329 4644 [ C575749358DE482326943BDDF0BEB64B ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
23:03:42.0355 4644 msdsm - ok
23:03:42.0379 4644 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
23:03:42.0414 4644 MSDTC - ok
23:03:42.0461 4644 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:03:42.0516 4644 Msfs - ok
23:03:42.0535 4644 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:03:42.0602 4644 mshidkmdf - ok
23:03:42.0612 4644 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
23:03:42.0638 4644 msisadrv - ok
23:03:42.0697 4644 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:03:42.0789 4644 MSiSCSI - ok
23:03:42.0798 4644 msiserver - ok
23:03:42.0826 4644 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:03:42.0893 4644 MSKSSRV - ok
23:03:42.0917 4644 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:03:42.0985 4644 MSPCLOCK - ok
23:03:43.0009 4644 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:03:43.0073 4644 MSPQM - ok
23:03:43.0107 4644 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:03:43.0137 4644 MsRPC - ok
23:03:43.0174 4644 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:03:43.0199 4644 mssmbios - ok
23:03:43.0210 4644 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:03:43.0264 4644 MSTEE - ok
23:03:43.0288 4644 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:03:43.0327 4644 MTConfig - ok
23:03:43.0353 4644 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
23:03:43.0381 4644 Mup - ok
23:03:43.0409 4644 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
23:03:43.0499 4644 napagent - ok
23:03:43.0532 4644 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:03:43.0585 4644 NativeWifiP - ok
23:03:43.0668 4644 [ B498A14133BD09AD0817590ACE4470AD ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
23:03:43.0724 4644 NBService - ok
23:03:43.0766 4644 [ 3CB507AB001DFFACA301CFE177631CCC ] NDIS C:\Windows\system32\drivers\ndis.sys
23:03:43.0824 4644 NDIS - ok
23:03:43.0847 4644 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:03:43.0913 4644 NdisCap - ok
23:03:43.0941 4644 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:03:43.0996 4644 NdisTapi - ok
23:03:44.0026 4644 [ BF6D06B889915B252333EE887479C5AC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:03:44.0082 4644 Ndisuio - ok
23:03:44.0124 4644 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:03:44.0178 4644 NdisWan - ok
23:03:44.0198 4644 [ F49FEF57E1828E243679F1E9A0B5F291 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:03:44.0230 4644 NDProxy - ok
23:03:44.0281 4644 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:03:44.0317 4644 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:03:44.0317 4644 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:03:44.0349 4644 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:03:44.0388 4644 NetBIOS - ok
23:03:44.0422 4644 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:03:44.0477 4644 NetBT - ok
23:03:44.0490 4644 [ A6034689ACF9D14973F8384AD5A5451E ] Netlogon C:\Windows\system32\lsass.exe
23:03:44.0517 4644 Netlogon - ok
23:03:44.0556 4644 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
23:03:44.0647 4644 Netman - ok
23:03:44.0679 4644 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
23:03:44.0775 4644 netprofm - ok
23:03:44.0819 4644 [ 652881F65B35564575255A0E05E23C55 ] netr28 C:\Windows\system32\DRIVERS\netr28.sys
23:03:44.0897 4644 netr28 - ok
23:03:44.0937 4644 [ C53BDF5C777386C96ADE3FD3DDF01A88 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:03:44.0961 4644 NetTcpPortSharing - ok
23:03:45.0009 4644 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:03:45.0034 4644 nfrd960 - ok
23:03:45.0074 4644 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
23:03:45.0152 4644 NlaSvc - ok
23:03:45.0216 4644 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
23:03:45.0242 4644 NMIndexingService - ok
23:03:45.0262 4644 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:03:45.0320 4644 Npfs - ok
23:03:45.0340 4644 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
23:03:45.0398 4644 nsi - ok
23:03:45.0416 4644 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:03:45.0489 4644 nsiproxy - ok
23:03:45.0563 4644 [ 72D1BB12770F86033C73E288CD8E3869 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:03:45.0641 4644 Ntfs - ok
23:03:45.0675 4644 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
23:03:45.0741 4644 Null - ok
23:03:45.0769 4644 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:03:45.0795 4644 nvraid - ok
23:03:45.0813 4644 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:03:45.0841 4644 nvstor - ok
23:03:45.0866 4644 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
23:03:45.0893 4644 nv_agp - ok
23:03:45.0962 4644 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:03:46.0009 4644 odserv - ok
23:03:46.0026 4644 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:03:46.0062 4644 ohci1394 - ok
23:03:46.0090 4644 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:03:46.0113 4644 ose - ok
23:03:46.0151 4644 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:03:46.0216 4644 p2pimsvc - ok
23:03:46.0251 4644 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
23:03:46.0318 4644 p2psvc - ok
23:03:46.0356 4644 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:03:46.0394 4644 Parport - ok
23:03:46.0426 4644 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:03:46.0451 4644 partmgr - ok
23:03:46.0474 4644 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
23:03:46.0510 4644 Parvdm - ok
23:03:46.0540 4644 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:03:46.0578 4644 PcaSvc - ok
23:03:46.0597 4644 [ 5B154C69B2940B91B93D7AC4266810E2 ] pci C:\Windows\system32\DRIVERS\pci.sys
23:03:46.0626 4644 pci - ok
23:03:46.0656 4644 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
23:03:46.0680 4644 pciide - ok
23:03:46.0693 4644 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:03:46.0727 4644 pcmcia - ok
23:03:46.0747 4644 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
23:03:46.0773 4644 pcw - ok
23:03:46.0809 4644 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:03:46.0902 4644 PEAUTH - ok
23:03:46.0977 4644 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:03:47.0061 4644 PeerDistSvc - ok
23:03:47.0138 4644 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
23:03:47.0261 4644 pla - ok
23:03:47.0298 4644 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:03:47.0358 4644 PlugPlay - ok
23:03:47.0418 4644 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:03:47.0431 4644 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:03:47.0431 4644 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:03:47.0454 4644 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:03:47.0505 4644 PNRPAutoReg - ok
23:03:47.0540 4644 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:03:47.0574 4644 PNRPsvc - ok
23:03:47.0620 4644 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:03:47.0680 4644 PolicyAgent - ok
23:03:47.0729 4644 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
23:03:47.0792 4644 Power - ok
23:03:47.0830 4644 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:03:47.0882 4644 PptpMiniport - ok
23:03:47.0899 4644 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:03:47.0938 4644 Processor - ok
23:03:47.0979 4644 [ DD71CFADB1D3EC1766628AE92C67D843 ] ProfSvc C:\Windows\system32\profsvc.dll
23:03:48.0012 4644 ProfSvc - ok
23:03:48.0034 4644 [ A6034689ACF9D14973F8384AD5A5451E ] ProtectedStorage C:\Windows\system32\lsass.exe
23:03:48.0062 4644 ProtectedStorage - ok
23:03:48.0082 4644 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:03:48.0151 4644 Psched - ok
23:03:48.0203 4644 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:03:48.0295 4644 ql2300 - ok
23:03:48.0317 4644 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:03:48.0345 4644 ql40xx - ok
23:03:48.0379 4644 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
23:03:48.0434 4644 QWAVE - ok
23:03:48.0454 4644 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:03:48.0488 4644 QWAVEdrv - ok
23:03:48.0503 4644 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:03:48.0565 4644 RasAcd - ok
23:03:48.0594 4644 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:03:48.0637 4644 RasAgileVpn - ok
23:03:48.0665 4644 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
23:03:48.0734 4644 RasAuto - ok
23:03:48.0757 4644 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:03:48.0820 4644 Rasl2tp - ok
23:03:48.0872 4644 [ F86A88F786D134273FA92C8FC4D224DC ] RasMan C:\Windows\System32\rasmans.dll
23:03:48.0922 4644 RasMan - ok
23:03:48.0944 4644 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:03:49.0016 4644 RasPppoe - ok
23:03:49.0061 4644 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:03:49.0122 4644 RasSstp - ok
23:03:49.0153 4644 [ D0D5F258A906A9A7226D0CE648C62FD5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:03:49.0216 4644 rdbss - ok
23:03:49.0235 4644 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:03:49.0279 4644 rdpbus - ok
23:03:49.0294 4644 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:03:49.0346 4644 RDPCDD - ok
23:03:49.0369 4644 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:03:49.0401 4644 RDPDR - ok
23:03:49.0438 4644 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:03:49.0486 4644 RDPENCDD - ok
23:03:49.0505 4644 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:03:49.0563 4644 RDPREFMP - ok
23:03:49.0599 4644 [ 9A67F7B4939F6A3EC7464C07737682F6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:03:49.0632 4644 RDPWD - ok
23:03:49.0668 4644 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:03:49.0698 4644 rdyboost - ok
23:03:49.0733 4644 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
23:03:49.0767 4644 RemoteAccess - ok
23:03:49.0800 4644 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:03:49.0859 4644 RemoteRegistry - ok
23:03:49.0879 4644 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:03:49.0936 4644 RpcEptMapper - ok
23:03:49.0957 4644 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
23:03:49.0995 4644 RpcLocator - ok
23:03:50.0027 4644 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
23:03:50.0088 4644 RpcSs - ok
23:03:50.0136 4644 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:03:50.0199 4644 rspndr - ok
23:03:50.0219 4644 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
23:03:50.0265 4644 s3cap - ok
23:03:50.0289 4644 [ A6034689ACF9D14973F8384AD5A5451E ] SamSs C:\Windows\system32\lsass.exe
23:03:50.0317 4644 SamSs - ok
23:03:50.0389 4644 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
23:03:50.0407 4644 SASDIFSV - ok
23:03:50.0420 4644 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
23:03:50.0441 4644 SASKUTIL - ok
23:03:50.0468 4644 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
23:03:50.0495 4644 sbp2port - ok
23:03:50.0530 4644 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:03:50.0599 4644 SCardSvr - ok
23:03:50.0633 4644 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:03:50.0702 4644 scfilter - ok
23:03:50.0769 4644 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
23:03:50.0839 4644 Schedule - ok
23:03:50.0865 4644 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:03:50.0917 4644 SCPolicySvc - ok
23:03:50.0953 4644 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:03:51.0000 4644 SDRSVC - ok
23:03:51.0033 4644 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:03:51.0098 4644 secdrv - ok
23:03:51.0125 4644 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
23:03:51.0195 4644 seclogon - ok
23:03:51.0219 4644 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
23:03:51.0276 4644 SENS - ok
23:03:51.0292 4644 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:03:51.0341 4644 SensrSvc - ok
23:03:51.0359 4644 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:03:51.0400 4644 Serenum - ok
23:03:51.0411 4644 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:03:51.0453 4644 Serial - ok
23:03:51.0513 4644 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:03:51.0544 4644 sermouse - ok
23:03:51.0586 4644 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
23:03:51.0658 4644 SessionEnv - ok
23:03:51.0677 4644 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
23:03:51.0717 4644 sffdisk - ok
23:03:51.0742 4644 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:03:51.0782 4644 sffp_mmc - ok
23:03:51.0791 4644 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
23:03:51.0826 4644 sffp_sd - ok
23:03:51.0836 4644 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:03:51.0866 4644 sfloppy - ok
23:03:51.0921 4644 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:03:51.0996 4644 SharedAccess - ok
23:03:52.0040 4644 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:03:52.0113 4644 ShellHWDetection - ok
23:03:52.0132 4644 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
23:03:52.0159 4644 sisagp - ok
23:03:52.0199 4644 [ 6F0C643C7F49F2091B01D014EAE72E1A ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSGB6.sys
23:03:52.0249 4644 SiSGbeLH - ok
23:03:52.0295 4644 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:03:52.0322 4644 SiSRaid2 - ok
23:03:52.0354 4644 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:03:52.0387 4644 SiSRaid4 - ok
23:03:52.0411 4644 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:03:52.0465 4644 Smb - ok
23:03:52.0533 4644 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:03:52.0557 4644 SNMPTRAP - ok
23:03:52.0574 4644 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
23:03:52.0596 4644 spldr - ok
23:03:52.0636 4644 [ 13B48314BF02091B30597DF20B71CBAC ] Spooler C:\Windows\System32\spoolsv.exe
23:03:52.0679 4644 Spooler - ok
23:03:52.0764 4644 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
23:03:52.0928 4644 sppsvc - ok
23:03:52.0970 4644 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:03:53.0047 4644 sppuinotify - ok
23:03:53.0089 4644 [ 110AD8CD36F173E917B1145950042B79 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:03:53.0154 4644 srv - ok
23:03:53.0190 4644 [ 0460A195747EC2CB8D07B9634E85D637 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:03:53.0236 4644 srv2 - ok
23:03:53.0272 4644 [ E461231D570586F158BECC94C342CBE0 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:03:53.0312 4644 srvnet - ok
23:03:53.0338 4644 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:03:53.0427 4644 SSDPSRV - ok
23:03:53.0448 4644 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:03:53.0519 4644 SstpSvc - ok
23:03:53.0549 4644 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:03:53.0583 4644 stexstor - ok
23:03:53.0637 4644 [ DE7E3BDC0D8645A0283BCD2F717C243D ] StiSvc C:\Windows\System32\wiaservc.dll
23:03:53.0686 4644 StiSvc - ok
23:03:53.0704 4644 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
23:03:53.0727 4644 storflt - ok
23:03:53.0762 4644 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
23:03:53.0784 4644 storvsc - ok
23:03:53.0810 4644 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:03:53.0831 4644 swenum - ok
23:03:53.0856 4644 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
23:03:53.0940 4644 swprv - ok
23:03:53.0989 4644 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
23:03:54.0070 4644 SysMain - ok
23:03:54.0095 4644 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:03:54.0135 4644 TabletInputService - ok
23:03:54.0170 4644 [ 16A6AB6FF5ADEFC778A306A21555C42E ] TapiSrv C:\Windows\System32\tapisrv.dll
23:03:54.0198 4644 TapiSrv - ok
23:03:54.0219 4644 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
23:03:54.0273 4644 TBS - ok
23:03:54.0336 4644 [ E47C2844A1605A44178F4281E4D58B3D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:03:54.0404 4644 Tcpip - ok
23:03:54.0453 4644 [ E47C2844A1605A44178F4281E4D58B3D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:03:54.0499 4644 TCPIP6 - ok
23:03:54.0534 4644 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:03:54.0585 4644 tcpipreg - ok
23:03:54.0615 4644 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:03:54.0645 4644 TDPIPE - ok
23:03:54.0675 4644 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:03:54.0694 4644 TDTCP - ok
23:03:54.0731 4644 [ 3CE2CC0B2B5E5B422DD20A2F0B340299 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:03:54.0787 4644 tdx - ok
23:03:54.0803 4644 [ 9A927FC5727F03F50602A260A1D6D7C2 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:03:54.0829 4644 TermDD - ok
23:03:54.0869 4644 [ F7ED85BE8F0C4F6B24FB3D687F80A762 ] TermService C:\Windows\System32\termsrv.dll
23:03:54.0939 4644 TermService - ok
23:03:54.0972 4644 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
23:03:55.0008 4644 Themes - ok
23:03:55.0018 4644 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
23:03:55.0075 4644 THREADORDER - ok
23:03:55.0098 4644 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
23:03:55.0165 4644 TrkWks - ok
23:03:55.0214 4644 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:03:55.0265 4644 TrustedInstaller - ok
23:03:55.0294 4644 [ 9DFF45630DF6E13B48BC01B8E799A781 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:03:55.0341 4644 tssecsrv - ok
23:03:55.0399 4644 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:03:55.0466 4644 tunnel - ok
23:03:55.0496 4644 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:03:55.0522 4644 uagp35 - ok
23:03:55.0553 4644 [ 6557D75E8B7D6A06CDC21CD39DBF255C ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:03:55.0588 4644 udfs - ok
23:03:55.0627 4644 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:03:55.0675 4644 UI0Detect - ok
23:03:55.0711 4644 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
23:03:55.0737 4644 uliagpkx - ok
23:03:55.0761 4644 [ 71BBF3E8078D585ABF27411A8986EB95 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:03:55.0787 4644 umbus - ok
23:03:55.0808 4644 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:03:55.0845 4644 UmPass - ok
23:03:55.0874 4644 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
23:03:55.0908 4644 UmRdpService - ok
23:03:55.0936 4644 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
23:03:55.0997 4644 upnphost - ok
23:03:56.0025 4644 [ 5C233AEFB566EE78C1EFBC0493FB066A ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:03:56.0066 4644 usbccgp - ok
23:03:56.0099 4644 [ 6EB45C02E2C8A5DBF9A119F76AE9BD95 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
23:03:56.0147 4644 usbcir - ok
23:03:56.0170 4644 [ 5B71019A6ACA0116FD21B368F19C0B91 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:03:56.0202 4644 usbehci - ok
23:03:56.0238 4644 [ 5823D3965C2A4F6F785ED1A3B403F3B8 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:03:56.0269 4644 usbhub - ok
23:03:56.0289 4644 [ E753ED6C49DA13967EBABF9EA616454A ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:03:56.0315 4644 usbohci - ok
23:03:56.0364 4644 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:03:56.0412 4644 usbprint - ok
23:03:56.0449 4644 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:03:56.0493 4644 usbscan - ok
23:03:56.0514 4644 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:03:56.0557 4644 USBSTOR - ok
23:03:56.0576 4644 [ 6A30928A469CE802600E1EA8C0F2F53F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:03:56.0614 4644 usbuhci - ok
23:03:56.0656 4644 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:03:56.0697 4644 usbvideo - ok
23:03:56.0740 4644 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
23:03:56.0808 4644 UxSms - ok
23:03:56.0818 4644 [ A6034689ACF9D14973F8384AD5A5451E ] VaultSvc C:\Windows\system32\lsass.exe
23:03:56.0849 4644 VaultSvc - ok
23:03:56.0880 4644 [ 1CDAA48CB2F7744B8D25650E050766A5 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
23:03:56.0911 4644 VClone - ok
23:03:56.0941 4644 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
23:03:56.0966 4644 vdrvroot - ok
23:03:57.0001 4644 [ 37E65C096633C95004628FA4B9518515 ] vds C:\Windows\System32\vds.exe
23:03:57.0053 4644 vds - ok
23:03:57.0080 4644 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:03:57.0110 4644 vga - ok
23:03:57.0134 4644 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:03:57.0187 4644 VgaSave - ok
23:03:57.0213 4644 [ 2FD298650B5739DD59D21CE5DDACA031 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
23:03:57.0244 4644 vhdmp - ok
23:03:57.0278 4644 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
23:03:57.0304 4644 viaagp - ok
23:03:57.0314 4644 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
23:03:57.0365 4644 ViaC7 - ok
23:03:57.0387 4644 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
23:03:57.0414 4644 viaide - ok
23:03:57.0432 4644 [ CDFD6BA00B8859FBEEB1BCE0F150DE68 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
23:03:57.0463 4644 vmbus - ok
23:03:57.0472 4644 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
23:03:57.0502 4644 VMBusHID - ok
23:03:57.0517 4644 [ 2C78240E17CE3599446F978B9580D31E ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
23:03:57.0547 4644 volmgr - ok
23:03:57.0569 4644 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:03:57.0606 4644 volmgrx - ok
23:03:57.0631 4644 [ F09688701E36722B4C1560456F481285 ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
23:03:57.0664 4644 volsnap - ok
23:03:57.0700 4644 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:03:57.0728 4644 vsmraid - ok
23:03:57.0787 4644 [ 90061E9E9CBB70E64D94643B848D949C ] VSS C:\Windows\system32\vssvc.exe
23:03:57.0854 4644 VSS - ok
23:03:57.0950 4644 [ 50D3941555FEFDF46424431702EC5FB6 ] vToolbarUpdater14.0.1 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
23:03:58.0020 4644 vToolbarUpdater14.0.1 - ok
23:03:58.0045 4644 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:03:58.0087 4644 vwifibus - ok
23:03:58.0149 4644 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:03:58.0184 4644 vwififlt - ok
23:03:58.0218 4644 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:03:58.0250 4644 vwifimp - ok
23:03:58.0287 4644 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
23:03:58.0363 4644 W32Time - ok
23:03:58.0387 4644 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:03:58.0415 4644 WacomPen - ok
23:03:58.0444 4644 [ DB3B1965C2FB1476D95E413C3B7CACBB ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:03:58.0470 4644 WANARP - ok
23:03:58.0477 4644 [ DB3B1965C2FB1476D95E413C3B7CACBB ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:03:58.0504 4644 Wanarpv6 - ok
23:03:58.0592 4644 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:03:58.0676 4644 WatAdminSvc - ok
23:03:58.0737 4644 [ ED6F570C5F6F82DA5BE4F92F9CECE521 ] wbengine C:\Windows\system32\wbengine.exe
23:03:58.0822 4644 wbengine - ok
23:03:58.0863 4644 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:03:58.0934 4644 WbioSrvc - ok
23:03:58.0973 4644 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:03:59.0025 4644 wcncsvc - ok
23:03:59.0041 4644 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:03:59.0090 4644 WcsPlugInService - ok
23:03:59.0131 4644 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:03:59.0156 4644 Wd - ok
23:03:59.0206 4644 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:03:59.0265 4644 Wdf01000 - ok
23:03:59.0280 4644 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:03:59.0330 4644 WdiServiceHost - ok
23:03:59.0337 4644 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:03:59.0380 4644 WdiSystemHost - ok
23:03:59.0408 4644 [ 208F15BC4432E93942AD6819C4591F37 ] WebClient C:\Windows\System32\webclnt.dll
23:03:59.0460 4644 WebClient - ok
23:03:59.0489 4644 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:03:59.0551 4644 Wecsvc - ok
23:03:59.0567 4644 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:03:59.0623 4644 wercplsupport - ok
23:03:59.0651 4644 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
23:03:59.0710 4644 WerSvc - ok
23:03:59.0745 4644 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:03:59.0813 4644 WfpLwf - ok
23:03:59.0841 4644 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:03:59.0867 4644 WIMMount - ok
23:03:59.0962 4644 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:04:00.0034 4644 WinDefend - ok
23:04:00.0051 4644 WinHttpAutoProxySvc - ok
23:04:00.0114 4644 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:04:00.0145 4644 Winmgmt - ok
23:04:00.0204 4644 [ E85BF88FE9C022C1277D775BA880A4D5 ] WinRM C:\Windows\system32\WsmSvc.dll
23:04:00.0343 4644 WinRM - ok
23:04:00.0501 4644 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:04:00.0574 4644 Wlansvc - ok
23:04:00.0611 4644 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:04:00.0654 4644 WmiAcpi - ok
23:04:00.0691 4644 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:04:00.0722 4644 wmiApSrv - ok
23:04:00.0836 4644 [ 923E653FF9049CE9544523C0D67B3D63 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:04:00.0916 4644 WMPNetworkSvc - ok
23:04:00.0945 4644 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:04:00.0992 4644 WPCSvc - ok
23:04:01.0014 4644 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:04:01.0063 4644 WPDBusEnum - ok
23:04:01.0093 4644 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:04:01.0161 4644 ws2ifsl - ok
23:04:01.0213 4644 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll
23:04:01.0263 4644 wscsvc - ok
23:04:01.0271 4644 WSearch - ok
23:04:01.0315 4644 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:04:01.0342 4644 WudfPf - ok
23:04:01.0366 4644 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:04:01.0411 4644 WUDFRd - ok
23:04:01.0450 4644 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:04:01.0490 4644 wudfsvc - ok
23:04:01.0532 4644 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
23:04:01.0579 4644 WwanSvc - ok
23:04:01.0647 4644 [ CE0C846127D6ABB1E2A22E59682B2527 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
23:04:01.0699 4644 xnacc - ok
23:04:01.0740 4644 ================ Scan global ===============================
23:04:01.0768 4644 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
23:04:01.0810 4644 [ 27CF1AB64FEA3B11036BD8138F9895AA ] C:\Windows\system32\winsrv.dll
23:04:01.0832 4644 [ 27CF1AB64FEA3B11036BD8138F9895AA ] C:\Windows\system32\winsrv.dll
23:04:01.0862 4644 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
23:04:01.0887 4644 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
23:04:01.0896 4644 [Global] - ok
23:04:01.0897 4644 ================ Scan MBR ==================================
23:04:01.0920 4644 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:04:02.0548 4644 \Device\Harddisk0\DR0 - ok
23:04:02.0549 4644 ================ Scan VBR ==================================
23:04:02.0555 4644 [ CA27515A0488694713FF59DB843303A4 ] \Device\Harddisk0\DR0\Partition1
23:04:02.0557 4644 \Device\Harddisk0\DR0\Partition1 - ok
23:04:02.0590 4644 [ 713CB735DCFDC7687FAAA341871ED455 ] \Device\Harddisk0\DR0\Partition2
23:04:02.0592 4644 \Device\Harddisk0\DR0\Partition2 - ok
23:04:02.0594 4644 ============================================================
23:04:02.0594 4644 Scan finished
23:04:02.0594 4644 ============================================================
23:04:02.0621 2584 Detected object count: 8
23:04:02.0621 2584 Actual detected object count: 8
23:05:16.0387 2584 Angelnt ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:16.0387 2584 Angelnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:05:16.0388 2584 CSC ( Virus.Win32.ZAccess.aml ) - skipped by user
23:05:16.0388 2584 CSC ( Virus.Win32.ZAccess.aml ) - User select action: Skip
23:05:16.0393 2584 DynCal ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:16.0393 2584 DynCal ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:05:16.0399 2584 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:16.0399 2584 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:05:16.0404 2584 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:16.0404 2584 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:05:16.0409 2584 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:16.0409 2584 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:05:16.0418 2584 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:16.0418 2584 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:05:16.0421 2584 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:05:16.0421 2584 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Udelejte znovu sken ale u polozky CSC ( Virus.Win32.ZAccess.aml ) dejte\ponechte Cure

Spravil som znovu sken a ponechal pri položke CSC ( Virus.Win32.ZAccess.aml ) - Cure

pripajam log , aplikacia mi ponukla možnosť reboot computer.....mám to urobiť?

23:18:33.0142 6016 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:18:33.0339 6016 ============================================================
23:18:33.0339 6016 Current date / time: 2013/01/31 23:18:33.0339
23:18:33.0339 6016 SystemInfo:
23:18:33.0339 6016
23:18:33.0339 6016 OS Version: 6.1.7600 ServicePack: 0.0
23:18:33.0339 6016 Product type: Workstation
23:18:33.0339 6016 ComputerName: JOHNY-PC
23:18:33.0339 6016 UserName: johny
23:18:33.0339 6016 Windows directory: C:\Windows
23:18:33.0339 6016 System windows directory: C:\Windows
23:18:33.0339 6016 Processor architecture: Intel x86
23:18:33.0339 6016 Number of processors: 2
23:18:33.0339 6016 Page size: 0x1000
23:18:33.0339 6016 Boot type: Normal boot
23:18:33.0339 6016 ============================================================
23:18:34.0966 6016 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:18:34.0969 6016 ============================================================
23:18:34.0969 6016 \Device\Harddisk0\DR0:
23:18:34.0969 6016 MBR partitions:
23:18:34.0969 6016 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFF5219A
23:18:34.0969 6016 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFF521D9, BlocksNum 0x2A432A68
23:18:34.0969 6016 ============================================================
23:18:34.0991 6016 C: <-> \Device\Harddisk0\DR0\Partition1
23:18:35.0017 6016 D: <-> \Device\Harddisk0\DR0\Partition2
23:18:35.0017 6016 ============================================================
23:18:35.0017 6016 Initialize success
23:18:35.0017 6016 ============================================================
23:18:42.0195 4480 ============================================================
23:18:42.0195 4480 Scan started
23:18:42.0195 4480 Mode: Manual; SigCheck; TDLFS;
23:18:42.0195 4480 ============================================================
23:18:42.0774 4480 ================ Scan system memory ========================
23:18:42.0774 4480 System memory - ok
23:18:42.0775 4480 ================ Scan services =============================
23:18:42.0955 4480 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
23:18:43.0045 4480 !SASCORE - ok
23:18:43.0209 4480 [ 04DAA77E1E752109AEA17BEEF16E6EBF ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
23:18:43.0245 4480 1394ohci - ok
23:18:43.0271 4480 [ 4984C69B47AEDEBEF33EB90572160D30 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
23:18:43.0301 4480 ACPI - ok
23:18:43.0330 4480 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
23:18:43.0362 4480 AcpiPmi - ok
23:18:43.0460 4480 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:18:43.0489 4480 AdobeFlashPlayerUpdateSvc - ok
23:18:43.0529 4480 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:18:43.0565 4480 adp94xx - ok
23:18:43.0599 4480 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:18:43.0630 4480 adpahci - ok
23:18:43.0655 4480 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:18:43.0682 4480 adpu320 - ok
23:18:43.0721 4480 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:18:43.0758 4480 AeLookupSvc - ok
23:18:43.0826 4480 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
23:18:43.0858 4480 AFD - ok
23:18:43.0890 4480 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
23:18:43.0914 4480 agp440 - ok
23:18:43.0939 4480 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
23:18:43.0966 4480 aic78xx - ok
23:18:44.0013 4480 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
23:18:44.0040 4480 ALG - ok
23:18:44.0061 4480 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
23:18:44.0085 4480 aliide - ok
23:18:44.0124 4480 [ B19505648F033393E907E2E419FDE8B3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:18:44.0157 4480 AMD External Events Utility - ok
23:18:44.0172 4480 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
23:18:44.0197 4480 amdagp - ok
23:18:44.0212 4480 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
23:18:44.0236 4480 amdide - ok
23:18:44.0272 4480 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:18:44.0300 4480 AmdK8 - ok
23:18:44.0310 4480 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:18:44.0338 4480 AmdPPM - ok
23:18:44.0385 4480 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:18:44.0411 4480 amdsata - ok
23:18:44.0429 4480 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:18:44.0457 4480 amdsbs - ok
23:18:44.0479 4480 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:18:44.0503 4480 amdxata - ok
23:18:44.0553 4480 [ 4A8CB8FEA9DCB6F93017F413E2646001 ] Angelnt C:\Windows\System32\Drivers\ANGELNT.SYS
23:18:44.0564 4480 Angelnt ( UnsignedFile.Multi.Generic ) - warning
23:18:44.0564 4480 Angelnt - detected UnsignedFile.Multi.Generic (1)
23:18:44.0598 4480 [ A1136E9BEE592DF0814DBD2FA5695973 ] AppID C:\Windows\system32\drivers\appid.sys
23:18:44.0623 4480 AppID - ok
23:18:44.0652 4480 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:18:44.0680 4480 AppIDSvc - ok
23:18:44.0701 4480 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
23:18:44.0732 4480 Appinfo - ok
23:18:44.0804 4480 [ 592F7AE254995274E166EEC95C28F551 ] Application Updater C:\Program Files\Application Updater\ApplicationUpdater.exe
23:18:44.0847 4480 Application Updater - ok
23:18:44.0870 4480 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
23:18:44.0898 4480 AppMgmt - ok
23:18:44.0932 4480 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
23:18:44.0957 4480 arc - ok
23:18:44.0984 4480 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:18:45.0009 4480 arcsas - ok
23:18:45.0036 4480 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:18:45.0089 4480 AsyncMac - ok
23:18:45.0123 4480 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
23:18:45.0148 4480 atapi - ok
23:18:45.0314 4480 [ 04F09923A393E4E0E8453A8F78361E73 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:18:45.0450 4480 atikmdag - ok
23:18:45.0520 4480 [ 3D487F48CAF2C75CC7185ED34A4894C1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:18:45.0555 4480 AudioEndpointBuilder - ok
23:18:45.0597 4480 [ 3D487F48CAF2C75CC7185ED34A4894C1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:18:45.0631 4480 Audiosrv - ok
23:18:45.0674 4480 [ 740970262714E0575F23A917A2A53A31 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
23:18:45.0708 4480 avgtp - ok
23:18:45.0767 4480 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:18:45.0799 4480 AxInstSV - ok
23:18:45.0842 4480 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
23:18:45.0875 4480 b06bdrv - ok
23:18:45.0903 4480 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
23:18:45.0933 4480 b57nd60x - ok
23:18:45.0959 4480 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
23:18:45.0987 4480 BDESVC - ok
23:18:46.0000 4480 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
23:18:46.0051 4480 Beep - ok
23:18:46.0098 4480 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
23:18:46.0135 4480 BFE - ok
23:18:46.0151 4480 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:18:46.0178 4480 blbdrive - ok
23:18:46.0211 4480 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:18:46.0238 4480 bowser - ok
23:18:46.0260 4480 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:18:46.0288 4480 BrFiltLo - ok
23:18:46.0298 4480 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:18:46.0328 4480 BrFiltUp - ok
23:18:46.0368 4480 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
23:18:46.0397 4480 Browser - ok
23:18:46.0421 4480 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:18:46.0452 4480 Brserid - ok
23:18:46.0477 4480 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:18:46.0510 4480 BrSerWdm - ok
23:18:46.0528 4480 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:18:46.0558 4480 BrUsbMdm - ok
23:18:46.0578 4480 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:18:46.0607 4480 BrUsbSer - ok
23:18:46.0621 4480 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:18:46.0651 4480 BTHMODEM - ok
23:18:46.0679 4480 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
23:18:46.0732 4480 bthserv - ok
23:18:46.0761 4480 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:18:46.0813 4480 cdfs - ok
23:18:46.0848 4480 [ BB63132C854BC53D2826F4D4B92C9C35 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:18:46.0879 4480 cdrom - ok
23:18:46.0909 4480 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
23:18:46.0965 4480 CertPropSvc - ok
23:18:47.0008 4480 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:18:47.0042 4480 circlass - ok
23:18:47.0069 4480 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
23:18:47.0102 4480 CLFS - ok
23:18:47.0161 4480 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:18:47.0184 4480 clr_optimization_v2.0.50727_32 - ok
23:18:47.0280 4480 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:18:47.0308 4480 clr_optimization_v4.0.30319_32 - ok
23:18:47.0336 4480 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:18:47.0367 4480 CmBatt - ok
23:18:47.0390 4480 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
23:18:47.0415 4480 cmdide - ok
23:18:47.0452 4480 [ F1D4C07CACFB4D1A1A7B06493F4F4EF4 ] CNG C:\Windows\system32\Drivers\cng.sys
23:18:47.0496 4480 CNG - ok
23:18:47.0534 4480 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:18:47.0562 4480 Compbatt - ok
23:18:47.0588 4480 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:18:47.0619 4480 CompositeBus - ok
23:18:47.0669 4480 COMSysApp - ok
23:18:47.0699 4480 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:18:47.0747 4480 crcdisk - ok
23:18:47.0822 4480 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:18:47.0845 4480 CryptSvc - ok
23:18:47.0874 4480 [ 149A72B731B29557BE1CD2AC99039688 ] CSC C:\Windows\system32\drivers\csc.sys
23:18:47.0878 4480 Suspicious file (Forged): C:\Windows\system32\drivers\csc.sys. Real md5: 149A72B731B29557BE1CD2AC99039688, Fake md5: 89385BE480B225C72E2B8E84D5E00426
23:18:47.0883 4480 CSC ( Virus.Win32.ZAccess.aml ) - infected
23:18:47.0883 4480 CSC - detected Virus.Win32.ZAccess.aml (0)
23:18:47.0969 4480 [ 340C7FB0942F80D785E4FB2FC1B1FF14 ] CscService C:\Windows\System32\cscsvc.dll
23:18:48.0000 4480 CscService - ok
23:18:48.0048 4480 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
23:18:48.0115 4480 DcomLaunch - ok
23:18:48.0156 4480 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
23:18:48.0245 4480 defragsvc - ok
23:18:48.0281 4480 [ 886E8C1608146CC355DDD455F5C8DD87 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:18:48.0311 4480 DfsC - ok
23:18:48.0349 4480 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:18:48.0389 4480 Dhcp - ok
23:18:48.0405 4480 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
23:18:48.0462 4480 discache - ok
23:18:48.0505 4480 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:18:48.0533 4480 Disk - ok
23:18:48.0569 4480 [ B3A0A4414D8EC1DD28018004CE8DCBEE ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:18:48.0599 4480 Dnscache - ok
23:18:48.0632 4480 [ F72EF8E6BE6D41691A23F2F07D3E1682 ] dot3svc C:\Windows\System32\dot3svc.dll
23:18:48.0665 4480 dot3svc - ok
23:18:48.0726 4480 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
23:18:48.0760 4480 Dot4 - ok
23:18:48.0818 4480 [ C25FEA07A8E7767E8B89AB96A3B96519 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:18:48.0847 4480 Dot4Print - ok
23:18:48.0906 4480 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
23:18:48.0937 4480 dot4usb - ok
23:18:48.0987 4480 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
23:18:49.0047 4480 DPS - ok
23:18:49.0078 4480 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:18:49.0106 4480 drmkaud - ok
23:18:49.0151 4480 [ 7F4D13F3F468F8EC3C698A154AC52C93 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:18:49.0194 4480 DXGKrnl - ok
23:18:49.0243 4480 [ 1D995CF2789E2844FC538C540E8563DE ] DynCal C:\Windows\system32\drivers\Dyncal.sys
23:18:49.0255 4480 DynCal ( UnsignedFile.Multi.Generic ) - warning
23:18:49.0255 4480 DynCal - detected UnsignedFile.Multi.Generic (1)
23:18:49.0323 4480 [ C73D90A437907C2398D32CCE618FE808 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
23:18:49.0346 4480 eamonm - ok
23:18:49.0401 4480 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
23:18:49.0455 4480 EapHost - ok
23:18:49.0562 4480 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
23:18:49.0652 4480 ebdrv - ok
23:18:49.0733 4480 [ A6034689ACF9D14973F8384AD5A5451E ] EFS C:\Windows\System32\lsass.exe
23:18:49.0762 4480 EFS - ok
23:18:49.0812 4480 [ 4F72DD48A2ED63A57C1210228A472020 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
23:18:49.0832 4480 ehdrv - ok
23:18:49.0897 4480 [ BC667D6C0A8A857CABA77818F1A953FD ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:18:49.0935 4480 ehRecvr - ok
23:18:49.0961 4480 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
23:18:49.0991 4480 ehSched - ok
23:18:50.0091 4480 [ E95AB781773870BD68ABE1AE1B57A8AC ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
23:18:50.0150 4480 ekrn - ok
23:18:50.0195 4480 [ 178CC9403816C082D22A1D47FA1F9C85 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
23:18:50.0218 4480 ElbyCDIO - ok
23:18:50.0259 4480 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:18:50.0295 4480 elxstor - ok
23:18:50.0348 4480 [ 0C0C50813FC59C145B604B1DCCFFB377 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
23:18:50.0371 4480 epfw - ok
23:18:50.0401 4480 [ A047420F4A55C1695A46468341558136 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
23:18:50.0421 4480 EpfwLWF - ok
23:18:50.0461 4480 [ 0C42AA79B74E0454465FAA2D28A5B980 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
23:18:50.0478 4480 epfwwfp - ok
23:18:50.0501 4480 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
23:18:50.0527 4480 ErrDev - ok
23:18:50.0570 4480 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
23:18:50.0627 4480 EventSystem - ok
23:18:50.0682 4480 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
23:18:50.0717 4480 ew_hwusbdev - ok
23:18:50.0745 4480 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
23:18:50.0799 4480 exfat - ok
23:18:50.0822 4480 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:18:50.0876 4480 fastfat - ok
23:18:50.0913 4480 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
23:18:50.0950 4480 Fax - ok
23:18:50.0961 4480 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:18:50.0990 4480 fdc - ok
23:18:51.0013 4480 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
23:18:51.0066 4480 fdPHost - ok
23:18:51.0088 4480 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
23:18:51.0143 4480 FDResPub - ok
23:18:51.0166 4480 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:18:51.0191 4480 FileInfo - ok
23:18:51.0211 4480 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:18:51.0262 4480 Filetrace - ok
23:18:51.0273 4480 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:18:51.0300 4480 flpydisk - ok
23:18:51.0320 4480 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:18:51.0348 4480 FltMgr - ok
23:18:51.0389 4480 [ D76CFBF028DCC4B6FA287CAA3DA29D78 ] FontCache C:\Windows\system32\FntCache.dll
23:18:51.0433 4480 FontCache - ok
23:18:51.0482 4480 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:18:51.0501 4480 FontCache3.0.0.0 - ok
23:18:51.0523 4480 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:18:51.0547 4480 FsDepends - ok
23:18:51.0563 4480 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:18:51.0586 4480 Fs_Rec - ok
23:18:51.0619 4480 [ 0C0386C5B33812BE2E7188E5E82621DC ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:18:51.0655 4480 fvevol - ok
23:18:51.0682 4480 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:18:51.0708 4480 gagp30kx - ok
23:18:51.0749 4480 [ 161670809D3F25A464C4B67FEA088F57 ] gpsvc C:\Windows\System32\gpsvc.dll
23:18:51.0788 4480 gpsvc - ok
23:18:51.0866 4480 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:18:51.0886 4480 gupdate - ok
23:18:51.0895 4480 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:18:51.0918 4480 gupdatem - ok
23:18:51.0950 4480 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
23:18:51.0968 4480 hamachi - ok
23:18:51.0992 4480 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:18:52.0019 4480 hcw85cir - ok
23:18:52.0061 4480 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:18:52.0097 4480 HdAudAddService - ok
23:18:52.0123 4480 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:18:52.0153 4480 HDAudBus - ok
23:18:52.0164 4480 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:18:52.0192 4480 HidBatt - ok
23:18:52.0207 4480 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:18:52.0239 4480 HidBth - ok
23:18:52.0265 4480 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:18:52.0295 4480 HidIr - ok
23:18:52.0325 4480 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
23:18:52.0378 4480 hidserv - ok
23:18:52.0413 4480 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:18:52.0439 4480 HidUsb - ok
23:18:52.0456 4480 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:18:52.0512 4480 hkmsvc - ok
23:18:52.0530 4480 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:18:52.0564 4480 HomeGroupListener - ok
23:18:52.0598 4480 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:18:52.0629 4480 HomeGroupProvider - ok
23:18:52.0786 4480 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:18:52.0801 4480 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
23:18:52.0801 4480 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
23:18:52.0847 4480 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:18:52.0858 4480 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
23:18:52.0859 4480 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
23:18:52.0878 4480 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
23:18:52.0903 4480 HpSAMD - ok
23:18:53.0018 4480 [ 79737E0F7D25DE8405CB34D4C9882253 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
23:18:53.0046 4480 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
23:18:53.0046 4480 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
23:18:53.0098 4480 [ 33BD3B302AAF1BAE758B1A73D0279972 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:18:53.0137 4480 HTTP - ok
23:18:53.0178 4480 [ B93F069ECDF7449EAAC5B887D59A23D1 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
23:18:53.0205 4480 huawei_cdcacm - ok
23:18:53.0231 4480 [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
23:18:53.0257 4480 huawei_enumerator - ok
23:18:53.0303 4480 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:18:53.0328 4480 hwpolicy - ok
23:18:53.0368 4480 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:18:53.0400 4480 i8042prt - ok
23:18:53.0442 4480 [ B9039A34C2F8769490DCC494E2402445 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:18:53.0477 4480 iaStorV - ok
23:18:53.0533 4480 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:18:53.0576 4480 idsvc - ok
23:18:53.0606 4480 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:18:53.0630 4480 iirsp - ok
23:18:53.0696 4480 [ 259CC9088CBAC6571478428B03B50FED ] IKEEXT C:\Windows\System32\ikeext.dll
23:18:53.0737 4480 IKEEXT - ok
23:18:53.0776 4480 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
23:18:53.0800 4480 intelide - ok
23:18:53.0825 4480 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:18:53.0853 4480 intelppm - ok
23:18:53.0878 4480 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:18:53.0931 4480 IPBusEnum - ok
23:18:53.0949 4480 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:18:54.0001 4480 IpFilterDriver - ok
23:18:54.0042 4480 [ F610F234638F0F42B55E0FE268033FA8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:18:54.0080 4480 iphlpsvc - ok
23:18:54.0093 4480 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:18:54.0121 4480 IPMIDRV - ok
23:18:54.0133 4480 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:18:54.0189 4480 IPNAT - ok
23:18:54.0211 4480 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:18:54.0242 4480 IRENUM - ok
23:18:54.0278 4480 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
23:18:54.0302 4480 isapnp - ok
23:18:54.0328 4480 [ BB1B120FED24D379A9D523EB27F78953 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:18:54.0360 4480 iScsiPrt - ok
23:18:54.0384 4480 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:18:54.0411 4480 kbdclass - ok
23:18:54.0439 4480 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:18:54.0467 4480 kbdhid - ok
23:18:54.0488 4480 [ A6034689ACF9D14973F8384AD5A5451E ] KeyIso C:\Windows\system32\lsass.exe
23:18:54.0518 4480 KeyIso - ok
23:18:54.0555 4480 [ 5A07985C21039E42AC014853B7CD5A05 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:18:54.0581 4480 KSecDD - ok
23:18:54.0612 4480 [ C6D3E16C897C88BF65949B49CE58DD83 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:18:54.0638 4480 KSecPkg - ok
23:18:54.0666 4480 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
23:18:54.0729 4480 KtmRm - ok
23:18:54.0764 4480 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
23:18:54.0796 4480 LanmanServer - ok
23:18:54.0821 4480 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:18:54.0885 4480 LanmanWorkstation - ok
23:18:54.0920 4480 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:18:54.0973 4480 lltdio - ok
23:18:55.0006 4480 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:18:55.0062 4480 lltdsvc - ok
23:18:55.0087 4480 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
23:18:55.0141 4480 lmhosts - ok
23:18:55.0179 4480 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:18:55.0206 4480 LSI_FC - ok
23:18:55.0228 4480 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:18:55.0254 4480 LSI_SAS - ok
23:18:55.0277 4480 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:18:55.0303 4480 LSI_SAS2 - ok
23:18:55.0325 4480 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:18:55.0352 4480 LSI_SCSI - ok
23:18:55.0395 4480 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
23:18:55.0450 4480 luafv - ok
23:18:55.0469 4480 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:18:55.0500 4480 Mcx2Svc - ok
23:18:55.0521 4480 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:18:55.0546 4480 megasas - ok
23:18:55.0574 4480 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:18:55.0605 4480 MegaSR - ok
23:18:55.0689 4480 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:18:55.0712 4480 Microsoft Office Groove Audit Service - ok
23:18:55.0727 4480 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
23:18:55.0783 4480 MMCSS - ok
23:18:55.0809 4480 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
23:18:55.0862 4480 Modem - ok
23:18:55.0892 4480 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:18:55.0921 4480 monitor - ok
23:18:55.0951 4480 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:18:55.0976 4480 mouclass - ok
23:18:56.0000 4480 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:18:56.0026 4480 mouhid - ok
23:18:56.0043 4480 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:18:56.0068 4480 mountmgr - ok
23:18:56.0110 4480 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:18:56.0135 4480 MozillaMaintenance - ok
23:18:56.0152 4480 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
23:18:56.0181 4480 mpio - ok
23:18:56.0205 4480 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:18:56.0253 4480 mpsdrv - ok
23:18:56.0303 4480 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
23:18:56.0368 4480 MpsSvc - ok
23:18:56.0392 4480 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:18:56.0428 4480 MRxDAV - ok
23:18:56.0453 4480 [ AE6248D356C6C1DE1623F0610B7FB0A3 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:18:56.0480 4480 mrxsmb - ok
23:18:56.0508 4480 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:18:56.0537 4480 mrxsmb10 - ok
23:18:56.0560 4480 [ 05FCF029FB6915DF707222D3806C760A ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:18:56.0587 4480 mrxsmb20 - ok
23:18:56.0605 4480 [ 0ED67F9A46BCF83092AE8691E3459C32 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
23:18:56.0630 4480 msahci - ok
23:18:56.0671 4480 [ C575749358DE482326943BDDF0BEB64B ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
23:18:56.0697 4480 msdsm - ok
23:18:56.0721 4480 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
23:18:56.0753 4480 MSDTC - ok
23:18:56.0803 4480 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:18:56.0859 4480 Msfs - ok
23:18:56.0877 4480 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:18:56.0931 4480 mshidkmdf - ok
23:18:56.0944 4480 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
23:18:56.0971 4480 msisadrv - ok
23:18:57.0017 4480 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:18:57.0079 4480 MSiSCSI - ok
23:18:57.0089 4480 msiserver - ok
23:18:57.0113 4480 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:18:57.0171 4480 MSKSSRV - ok
23:18:57.0192 4480 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:18:57.0248 4480 MSPCLOCK - ok
23:18:57.0273 4480 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:18:57.0329 4480 MSPQM - ok
23:18:57.0349 4480 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:18:57.0380 4480 MsRPC - ok
23:18:57.0405 4480 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:18:57.0432 4480 mssmbios - ok
23:18:57.0443 4480 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:18:57.0495 4480 MSTEE - ok
23:18:57.0519 4480 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:18:57.0546 4480 MTConfig - ok
23:18:57.0562 4480 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
23:18:57.0586 4480 Mup - ok
23:18:57.0617 4480 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
23:18:57.0682 4480 napagent - ok
23:18:57.0730 4480 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:18:57.0768 4480 NativeWifiP - ok
23:18:57.0845 4480 [ B498A14133BD09AD0817590ACE4470AD ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
23:18:57.0888 4480 NBService - ok
23:18:57.0942 4480 [ 3CB507AB001DFFACA301CFE177631CCC ] NDIS C:\Windows\system32\drivers\ndis.sys
23:18:57.0987 4480 NDIS - ok
23:18:58.0011 4480 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:18:58.0070 4480 NdisCap - ok
23:18:58.0094 4480 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:18:58.0123 4480 NdisTapi - ok
23:18:58.0157 4480 [ BF6D06B889915B252333EE887479C5AC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:18:58.0185 4480 Ndisuio - ok
23:18:58.0221 4480 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:18:58.0277 4480 NdisWan - ok
23:18:58.0296 4480 [ F49FEF57E1828E243679F1E9A0B5F291 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:18:58.0321 4480 NDProxy - ok
23:18:58.0378 4480 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:18:58.0389 4480 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:18:58.0389 4480 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:18:58.0413 4480 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:18:58.0439 4480 NetBIOS - ok
23:18:58.0464 4480 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:18:58.0520 4480 NetBT - ok
23:18:58.0543 4480 [ A6034689ACF9D14973F8384AD5A5451E ] Netlogon C:\Windows\system32\lsass.exe
23:18:58.0571 4480 Netlogon - ok
23:18:58.0610 4480 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
23:18:58.0676 4480 Netman - ok
23:18:58.0699 4480 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
23:18:58.0762 4480 netprofm - ok
23:18:58.0795 4480 [ 652881F65B35564575255A0E05E23C55 ] netr28 C:\Windows\system32\DRIVERS\netr28.sys
23:18:58.0839 4480 netr28 - ok
23:18:58.0868 4480 [ C53BDF5C777386C96ADE3FD3DDF01A88 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:18:58.0889 4480 NetTcpPortSharing - ok
23:18:58.0929 4480 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:18:58.0953 4480 nfrd960 - ok
23:18:58.0982 4480 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
23:18:59.0042 4480 NlaSvc - ok
23:18:59.0102 4480 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
23:18:59.0127 4480 NMIndexingService - ok
23:18:59.0149 4480 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:18:59.0208 4480 Npfs - ok
23:18:59.0226 4480 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
23:18:59.0282 4480 nsi - ok
23:18:59.0303 4480 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:18:59.0356 4480 nsiproxy - ok
23:18:59.0419 4480 [ 72D1BB12770F86033C73E288CD8E3869 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:18:59.0478 4480 Ntfs - ok
23:18:59.0506 4480 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
23:18:59.0559 4480 Null - ok
23:18:59.0589 4480 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:18:59.0615 4480 nvraid - ok
23:18:59.0632 4480 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:18:59.0662 4480 nvstor - ok
23:18:59.0685 4480 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
23:18:59.0714 4480 nv_agp - ok
23:18:59.0781 4480 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:18:59.0812 4480 odserv - ok
23:18:59.0835 4480 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:18:59.0862 4480 ohci1394 - ok
23:18:59.0898 4480 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:18:59.0921 4480 ose - ok
23:18:59.0960 4480 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:18:59.0998 4480 p2pimsvc - ok
23:19:00.0038 4480 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
23:19:00.0074 4480 p2psvc - ok
23:19:00.0108 4480 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:19:00.0136 4480 Parport - ok
23:19:00.0168 4480 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:19:00.0194 4480 partmgr - ok
23:19:00.0216 4480 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
23:19:00.0249 4480 Parvdm - ok
23:19:00.0282 4480 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:19:00.0320 4480 PcaSvc - ok
23:19:00.0339 4480 [ 5B154C69B2940B91B93D7AC4266810E2 ] pci C:\Windows\system32\DRIVERS\pci.sys
23:19:00.0367 4480 pci - ok
23:19:00.0398 4480 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
23:19:00.0421 4480 pciide - ok
23:19:00.0433 4480 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:19:00.0467 4480 pcmcia - ok
23:19:00.0489 4480 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
23:19:00.0516 4480 pcw - ok
23:19:00.0551 4480 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:19:00.0618 4480 PEAUTH - ok
23:19:00.0666 4480 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:19:00.0723 4480 PeerDistSvc - ok
23:19:00.0952 4480 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
23:19:01.0050 4480 pla - ok
23:19:01.0106 4480 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:19:01.0149 4480 PlugPlay - ok
23:19:01.0199 4480 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:19:01.0214 4480 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:19:01.0214 4480 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:19:01.0240 4480 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:19:01.0277 4480 PNRPAutoReg - ok
23:19:01.0304 4480 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:19:01.0337 4480 PNRPsvc - ok
23:19:01.0385 4480 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:19:01.0446 4480 PolicyAgent - ok
23:19:01.0493 4480 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
23:19:01.0556 4480 Power - ok
23:19:01.0594 4480 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:19:01.0647 4480 PptpMiniport - ok
23:19:01.0663 4480 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:19:01.0691 4480 Processor - ok
23:19:01.0732 4480 [ DD71CFADB1D3EC1766628AE92C67D843 ] ProfSvc C:\Windows\system32\profsvc.dll
23:19:01.0764 4480 ProfSvc - ok
23:19:01.0787 4480 [ A6034689ACF9D14973F8384AD5A5451E ] ProtectedStorage C:\Windows\system32\lsass.exe
23:19:01.0817 4480 ProtectedStorage - ok
23:19:01.0836 4480 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:19:01.0893 4480 Psched - ok
23:19:01.0945 4480 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:19:02.0010 4480 ql2300 - ok
23:19:02.0026 4480 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:19:02.0052 4480 ql40xx - ok
23:19:02.0087 4480 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
23:19:02.0129 4480 QWAVE - ok
23:19:02.0152 4480 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:19:02.0185 4480 QWAVEdrv - ok
23:19:02.0211 4480 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:19:02.0268 4480 RasAcd - ok
23:19:02.0282 4480 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:19:02.0310 4480 RasAgileVpn - ok
23:19:02.0340 4480 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
23:19:02.0396 4480 RasAuto - ok
23:19:02.0410 4480 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:19:02.0464 4480 Rasl2tp - ok
23:19:02.0525 4480 [ F86A88F786D134273FA92C8FC4D224DC ] RasMan C:\Windows\System32\rasmans.dll
23:19:02.0558 4480 RasMan - ok
23:19:02.0576 4480 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:19:02.0630 4480 RasPppoe - ok
23:19:02.0647 4480 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:19:02.0698 4480 RasSstp - ok
23:19:02.0729 4480 [ D0D5F258A906A9A7226D0CE648C62FD5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:19:02.0760 4480 rdbss - ok
23:19:02.0777 4480 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:19:02.0806 4480 rdpbus - ok
23:19:02.0825 4480 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:19:02.0876 4480 RDPCDD - ok
23:19:02.0900 4480 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:19:02.0930 4480 RDPDR - ok
23:19:02.0969 4480 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:19:03.0022 4480 RDPENCDD - ok
23:19:03.0047 4480 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:19:03.0096 4480 RDPREFMP - ok
23:19:03.0129 4480 [ 9A67F7B4939F6A3EC7464C07737682F6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:19:03.0162 4480 RDPWD - ok
23:19:03.0199 4480 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:19:03.0227 4480 rdyboost - ok
23:19:03.0264 4480 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
23:19:03.0293 4480 RemoteAccess - ok
23:19:03.0331 4480 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:19:03.0387 4480 RemoteRegistry - ok
23:19:03.0432 4480 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:19:03.0486 4480 RpcEptMapper - ok
23:19:03.0511 4480 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
23:19:03.0539 4480 RpcLocator - ok
23:19:03.0558 4480 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
23:19:03.0620 4480 RpcSs - ok
23:19:03.0667 4480 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:19:03.0721 4480 rspndr - ok
23:19:03.0739 4480 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
23:19:03.0767 4480 s3cap - ok
23:19:03.0787 4480 [ A6034689ACF9D14973F8384AD5A5451E ] SamSs C:\Windows\system32\lsass.exe
23:19:03.0815 4480 SamSs - ok
23:19:03.0898 4480 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
23:19:03.0917 4480 SASDIFSV - ok
23:19:03.0951 4480 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
23:19:03.0970 4480 SASKUTIL - ok
23:19:03.0999 4480 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
23:19:04.0024 4480 sbp2port - ok
23:19:04.0072 4480 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:19:04.0126 4480 SCardSvr - ok
23:19:04.0164 4480 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:19:04.0216 4480 scfilter - ok
23:19:04.0306 4480 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
23:19:04.0349 4480 Schedule - ok
23:19:04.0363 4480 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:19:04.0416 4480 SCPolicySvc - ok
23:19:04.0451 4480 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:19:04.0482 4480 SDRSVC - ok
23:19:04.0520 4480 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:19:04.0573 4480 secdrv - ok
23:19:04.0589 4480 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
23:19:04.0646 4480 seclogon - ok
23:19:04.0661 4480 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
23:19:04.0715 4480 SENS - ok
23:19:04.0734 4480 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:19:04.0767 4480 SensrSvc - ok
23:19:04.0790 4480 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:19:04.0820 4480 Serenum - ok
23:19:04.0835 4480 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:19:04.0867 4480 Serial - ok
23:19:04.0888 4480 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:19:04.0917 4480 sermouse - ok
23:19:04.0962 4480 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
23:19:05.0019 4480 SessionEnv - ok
23:19:05.0038 4480 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
23:19:05.0068 4480 sffdisk - ok
23:19:05.0079 4480 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:19:05.0108 4480 sffp_mmc - ok
23:19:05.0120 4480 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
23:19:05.0149 4480 sffp_sd - ok
23:19:05.0160 4480 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:19:05.0188 4480 sfloppy - ok
23:19:05.0241 4480 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:19:05.0303 4480 SharedAccess - ok
23:19:05.0327 4480 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:19:05.0368 4480 ShellHWDetection - ok
23:19:05.0385 4480 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
23:19:05.0413 4480 sisagp - ok
23:19:05.0452 4480 [ 6F0C643C7F49F2091B01D014EAE72E1A ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSGB6.sys
23:19:05.0479 4480 SiSGbeLH - ok
23:19:05.0515 4480 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:19:05.0540 4480 SiSRaid2 - ok
23:19:05.0563 4480 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:19:05.0589 4480 SiSRaid4 - ok
23:19:05.0609 4480 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:19:05.0663 4480 Smb - ok
23:19:05.0719 4480 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:19:05.0751 4480 SNMPTRAP - ok
23:19:05.0771 4480 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
23:19:05.0797 4480 spldr - ok
23:19:05.0834 4480 [ 13B48314BF02091B30597DF20B71CBAC ] Spooler C:\Windows\System32\spoolsv.exe
23:19:05.0871 4480 Spooler - ok
23:19:05.0969 4480 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
23:19:06.0076 4480 sppsvc - ok
23:19:06.0101 4480 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:19:06.0156 4480 sppuinotify - ok
23:19:06.0213 4480 [ 110AD8CD36F173E917B1145950042B79 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:19:06.0245 4480 srv - ok
23:19:06.0299 4480 [ 0460A195747EC2CB8D07B9634E85D637 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:19:06.0332 4480 srv2 - ok
23:19:06.0359 4480 [ E461231D570586F158BECC94C342CBE0 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:19:06.0404 4480 srvnet - ok
23:19:06.0425 4480 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:19:06.0483 4480 SSDPSRV - ok
23:19:06.0501 4480 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:19:06.0558 4480 SstpSvc - ok
23:19:06.0591 4480 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:19:06.0616 4480 stexstor - ok
23:19:06.0657 4480 [ DE7E3BDC0D8645A0283BCD2F717C243D ] StiSvc C:\Windows\System32\wiaservc.dll
23:19:06.0697 4480 StiSvc - ok
23:19:06.0713 4480 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
23:19:06.0738 4480 storflt - ok
23:19:06.0771 4480 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
23:19:06.0797 4480 storvsc - ok
23:19:06.0819 4480 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:19:06.0844 4480 swenum - ok
23:19:06.0876 4480 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
23:19:06.0940 4480 swprv - ok
23:19:06.0988 4480 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
23:19:07.0048 4480 SysMain - ok
23:19:07.0071 4480 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:19:07.0102 4480 TabletInputService - ok
23:19:07.0135 4480 [ 16A6AB6FF5ADEFC778A306A21555C42E ] TapiSrv C:\Windows\System32\tapisrv.dll
23:19:07.0169 4480 TapiSrv - ok
23:19:07.0184 4480 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
23:19:07.0244 4480 TBS - ok
23:19:07.0303 4480 [ E47C2844A1605A44178F4281E4D58B3D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:19:07.0363 4480 Tcpip - ok
23:19:07.0415 4480 [ E47C2844A1605A44178F4281E4D58B3D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:19:07.0475 4480 TCPIP6 - ok
23:19:07.0509 4480 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:19:07.0565 4480 tcpipreg - ok
23:19:07.0590 4480 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:19:07.0618 4480 TDPIPE - ok
23:19:07.0661 4480 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:19:07.0687 4480 TDTCP - ok
23:19:07.0718 4480 [ 3CE2CC0B2B5E5B422DD20A2F0B340299 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:19:07.0744 4480 tdx - ok
23:19:07.0767 4480 [ 9A927FC5727F03F50602A260A1D6D7C2 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:19:07.0792 4480 TermDD - ok
23:19:07.0834 4480 [ F7ED85BE8F0C4F6B24FB3D687F80A762 ] TermService C:\Windows\System32\termsrv.dll
23:19:07.0875 4480 TermService - ok
23:19:07.0903 4480 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
23:19:07.0938 4480 Themes - ok
23:19:07.0948 4480 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
23:19:08.0004 4480 THREADORDER - ok
23:19:08.0018 4480 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
23:19:08.0078 4480 TrkWks - ok
23:19:08.0123 4480 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:19:08.0155 4480 TrustedInstaller - ok
23:19:08.0180 4480 [ 9DFF45630DF6E13B48BC01B8E799A781 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:19:08.0205 4480 tssecsrv - ok
23:19:08.0253 4480 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:19:08.0311 4480 tunnel - ok
23:19:08.0327 4480 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:19:08.0352 4480 uagp35 - ok
23:19:08.0373 4480 [ 6557D75E8B7D6A06CDC21CD39DBF255C ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:19:08.0404 4480 udfs - ok
23:19:08.0436 4480 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:19:08.0467 4480 UI0Detect - ok
23:19:08.0497 4480 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
23:19:08.0523 4480 uliagpkx - ok
23:19:08.0559 4480 [ 71BBF3E8078D585ABF27411A8986EB95 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:19:08.0585 4480 umbus - ok
23:19:08.0617 4480 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:19:08.0643 4480 UmPass - ok
23:19:08.0672 4480 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
23:19:08.0704 4480 UmRdpService - ok
23:19:08.0734 4480 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
23:19:08.0796 4480 upnphost - ok
23:19:08.0823 4480 [ 5C233AEFB566EE78C1EFBC0493FB066A ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:19:08.0850 4480 usbccgp - ok
23:19:08.0875 4480 [ 6EB45C02E2C8A5DBF9A119F76AE9BD95 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
23:19:08.0905 4480 usbcir - ok
23:19:08.0947 4480 [ 5B71019A6ACA0116FD21B368F19C0B91 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:19:08.0979 4480 usbehci - ok
23:19:09.0014 4480 [ 5823D3965C2A4F6F785ED1A3B403F3B8 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:19:09.0046 4480 usbhub - ok
23:19:09.0065 4480 [ E753ED6C49DA13967EBABF9EA616454A ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:19:09.0090 4480 usbohci - ok
23:19:09.0130 4480 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:19:09.0158 4480 usbprint - ok
23:19:09.0192 4480 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:19:09.0222 4480 usbscan - ok
23:19:09.0246 4480 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:19:09.0274 4480 USBSTOR - ok
23:19:09.0297 4480 [ 6A30928A469CE802600E1EA8C0F2F53F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:19:09.0324 4480 usbuhci - ok
23:19:09.0366 4480 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:19:09.0394 4480 usbvideo - ok
23:19:09.0427 4480 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
23:19:09.0479 4480 UxSms - ok
23:19:09.0498 4480 [ A6034689ACF9D14973F8384AD5A5451E ] VaultSvc C:\Windows\system32\lsass.exe
23:19:09.0525 4480 VaultSvc - ok
23:19:09.0568 4480 [ 1CDAA48CB2F7744B8D25650E050766A5 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
23:19:09.0590 4480 VClone - ok
23:19:09.0618 4480 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
23:19:09.0643 4480 vdrvroot - ok
23:19:09.0678 4480 [ 37E65C096633C95004628FA4B9518515 ] vds C:\Windows\System32\vds.exe
23:19:09.0716 4480 vds - ok
23:19:09.0746 4480 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:19:09.0776 4480 vga - ok
23:19:09.0799 4480 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:19:09.0851 4480 VgaSave - ok
23:19:09.0867 4480 [ 2FD298650B5739DD59D21CE5DDACA031 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
23:19:09.0897 4480 vhdmp - ok
23:19:09.0932 4480 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
23:19:09.0958 4480 viaagp - ok
23:19:09.0970 4480 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
23:19:10.0000 4480 ViaC7 - ok
23:19:10.0019 4480 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
23:19:10.0045 4480 viaide - ok
23:19:10.0075 4480 [ CDFD6BA00B8859FBEEB1BCE0F150DE68 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
23:19:10.0104 4480 vmbus - ok
23:19:10.0114 4480 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
23:19:10.0141 4480 VMBusHID - ok
23:19:10.0161 4480 [ 2C78240E17CE3599446F978B9580D31E ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
23:19:10.0186 4480 volmgr - ok
23:19:10.0214 4480 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:19:10.0246 4480 volmgrx - ok
23:19:10.0274 4480 [ F09688701E36722B4C1560456F481285 ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
23:19:10.0305 4480 volsnap - ok
23:19:10.0343 4480 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:19:10.0371 4480 vsmraid - ok
23:19:10.0427 4480 [ 90061E9E9CBB70E64D94643B848D949C ] VSS C:\Windows\system32\vssvc.exe
23:19:10.0480 4480 VSS - ok
23:19:10.0583 4480 [ 50D3941555FEFDF46424431702EC5FB6 ] vToolbarUpdater14.0.1 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
23:19:10.0627 4480 vToolbarUpdater14.0.1 - ok
23:19:10.0644 4480 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:19:10.0675 4480 vwifibus - ok
23:19:10.0703 4480 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:19:10.0734 4480 vwififlt - ok
23:19:10.0762 4480 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:19:10.0793 4480 vwifimp - ok
23:19:10.0831 4480 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
23:19:10.0892 4480 W32Time - ok
23:19:10.0953 4480 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:19:10.0983 4480 WacomPen - ok
23:19:11.0010 4480 [ DB3B1965C2FB1476D95E413C3B7CACBB ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:19:11.0037 4480 WANARP - ok
23:19:11.0045 4480 [ DB3B1965C2FB1476D95E413C3B7CACBB ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:19:11.0075 4480 Wanarpv6 - ok
23:19:11.0158 4480 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:19:11.0220 4480 WatAdminSvc - ok
23:19:11.0280 4480 [ ED6F570C5F6F82DA5BE4F92F9CECE521 ] wbengine C:\Windows\system32\wbengine.exe
23:19:11.0335 4480 wbengine - ok
23:19:11.0373 4480 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:19:11.0414 4480 WbioSrvc - ok
23:19:11.0450 4480 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:19:11.0485 4480 wcncsvc - ok
23:19:11.0506 4480 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:19:11.0539 4480 WcsPlugInService - ok
23:19:11.0574 4480 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:19:11.0599 4480 Wd - ok
23:19:11.0649 4480 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:19:11.0691 4480 Wdf01000 - ok
23:19:11.0712 4480 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:19:11.0747 4480 WdiServiceHost - ok
23:19:11.0757 4480 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:19:11.0793 4480 WdiSystemHost - ok
23:19:11.0829 4480 [ 208F15BC4432E93942AD6819C4591F37 ] WebClient C:\Windows\System32\webclnt.dll
23:19:11.0865 4480 WebClient - ok
23:19:11.0887 4480 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:19:11.0945 4480 Wecsvc - ok
23:19:11.0965 4480 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:19:12.0018 4480 wercplsupport - ok
23:19:12.0038 4480 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
23:19:12.0099 4480 WerSvc - ok
23:19:12.0132 4480 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:19:12.0183 4480 WfpLwf - ok
23:19:12.0205 4480 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:19:12.0231 4480 WIMMount - ok
23:19:12.0315 4480 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:19:12.0362 4480 WinDefend - ok
23:19:12.0374 4480 WinHttpAutoProxySvc - ok
23:19:12.0434 4480 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:19:12.0462 4480 Winmgmt - ok
23:19:12.0523 4480 [ E85BF88FE9C022C1277D775BA880A4D5 ] WinRM C:\Windows\system32\WsmSvc.dll
23:19:12.0575 4480 WinRM - ok
23:19:12.0650 4480 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:19:12.0701 4480 Wlansvc - ok
23:19:12.0731 4480 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:19:12.0758 4480 WmiAcpi - ok
23:19:12.0789 4480 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:19:12.0818 4480 wmiApSrv - ok
23:19:12.0899 4480 [ 923E653FF9049CE9544523C0D67B3D63 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:19:12.0947 4480 WMPNetworkSvc - ok
23:19:12.0965 4480 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:19:12.0996 4480 WPCSvc - ok
23:19:13.0012 4480 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:19:13.0044 4480 WPDBusEnum - ok
23:19:13.0069 4480 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:19:13.0123 4480 ws2ifsl - ok
23:19:13.0156 4480 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll
23:19:13.0186 4480 wscsvc - ok
23:19:13.0195 4480 WSearch - ok
23:19:13.0246 4480 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:19:13.0276 4480 WudfPf - ok
23:19:13.0308 4480 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:19:13.0338 4480 WUDFRd - ok
23:19:13.0381 4480 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:19:13.0413 4480 wudfsvc - ok
23:19:13.0452 4480 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
23:19:13.0486 4480 WwanSvc - ok
23:19:13.0543 4480 [ CE0C846127D6ABB1E2A22E59682B2527 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
23:19:13.0583 4480 xnacc - ok
23:19:13.0615 4480 ================ Scan global ===============================
23:19:13.0644 4480 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
23:19:13.0686 4480 [ 27CF1AB64FEA3B11036BD8138F9895AA ] C:\Windows\system32\winsrv.dll
23:19:13.0708 4480 [ 27CF1AB64FEA3B11036BD8138F9895AA ] C:\Windows\system32\winsrv.dll
23:19:13.0737 4480 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
23:19:13.0763 4480 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
23:19:13.0771 4480 [Global] - ok
23:19:13.0772 4480 ================ Scan MBR ==================================
23:19:13.0795 4480 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:19:14.0435 4480 \Device\Harddisk0\DR0 - ok
23:19:14.0436 4480 ================ Scan VBR ==================================
23:19:14.0441 4480 [ CA27515A0488694713FF59DB843303A4 ] \Device\Harddisk0\DR0\Partition1
23:19:14.0444 4480 \Device\Harddisk0\DR0\Partition1 - ok
23:19:14.0476 4480 [ 713CB735DCFDC7687FAAA341871ED455 ] \Device\Harddisk0\DR0\Partition2
23:19:14.0479 4480 \Device\Harddisk0\DR0\Partition2 - ok
23:19:14.0480 4480 ============================================================
23:19:14.0480 4480 Scan finished
23:19:14.0480 4480 ============================================================
23:19:14.0509 5568 Detected object count: 8
23:19:14.0509 5568 Actual detected object count: 8
23:19:44.0366 5568 Angelnt ( UnsignedFile.Multi.Generic ) - skipped by user
23:19:44.0366 5568 Angelnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:19:44.0448 5568 C:\Windows\system32\drivers\csc.sys - copied to quarantine
23:19:47.0199 5568 C:\Windows\$NtUninstallKB58861$\2538959544\@ - copied to quarantine
23:19:47.0219 5568 C:\Windows\$NtUninstallKB58861$\2538959544\Desktop.ini - copied to quarantine
23:19:48.0022 5568 C:\Windows\$NtUninstallKB58861$\2538959544\L\00000004.@ - copied to quarantine
23:19:48.0032 5568 C:\Windows\$NtUninstallKB58861$\2538959544\L\201d3dde - copied to quarantine
23:19:48.0045 5568 C:\Windows\$NtUninstallKB58861$\2538959544\L\4cce1f70 - copied to quarantine
23:19:48.0079 5568 C:\Windows\$NtUninstallKB58861$\2538959544\L\xadqgnnk - copied to quarantine
23:19:48.0109 5568 C:\Windows\$NtUninstallKB58861$\2538959544\U\00000004.@ - copied to quarantine
23:19:48.0868 5568 C:\Windows\$NtUninstallKB58861$\2538959544\U\00000008.@ - copied to quarantine
23:19:49.0710 5568 C:\Windows\$NtUninstallKB58861$\2538959544\U\000000cb.@ - copied to quarantine
23:19:50.0454 5568 C:\Windows\$NtUninstallKB58861$\2538959544\U\80000000.@ - copied to quarantine
23:19:51.0211 5568 C:\Windows\$NtUninstallKB58861$\2538959544\U\80000032.@ - copied to quarantine
23:19:52.0142 5568 Backup copy found, using it..
23:19:52.0278 5568 C:\Windows\system32\drivers\csc.sys - will be cured on reboot
23:19:52.0442 5568 C:\Windows\$NtUninstallKB58861$\2538959544\@ - will be deleted on reboot
23:19:52.0443 5568 C:\Windows\$NtUninstallKB58861$\2538959544\Desktop.ini - will be deleted on reboot
23:19:52.0449 5568 C:\Windows\$NtUninstallKB58861$\2538959544\U\00000004.@ - will be deleted on reboot
23:19:52.0450 5568 C:\Windows\$NtUninstallKB58861$\2538959544\U\00000008.@ - will be deleted on reboot
23:19:52.0451 5568 C:\Windows\$NtUninstallKB58861$\2538959544\U\000000cb.@ - will be deleted on reboot
23:19:52.0452 5568 C:\Windows\$NtUninstallKB58861$\2538959544\U\80000000.@ - will be deleted on reboot
23:19:52.0453 5568 C:\Windows\$NtUninstallKB58861$\2538959544\U\80000032.@ - will be deleted on reboot
23:19:52.0455 5568 C:\Windows\$NtUninstallKB58861$\260083120 - will be deleted on reboot
23:19:52.0467 5568 CSC ( Virus.Win32.ZAccess.aml ) - User select action: Cure
23:19:52.0468 5568 DynCal ( UnsignedFile.Multi.Generic ) - skipped by user
23:19:52.0468 5568 DynCal ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:19:52.0473 5568 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
23:19:52.0473 5568 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:19:52.0478 5568 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:19:52.0478 5568 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:19:52.0483 5568 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
23:19:52.0483 5568 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:19:52.0484 5568 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:19:52.0484 5568 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:19:52.0489 5568 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:19:52.0489 5568 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Omlouvam se za zdrzeni, mel jsem nejake studijni povinnosti

Restart PC jiz predpokladam probehl

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

zdravím,

spravil som scan cez RKill.

pripájam log

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/01/2013 05:44:19 PM in x86 mode.
Windows Version: Windows 7 Ultimate

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\johny\AppData\Local\Temp\CR_820BD.tmp\setup.exe (PID: 4712) [T-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* BITS [Missing Service]
* wuauserv [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 02/01/2013 05:45:37 PM
Execution time: 0 hours(s), 1 minute(s), and 18 seconds(s)

použil som aj combofix pripajam log

ComboFix 13-02-01.04 - johny 01.02.2013 18:08:59.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.3071.2281 [GMT 1:00]
Running from: c:\users\johny\Desktop\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB58861$
c:\windows\$NtUninstallKB58861$\2538959544\L\00000004.@
c:\windows\$NtUninstallKB58861$\2538959544\L\201d3dde
c:\windows\$NtUninstallKB58861$\2538959544\L\4cce1f70
c:\windows\$NtUninstallKB58861$\2538959544\L\76603ac3
c:\windows\$NtUninstallKB58861$\2538959544\L\xadqgnnk
D:\AUTORUN.INF
.
.
((((((((((((((((((((((((( Files Created from 2013-01-01 to 2013-02-01 )))))))))))))))))))))))))))))))
.
.
2013-01-31 22:19 . 2013-01-31 22:19 -------- d-----w- C:\TDSSKiller_Quarantine
2013-01-31 21:43 . 2013-01-31 21:43 -------- d-----w- c:\program files\trend micro
2013-01-31 21:43 . 2013-01-31 21:43 -------- d-----w- C:\rsit
2013-01-29 16:04 . 2013-01-29 16:04 -------- d-----w- c:\users\johny\AppData\Roaming\SUPERAntiSpyware.com
2013-01-29 16:03 . 2013-01-29 16:04 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-01-29 16:03 . 2013-01-29 16:03 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-01-29 11:09 . 2013-01-29 11:09 -------- d-----w- c:\program files\CCleaner
2013-01-28 23:35 . 2013-01-12 02:30 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-25 14:13 . 2013-01-25 14:13 -------- d-----w- c:\program files\ESET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-31 22:40 . 2010-06-18 08:00 387584 ----a-w- c:\windows\system32\drivers\csc.sys
2013-01-25 23:51 . 2012-11-08 22:40 31576 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-01-10 17:57 . 2012-11-29 15:05 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-10 17:57 . 2011-12-04 23:29 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-08 04:57 . 2013-02-01 16:44 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{57DB6D02-31C1-4174-B863-F701D5112175}\mpengine.dll
2012-12-17 00:20 . 2012-12-17 00:20 1581056 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\pl-6abb558852cc7fbf9b33022fe7d68612.dll
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Zero Dark Thirty German BDRip Dual Audio FTW\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Wreck-It Ralph 2012 [Japanese].DVDRip.AC3 DiAMOND\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Warrior (I) Italian [DVDRip] 720p SiC\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Warm Bodies English.[DVDRip] (XViD) - HOPE\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Twilight (I) 2008 [English] (DVDRip) (x264) sC0rp\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Transformers Dark of the Moon [English].DVDScr.AC3 - SiC\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Total Recall English DVDRip.Dual Audio NYDIC\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Total Recall (German) DVDScr.HOPE\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Thor 2011 Eng (DVDRip) x264.WBZ\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\There Will Be Blood 2007 (French) (BDRip) AC3 SPARKS\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Words 2012 (English) DVDRip NeDiVx\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Town Eng DVDRip - WBZ\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Town 2010 English [DVDScr].480p INSPiRAL\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Town 2010 [Italian] DVDRip.AC3 - PeeR2Me\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Shining [English] PDVD.[720p] - 3LT0N\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Shining [English] BDRip Dual Audio - INSPiRAL\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Shawshank Redemption [English] DVDRip.[AC3] - SiC\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Pirates! Band of Misfits English BDRip.x264 - NeDiVx\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Perks of Being a Wallflower 2012 English.[DVDRip].[XViD].3LT0N\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Odd Life of Timothy Green English DVDScr Dual Audio FTW\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Mortal Instruments City of Bones English.DVDRip.ART3MiS\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Matrix 1999 (Japanese) DVDRip.[x264] UnKnOwN\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Magic of Belle Isle English [DVDRip].480p - FTW\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Lucky One 2012 [Italian] BDRip.x264 - FTW\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Lucky One 2012 (English) (DVDRip) XViD.DiAMOND\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Lost Coast Tapes 2012 [French].DVDRip.720p - AMIABLE\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Lion King Italian.PDVD.480p Feel-Free\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Help 2011 English DVDRip.AC3 BiDA\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Hangover (English) DVDRip.XViD AMIABLE\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Grey 2011 Eng.[DVD].[Dual Audio] TARGET\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Green Mile English PDVD 720p Feel-Free\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Green Mile 1999 English DVDRip AC3 - WBZ\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Great Gatsby 2013 English DVDRip.[Dual Audio] MAX\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Godfather 1972 English [DVDRip] - 3LT0N\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Girl with the Dragon Tattoo (English) PDVD.[x264] - sC0rp\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Expendables English DVDRip 480p WBZ\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Expendables 2010 [Eng].BDRip.[720p].NYDIC\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Expendables 2 English [DVDScr].AC3 - Voodoo\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Dark Knight [English].DVDRip.AC3 sC0rp\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Cold Light of Day [English] (DVDRip) - TARGET\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Cabin in the Woods Spanish DVDRip.[Dual Audio] - MAX\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Cabin in the Woods 2011 [English] [DVD].x264 - FTW\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Cabin in the Woods 2011 [English] [DVD].x264 - FTW\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Bourne Legacy 2012 English DVDRip.XViD Feel-Free\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Bourne Legacy 2012 [English].DVD.XViD NYDIC\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Big Lebowski French (DVDRip) AC3 FTW\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Amazing Spider-Man English (DVDRip) XViD - 3LT0N\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\The Amazing Spider-Man 2012 French (PDVD) 720p BiDA\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Taken (I) 2008 English (DVDRip) (AC3) ART3MiS\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Stolen 2012 Spanish BDRip 3LT0N\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Step Up Revolution 2012 Spanish.BDRip.XViD.ART3MiS\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Step Up Revolution (English) DVDRip.[Dual Audio] - DiAMOND\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Stealing Las Vegas 2012 (English) DVDRip [XViD] UnKnOwN\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Spring Breakers Eng DVD.[x264] - AMIABLE\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Spring Breakers 2012 Eng.[PDVD].[x264].PADDO\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Snow White and the Huntsman 2012 (English) [DVDRip].[x264] WBZ\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Snatch 2000 English BDRip (AC3) HOPE\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Snatch 2000 English BDRip (AC3) HOPE\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Snatch 2000 [English] (DVDRip) 720p.SiC\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Skyfall 2012 Italian [DVDScr].AC3 BiDA\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Sinister 2012 German DVDRip x264 - BHRG\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Sinister 2012 Eng DVD (Dual Audio) - PADDO\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Sinister 2012 [English] DVDRip.[x264] FTW\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Silver Linings Playbook [Eng] DVDRip - MAX\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Shame Eng [DVDScr].Dual Audio UnKnOwN\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Shame Eng [DVDScr].Dual Audio UnKnOwN\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Shame 2011 Spanish.PDVD.AC3.SPARKS\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Seven Psychopaths English.[DVDRip].720p ETRG\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Se7en 1995 English DVD (AC3) Voodoo\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Savages English (DVDScr) Dual Audio.NeDiVx\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Savages 2012 English.DVDRip.XViD.SiC\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Savages [Spanish] (DVDScr) 480p - INFERNO\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Safe House English (DVDRip) - sC0rp\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Safe (I) 2012 English DVDScr.x264 3LT0N\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Resident Evil Retribution English.DVDScr UnKnOwN\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Remember the Titans 2000 English.DVD.AC3 DiAMOND\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Remember the Titans 2000 English.DVD.AC3 DiAMOND\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Red Dawn 2012 English (DVDRip) XViD - BiDA\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Red Dawn [Italian].PDVD.[Dual Audio].Feel-Free\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Quantum of Solace Spanish.DVDRip.XViD Feel-Free\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Quantum of Solace Spanish.DVDRip.XViD Feel-Free\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Pulp Fiction 1994 (English) BDRip.480p.AMIABLE\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Prometheus (I) 2012 Japanese.DVDRip.XViD.sC0rp\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Pride\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Premium Rush 2012 English.DVDRip.[720p].WBZ\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Pitch Perfect German BDRip Dual Audio - AMIABLE\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Pitch Perfect 2012 (French) BDRip.x264 NeDiVx\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\People Like Us English (BDRip) (720p) - MAX\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Peace, Love,\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\ParaNorman English DVDRip WBZ\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\On the Road Italian DVDRip.Dual Audio FTW\Mega Codec Pack 9.4.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\No Country for Old Men 2007 Japanese DVDRip.[480p] - BiDA\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Movie 43 2013 French.DVDRip.[XViD] TARGET\Mega Codec Pack 9.6.exe
2012-12-09 23:42 . 2012-12-17 11:48 7465509 ----a-w- c:\programdata\Microsoft\Media Tools\plugins\mediahash\downloads\Movie 43 2013 French.DVDRip.[XViD] TARGET\Mega Codec Pack 9.4.exe
2013-01-20 19:06 . 2011-10-08 23:47 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
2012-10-02 10:43 510144 ----a-w- c:\program files\SearchPredict\SearchPredict.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{92A9ACF4-9333-43AE-9698-DB283326F87F}]
2012-11-19 23:36 2660016 ----a-w- c:\program files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-01-25 23:51 1883824 ----a-w- c:\program files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll" [2013-01-25 1883824]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0MediaIconsOerlay]
@="{1EC23CFF-4C58-458f-924C-8519AEF61B32}"
[HKEY_CLASSES_ROOT\CLSID\{1EC23CFF-4C58-458f-924C-8519AEF61B32}]
2012-11-06 17:32 220160 ----a-w- c:\program files\Mega Codec Pack\Filters\Haali\mmdinfo.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-10-22 641400]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-06-18 1173504]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 4763008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-01-25 1101488]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-26 5074384]
.
c:\users\johny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\johny\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
.
R3 DynCal;Dynamic Calibration Service;c:\windows\system32\drivers\Dyncal.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Angelnt;Angelnt;c:\windows\System32\Drivers\ANGELNT.SYS [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [x]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-29 17:57]
.
2013-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-13 21:48]
.
2013-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-13 21:48]
.
2013-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3726182656-2076420735-390528189-1000Core.job
- c:\users\johny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-08 23:22]
.
2013-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3726182656-2076420735-390528189-1000UA.job
- c:\users\johny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-08 23:22]
.
2013-02-01 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job
- c:\program files\AVG Secure Search\PostInstall\ROC.exe [2013-01-25 23:51]
.
2013-02-01 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task aa080bb9-30de-4f38-886f-d5bda75c70d1.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
2013-02-01 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task ef27f5fd-3e3f-424e-b903-13e78dbcfb43.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.speedbit.com/?s=CBJe0
uInternet Settings,ProxyServer = proxy.euba:8080
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 193.87.16.23 193.87.16.8
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\54552414D275966696D21307: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\54552414D275966696D22307: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\54552414D275966696D25307: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\54552414D275966696D26307: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\76572757: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\D4164766961636B616: NameServer = 156.154.70.22,156.154.71.22
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll
FF - ProfilePath - c:\users\johny\AppData\Roaming\Mozilla\Firefox\Profiles\8m1n5ob1.default\
FF - ExtSQL: !HIDDEN! 2012-02-03 18:28; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)
SafeBoot-70902868.sys
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\progra~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2013-02-01 18:27:05 - machine was rebooted
ComboFix-quarantined-files.txt 2013-02-01 17:27
.
Pre-Run: 53 239 922 688 bytes free
Post-Run: 54 462 287 872 bytes free
.
- - End Of File - - B69A753F42481BD3F2B9EE18D79DD78E

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Search
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Použil som aj AdwCleaner. Tu je log.



# AdwCleaner v2.109 - Logfile created 02/01/2013 at 20:24:37
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate (32 bits)
# User : johny - JOHNY-PC
# Boot Mode : Normal
# Running from : C:\Users\johny\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : Application Updater

***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Found : C:\Program Files\Application Updater
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\spigot
Folder Found : C:\Program Files\pdfforge Toolbar
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\Users\johny\AppData\Local\AVG Secure Search
Folder Found : C:\Users\johny\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\johny\AppData\LocalLow\pdfforge
Folder Found : C:\Users\johny\AppData\LocalLow\Search Settings
Folder Found : C:\Users\johny\AppData\LocalLow\Toolbar4

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\pdfforge
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\pdfforge
Key Found : HKCU\Software\Search Settings
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\pdfforge
Key Found : HKLM\Software\Search Settings
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (sk)

File : C:\Users\johny\AppData\Roaming\Mozilla\Firefox\Profiles\8m1n5ob1.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.56

File : C:\Users\johny\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9587 octets] - [01/02/2013 20:24:37]

########## EOF - C:\AdwCleaner[R1].txt - [9647 octets] ##########

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Delete
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

posielam log.

trvalo to dlhšie lebo som mal problem s internetom, ale uz je to ok...





# AdwCleaner v2.109 - Logfile created 02/01/2013 at 20:53:09
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate (32 bits)
# User : johny - JOHNY-PC
# Boot Mode : Normal
# Running from : C:\Users\johny\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Application Updater

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\pdfforge Toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Users\johny\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\johny\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\johny\AppData\LocalLow\pdfforge
Folder Deleted : C:\Users\johny\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\johny\AppData\LocalLow\Toolbar4

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\pdfforge
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\pdfforge
Key Deleted : HKLM\Software\Search Settings
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (sk)

File : C:\Users\johny\AppData\Roaming\Mozilla\Firefox\Profiles\8m1n5ob1.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.56

File : C:\Users\johny\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9716 octets] - [01/02/2013 20:24:37]
AdwCleaner[S1].txt - [9898 octets] - [01/02/2013 20:53:09]

########## EOF - C:\AdwCleaner[S1].txt - [9958 octets] ##########

Poprosim o DDS http://forum.viry.cz/viewtopic.php?f=13&t=125171

posielam dds


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
Run by johny at 22:46:42 on 2013-02-01
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.3071.1829 [GMT 1:00]
.
AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\johny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.speedbit.com/?s=CBJe0
uProxyServer = proxy.euba:8080
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SearchPredictObj Class: {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - c:\program files\searchpredict\SearchPredict.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: SBCONVERT Class: {92A9ACF4-9333-43AE-9698-DB283326F87F} - c:\program files\speedbit video downloader\toolbar\tbcore3.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: GrabberObj Class: {FF7C3CF0-4B15-11D1-ABED-709549C10000} - c:\program files\speedbit video downloader\toolbar\Grabber.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: SpeedBit Video Downloader: {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - c:\program files\speedbit video downloader\toolbar\tbcore3.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
StartupFolder: c:\users\johny\appdata\roaming\micros~1\windows\startm~1\programs\startup\orezva~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B} : DHCPNameServer = 193.87.16.23 193.87.16.8
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\54552414D275966696D21307 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\54552414D275966696D21307 : DHCPNameServer = 193.87.16.23 193.87.16.8
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\54552414D275966696D22307 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\54552414D275966696D22307 : DHCPNameServer = 193.87.16.23 193.87.16.8
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\54552414D275966696D25307 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\54552414D275966696D25307 : DHCPNameServer = 193.87.16.23 193.87.16.8
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\54552414D275966696D26307 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\54552414D275966696D26307 : DHCPNameServer = 193.87.16.23 193.87.16.8
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\76572757 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\76572757 : DHCPNameServer = 193.87.16.23 193.87.16.8
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\D4164766961636B616 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{4A90B40D-BDA4-42DB-9C32-43776342353B}\D4164766961636B616 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{97B5B3C3-391D-4807-9135-3C8BC0E01904} : DHCPNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\johny\appdata\roaming\mozilla\firefox\profiles\8m1n5ob1.default\
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\users\johny\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: !HIDDEN! 2012-02-03 18:28; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2012-11-28 47056]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-11-8 31576]
R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2012-10-8 170656]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\drivers\EpfwLWF.sys [2012-10-8 46056]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [2012-3-2 51072]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2012-11-26 1329304]
R2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;c:\program files\common files\avg secure search\vtoolbarupdater\14.0.1\ToolbarUpdater.exe [2013-1-26 945328]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-4-6 72576]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSGB6.sys [2009-6-10 48128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 DynCal;Dynamic Calibration Service;c:\windows\system32\drivers\DynCal.sys [2007-11-7 12928]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-4-6 102784]
S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2012-4-6 85248]
S3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\drivers\netr28.sys [2009-6-10 530944]
S3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\wat\WatAdminSvc.exe [2011-10-9 1343400]
.
=============== Created Last 30 ================
.
2013-02-01 20:26:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-02-01 20:26:50 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-02-01 19:53:49 115 ----a-w- c:\windows\DeleteOnReboot.bat
2013-02-01 19:33:00 626688 ----a-w- c:\windows\system32\usp10.dll
2013-02-01 19:32:57 2353664 ----a-w- c:\windows\system32\win32k.sys
2013-02-01 19:32:52 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-02-01 19:32:49 376832 ----a-w- c:\windows\system32\dpnet.dll
2013-02-01 19:31:53 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-02-01 19:31:38 2048 ----a-w- c:\windows\system32\tzres.dll
2013-02-01 19:29:09 46592 ----a-w- c:\windows\system32\fpb.rs
2013-02-01 19:28:47 219136 ----a-w- c:\windows\system32\ncrypt.dll
2013-02-01 19:28:43 245616 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-02-01 19:12:25 -------- d-----w- c:\users\johny\appdata\roaming\{B7EFBC57-6CE9-48E4-B7AB-3EABBF9535E6}
2013-02-01 17:21:32 -------- d-----w- C:\$RECYCLE.BIN
2013-02-01 17:19:32 -------- d-----w- c:\users\johny\appdata\local\temp
2013-02-01 16:57:53 98816 ----a-w- c:\windows\sed.exe
2013-02-01 16:57:53 256000 ----a-w- c:\windows\PEV.exe
2013-02-01 16:57:53 208896 ----a-w- c:\windows\MBR.exe
2013-02-01 16:44:51 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{57db6d02-31c1-4174-b863-f701d5112175}\mpengine.dll
2013-01-31 22:19:44 -------- d-----w- C:\TDSSKiller_Quarantine
2013-01-31 21:43:15 -------- d-----w- c:\program files\trend micro
2013-01-29 16:04:35 -------- d-----w- c:\users\johny\appdata\roaming\SUPERAntiSpyware.com
2013-01-29 16:03:09 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-01-29 16:03:09 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-01-29 11:09:21 -------- d-----w- c:\program files\CCleaner
2013-01-28 23:35:25 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-25 14:13:50 -------- d-----w- c:\program files\ESET
.
==================== Find3M ====================
.
2013-01-31 22:40:26 387584 ----a-w- c:\windows\system32\drivers\csc.sys
2013-01-25 23:51:06 31576 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-01-10 17:57:07 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-10 17:57:07 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-07 05:04:20 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 04:57:38 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:51:30 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:07 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:59:26 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:43:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:43:35 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:43:35 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:43:35 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-28 08:07:58 47056 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2012-11-19 23:36:54 90824 ----a-w- c:\windows\system32\EasyHook32.dll
2012-11-19 23:36:54 109256 ----a-w- c:\windows\system32\EasyHook64.dll
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 22:47:41,06 ===============

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  File::
  c:\windows\system32\drivers\avgtpx86.sys
  C:\Windows\tasks\Adobe Flash Player Updater.job
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3726182656-2076420735-390528189-1000Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3726182656-2076420735-390528189-1000UA.job
  C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
  C:\Windows\tasks\SUPERAntiSpyware Scheduled Task aa080bb9-30de-4f38-886f-d5bda75c70d1.job
  C:\Windows\tasks\SUPERAntiSpyware Scheduled Task ef27f5fd-3e3f-424e-b903-13e78dbcfb43.job
  
  Folder::
  c:\program files\common files\avg secure search
  c:\users\johny\appdata\roaming\{B7EFBC57-6CE9-48E4-B7AB-3EABBF9535E6}
  
  DDS::
  uStart Page = hxxp://search.speedbit.com/?s=CBJe0
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
  "uTorrent"=-
  "SUPERAntiSpyware"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "NeroFilterCheck"=-
  "VirtualCloneDrive"=-
  "GrooveMonitor"=-
  "SunJavaUpdateSched"=-
  "vProt"=-
  
  Driver::
  avgtp
  vToolbarUpdater14.0.1
  
  RegLock::
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}]
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
  
  AtJob::
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci