VIRY.CZ

Dobrý den,mám problém rootkitem, AVG mi tam hlásí nějaký problem. přikládám náhled v jpg. Neumí ten soubor odstranit aCOMBOFIX ho taky neodstranil. Mohly by jste mi prověřit log, popřípadě kouknout, jestli tam není ještě co tam být nemá? Děkuji za ochotu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vochy at 2013-04-18 09:00:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 91 GB (30%) free of 299 GB
Total RAM: 3071 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:01:12, on 18.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\Trust\GXT14 Mouse\StartAutorun.exe
C:\Program Files\Trust\GXT14 Mouse\RapooV1Process.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\AVG\AVG2012\avgui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Users\Vochy\Desktop\RSIT.exe
C:\Program Files\trend micro\Vochy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/ig?hl=cs&source=mpes
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 50h8l1iy9q
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [trustGTX14] "C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe" showhide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - http://catalog.update.microsoft.com/v7/ ... 1026117767
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - https://secure.logmein.com//activex/ractrl.cab?lmi=972
O17 - HKLM\System\CCS\Services\Tcpip\..\{6FF61FC8-B57F-44C8-9DBE-23488AE16415}: NameServer =
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Acer SmartBoot Service (ASLSvc) - Acer Incorporated - C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files\Acer\Registration\GregHSRW.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Game Mouse Communication And Update Service V1 (KmGameMouseServiceV1) - UASSOFT.COM - C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

--
End of file - 9510 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Epson Printer Software Downloader.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1000UA.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1004Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1004UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Vochy\AppData\Roaming\Mozilla\Firefox\Profiles\x3gdfzsr.default

prefs.js - "browser.startup.homepage" - "http://www.google.com/ig"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35, {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37, {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.1"

"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"=C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIFillerPlugin.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npfiller.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-09 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-09 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-09-02 7731744]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]
"trustGTX14"=C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe [2009-06-05 4833792]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"IObit Malware Fighter"=C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2011-07-20 4393816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Advanced SystemCare 6"=C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-12-18 38112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-02-21 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files\Cyberlink\Shared Files\brs.exe [2011-02-11 75048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool]
C:\Program Files\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [2010-03-06 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX110 Series]
c:\windows\system32\spool\drivers\w32x86\3\e_fatifbe.exe [2008-09-27 199680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Vochy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Vochy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
c:\program files\microsoft office\office12\groovemonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2012-12-18 578560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files\Samsung\Kies\Kies.exe [2012-12-20 1476104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-12-20 310280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc]
C:\Windows\vsnp2uvc.exe [2009-05-18 662016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager]
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2013-03-11 2038552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2uvc]
c:\program files\common files\snp2uvc\tsnp2uvc.exe [2009-05-18 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Vochy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^VirtualExpander.lnk]
C:\Windows\System32\VIRTUA~1\VIRTUA~1.EXE [2005-03-31 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"MaxRecentDocs"=14
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Loki\Loki.exe"="C:\Program Files\Loki\Loki.exe:*:Enabled:Loki"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"vidc.tscc"=tsccvid.dll
"msacm.l3codec"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"msacm.dvacm"=c:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.YVU9"=tsbyuv.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.ac3filter"=ac3filter.acm
"VIDC.MLCY"=mlc.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-04-18 09:00:12 ----D---- C:\rsit
2013-04-18 09:00:12 ----D---- C:\Program Files\trend micro
2013-04-18 08:40:13 ----D---- C:\Windows\temp
2013-04-18 08:40:07 ----A---- C:\ComboFix.txt
2013-04-18 08:32:31 ----D---- C:\$RECYCLE.BIN
2013-04-18 07:36:36 ----A---- C:\Windows\zip.exe
2013-04-18 07:36:36 ----A---- C:\Windows\SWSC.exe
2013-04-18 07:36:36 ----A---- C:\Windows\SWREG.exe
2013-04-18 07:36:36 ----A---- C:\Windows\sed.exe
2013-04-18 07:36:36 ----A---- C:\Windows\PEV.exe
2013-04-18 07:36:36 ----A---- C:\Windows\NIRCMD.exe
2013-04-18 07:36:36 ----A---- C:\Windows\MBR.exe
2013-04-18 07:36:36 ----A---- C:\Windows\grep.exe
2013-04-18 07:34:35 ----AD---- C:\Qoobox
2013-04-18 07:34:06 ----D---- C:\Windows\erdnt
2013-04-17 15:32:04 ----A---- C:\Windows\system32\lsdelete.exe
2013-04-17 12:23:30 ----D---- C:\Users\Vochy\AppData\Roaming\AVG
2013-04-17 12:21:45 ----D---- C:\ProgramData\AVG
2013-04-17 12:21:16 ----SHD---- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-04-17 11:49:32 ----D---- C:\Users\Vochy\AppData\Roaming\TuneUp Software
2013-04-13 22:13:30 ----D---- C:\Users\Vochy\AppData\Roaming\vlc
2013-04-13 22:13:12 ----D---- C:\Program Files\VideoLAN
2013-04-13 22:02:13 ----D---- C:\Users\Vochy\AppData\Roaming\Win7codecs
2013-04-13 22:02:11 ----D---- C:\Program Files\Win7codecs
2013-04-13 21:59:47 ----D---- C:\ProgramData\Win7codecs
2013-04-12 19:12:09 ----D---- C:\Program Files\Mozilla Firefox
2013-04-11 03:18:40 ----A---- C:\Windows\system32\drivers\avgtdix.sys
2013-04-10 21:26:03 ----A---- C:\Windows\system32\vbscript.dll
2013-04-10 21:26:03 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-10 21:26:02 ----A---- C:\Windows\system32\wininet.dll
2013-04-10 21:26:02 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-10 21:26:02 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-10 21:26:02 ----A---- C:\Windows\system32\jscript.dll
2013-04-10 21:26:02 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-10 21:26:02 ----A---- C:\Windows\system32\ieui.dll
2013-04-10 21:26:01 ----A---- C:\Windows\system32\urlmon.dll
2013-04-10 21:26:01 ----A---- C:\Windows\system32\url.dll
2013-04-10 21:26:01 ----A---- C:\Windows\system32\jscript9.dll
2013-04-10 21:26:01 ----A---- C:\Windows\system32\iertutil.dll
2013-04-10 21:26:00 ----A---- C:\Windows\system32\mshtml.dll
2013-04-10 21:25:59 ----A---- C:\Windows\system32\ieframe.dll
2013-04-10 20:14:15 ----A---- C:\Windows\system32\win32k.sys
2013-04-10 20:14:13 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-10 20:14:11 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 20:14:10 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-04-10 20:14:09 ----A---- C:\Windows\system32\smss.exe
2013-04-10 20:14:09 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-10 20:13:56 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-04 11:00:00 ----A---- C:\Windows\system32\VSFilter.dll
2013-03-23 21:23:52 ----D---- C:\Program Files\Safari
2013-03-20 18:37:29 ----A---- C:\Windows\system32\drivers\usb8023.sys

======List of files/folders modified in the last 1 month======

2013-04-18 09:00:12 ----RD---- C:\Program Files
2013-04-18 08:59:26 ----D---- C:\Windows\system32\config
2013-04-18 08:56:15 ----D---- C:\Windows\system32\drivers
2013-04-18 08:54:48 ----D---- C:\Windows\system32\drivers\AVG
2013-04-18 08:53:53 ----D---- C:\Windows\System32
2013-04-18 08:53:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-18 08:40:13 ----D---- C:\Windows
2013-04-18 08:39:34 ----D---- C:\Windows\Prefetch
2013-04-18 08:39:06 ----D---- C:\Windows\Tasks
2013-04-18 08:39:06 ----D---- C:\Windows\system32\Tasks
2013-04-18 08:32:42 ----A---- C:\Windows\system.ini
2013-04-18 08:32:29 ----D---- C:\Windows\system32\drivers\etc
2013-04-18 07:48:17 ----D---- C:\ProgramData
2013-04-18 07:45:18 ----D---- C:\Windows\AppPatch
2013-04-18 07:45:17 ----D---- C:\Program Files\Common Files
2013-04-17 14:38:13 ----D---- C:\ProgramData\AVG2012
2013-04-17 12:46:03 ----SHD---- C:\Windows\Installer
2013-04-17 12:46:03 ----D---- C:\Config.Msi
2013-04-17 12:45:50 ----SHD---- C:\System Volume Information
2013-04-17 12:45:41 ----D---- C:\Program Files\AVG
2013-04-17 11:21:08 ----D---- C:\ProgramData\MFAData
2013-04-17 11:13:52 ----D---- C:\Program Files\DOSBox-0.74
2013-04-14 10:39:25 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-13 22:02:21 ----D---- C:\Program Files\K-Lite Codec Pack
2013-04-12 20:06:22 ----D---- C:\ProgramData\Adobe
2013-04-12 19:32:01 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-04-11 16:22:44 ----D---- C:\Windows\winsxs
2013-04-11 16:20:27 ----D---- C:\Windows\system32\migration
2013-04-11 16:20:26 ----D---- C:\Program Files\Internet Explorer
2013-04-10 21:26:51 ----D---- C:\ProgramData\Microsoft Help
2013-04-10 21:26:13 ----D---- C:\Windows\system32\catroot2
2013-04-10 21:26:13 ----D---- C:\Windows\system32\catroot
2013-04-10 21:20:19 ----D---- C:\Windows\debug
2013-04-10 21:20:15 ----A---- C:\Windows\system32\MRT.exe
2013-04-06 13:22:04 ----D---- C:\Program Files\Steam
2013-03-23 21:15:52 ----D---- C:\Program Files\Opera
2013-03-22 17:24:34 ----RSD---- C:\Windows\assembly
2013-03-20 22:52:05 ----D---- C:\Windows\system32\DriverStore
2013-03-20 17:11:47 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 14392]
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-21 691696]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-11-08 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-04-11 302368]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-01-31 281760]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-01-31 25888]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2012-08-24 47640]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 5586432]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-27 209920]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-11-06 84992]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2012-12-10 142176]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2011-07-11 18768]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-09-02 2763552]
R3 KMWDFilterV1;KMWDFilterV1; \??\C:\Windows\System32\Drivers\RPGMOUSEV1.sys [2009-06-10 18432]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2012-08-24 10144]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 15360]
R3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2011-03-23 30600]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2012-09-12 25088]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 14336]
R3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2011-03-23 19280]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-06-11 1161664]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-11-19 100352]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 5586432]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Vochy\AppData\Local\Temp\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-20 83168]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2011-02-21 94336]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-11-03 15232]
S3 MSILiveVirtualCamera;MSI Live Virtual Camera; C:\Windows\system32\DRIVERS\MSILiveVirtualCamera.sys [2007-01-29 449408]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-13 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-20 3485952]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2010-04-27 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-04-27 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2010-04-27 123776]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 181344]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-11-13 49664]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-09-04 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-09-04 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-09-04 24832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-27 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 291840]
R2 ASLSvc;Acer SmartBoot Service; C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe [2009-05-13 417792]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 Greg_Service;GRegService; C:\Program Files\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
R2 KmGameMouseServiceV1;Game Mouse Communication And Update Service V1; C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe [2009-05-18 354816]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-13 62208]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2011-01-05 55152]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PCLEPCI;PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [2005-02-09 14165]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-12 256904]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-03 651720]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2012-05-23 2152720]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2009-06-03 1019904]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S4 CLKMSVC10_E92D8507;CyberLink Product - 2012/01/15 09:41:39; C:\Program Files\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2011-02-11 240112]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-11 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-11 136176]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]

-----------------EOF-----------------

Zdravim

Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?

licencni podminky hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"


Nebezpeci CFka

• Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
• Maze stopy po haveti, takze v logu z RSIT neni nic videt
• Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
• CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
• CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Bohužel jsem do toho šel bezhlavě. log z combofixu mám taky, pokud by jste z něho něco vyčetl. Jinak na této adrese: http://www.bleepingcomputer.com/combofi ... t-combofix je popis k použití a následovnému obrácení se na Vaše stránky s výpisem logu. Každopádně děkuji za snahu.

ComboFix 13-04-18.01 - Vochy 18.04.2013 7:39.1.3 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3071.1749 [GMT 2:00]
Spuštěný z: c:\users\Vochy\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\AE9F8D0A2F.sys
c:\windows\iun6002.exe
c:\windows\ST6UNST.000
c:\windows\system32\DEBUG.log
c:\windows\system32\muzapp.exe
c:\windows\system32\Oleaut32.1
c:\windows\system32\test
c:\windows\system32\tmp6874.tmp
c:\windows\system32\tmp68F2.tmp
c:\windows\UA000080.DLL
c:\windows\wininit.ini
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-18 do 2013-04-18 )))))))))))))))))))))))))))))))
.
.
2013-04-18 05:50 . 2013-04-18 05:50 -------- d-----w- c:\users\Věruška\AppData\Local\temp
2013-04-17 13:32 . 2012-05-23 14:25 16432 ----a-w- c:\windows\system32\lsdelete.exe
2013-04-17 10:23 . 2013-04-17 10:23 -------- d-----w- c:\users\Vochy\AppData\Roaming\AVG
2013-04-17 10:21 . 2013-04-17 10:24 -------- d-----w- c:\programdata\AVG
2013-04-17 10:21 . 2013-04-17 10:21 -------- d-sh--w- c:\programdata\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-04-17 09:49 . 2013-04-17 09:49 -------- d-----w- c:\users\Vochy\AppData\Roaming\TuneUp Software
2013-04-14 09:46 . 2013-04-14 09:46 -------- d-----w- c:\users\Holky\AppData\Roaming\vlc
2013-04-14 09:45 . 2013-04-14 09:45 -------- d-----w- c:\users\Holky\AppData\Roaming\Win7codecs
2013-04-13 20:13 . 2013-04-14 10:06 -------- d-----w- c:\users\Vochy\AppData\Roaming\vlc
2013-04-13 20:13 . 2013-04-13 20:13 -------- d-----w- c:\program files\VideoLAN
2013-04-13 20:02 . 2013-04-13 20:02 -------- d-----w- c:\users\Vochy\AppData\Roaming\Win7codecs
2013-04-13 20:02 . 2013-04-13 20:02 -------- d-----w- c:\program files\Win7codecs
2013-04-13 19:59 . 2013-04-13 20:02 -------- d-----w- c:\programdata\Win7codecs
2013-04-11 01:18 . 2013-04-11 01:18 302368 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-04-10 18:14 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 18:14 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 18:14 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 18:14 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 18:14 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 18:14 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-10 18:13 . 2013-03-02 05:07 1212264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-05 19:26 . 2013-04-05 19:26 1679360 ----a-w- c:\windows\system32\ac3filter.acm
2013-04-04 09:00 . 2013-04-04 09:00 1566720 ----a-w- c:\windows\system32\VSFilter.dll
2013-04-02 16:06 . 2013-04-06 11:27 -------- d-----w- c:\users\Vochy\AppData\Local\dxhr
2013-04-02 16:03 . 2013-04-02 16:03 -------- d-----w- c:\users\Vochy\AppData\Local\28050
2013-03-23 19:23 . 2013-03-23 19:23 -------- d-----w- c:\program files\Safari
2013-03-20 16:37 . 2013-03-20 16:37 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-12 17:32 . 2012-04-04 15:44 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-12 17:32 . 2011-05-16 04:58 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-09 16:58 . 2013-03-09 16:58 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-09 16:58 . 2012-09-04 09:54 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-09 16:58 . 2010-06-05 19:50 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-12 04:48 . 2013-03-13 16:08 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 16:08 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 17:12 . 2013-04-12 17:12 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
@="{E4000AC4-5E5F-4956-807A-C5854405D64F}"
[HKEY_CLASSES_ROOT\CLSID\{E4000AC4-5E5F-4956-807A-C5854405D64F}]
2011-02-16 07:53 73728 ----a-w- c:\windows\System32\VirtualExpander\VEShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-02 7731744]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"trustGTX14"="c:\program files\Trust\GXT14 Mouse\POINTERGHOST.exe" [2009-06-05 4833792]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2011-07-20 4393816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 14 (0xe)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart\0lsdelete
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^Vochy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^VirtualExpander.lnk]
backup=c:\windows\pss\VirtualExpander.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-12-18 14:28 38112 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2011-02-21 10:23 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2011-02-11 17:47 75048 ----a-w- c:\program files\CyberLink\Shared files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool]
2010-03-06 16:46 286720 ----a-w- c:\program files\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX110 Series]
2008-09-27 01:00 199680 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIFBE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-12 14:49 138096 ----atw- c:\users\Vochy\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-02-16 20:13 136176 ----atw- c:\users\Vochy\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 05:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
2012-12-18 01:10 578560 ----a-w- c:\program files\Samsung\Kies\KiesAirMessage.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2012-12-20 09:44 1476104 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-12-20 09:44 310280 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc]
2009-05-18 12:34 662016 ----a-w- c:\windows\vsnp2uvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager]
2013-03-11 14:07 2038552 ----a-w- c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2uvc]
2009-05-18 12:36 241664 ----a-w- c:\program files\Common Files\SNP2UVC\tsnp2uvc.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AdobeBridge"=
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [x]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 MSILiveVirtualCamera;MSI Live Virtual Camera;c:\windows\system32\DRIVERS\MSILiveVirtualCamera.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 CLKMSVC10_E92D8507;CyberLink Product - 2012/01/15 09:41;c:\program files\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [x]
R4 LMIGuardianSvc;LMIGuardianSvc; [x]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
S2 ASLSvc;Acer SmartBoot Service;c:\program files\Acer\Acer SmartBoot\ASLSvc.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]
S2 Greg_Service;GRegService;c:\program files\Acer\Registration\GregHSRW.exe [x]
S2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 KmGameMouseServiceV1;Game Mouse Communication And Update Service V1;c:\program files\Trust\GXT14 Mouse\GameMouseServiceApp.exe [x]
S2 MbnExt;Mobile Broadband Extension Service;c:\windows\system32\svchost.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 KMWDFilterV1;KMWDFilterV1;c:\windows\System32\Drivers\RPGMOUSEV1.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
GPSvcGroup REG_MULTI_SZ GPSvc
MbnExt REG_MULTI_SZ MbnExt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 17:32]
.
2013-03-16 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 09:43]
.
2012-11-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1000Core.job
- c:\users\Vochy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-20 14:49]
.
2012-11-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1000UA.job
- c:\users\Vochy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-20 14:49]
.
2013-04-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1004Core.job
- c:\users\Holky\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-17 11:11]
.
2013-04-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1004UA.job
- c:\users\Holky\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-17 11:11]
.
2012-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-11 15:07]
.
2012-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-11 15:07]
.
2013-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1000Core.job
- c:\users\Vochy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 20:13]
.
2013-04-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1000UA.job
- c:\users\Vochy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 20:13]
.
2013-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1004Core.job
- c:\users\Holky\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-20 05:33]
.
2013-04-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1037839443-943794815-1717235523-1004UA.job
- c:\users\Holky\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-20 05:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/ig?hl=cs&source=mpes
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=extensa_e430&r=17350110xn06p73h53tm50h8l1iy9q
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Prevést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Prevést cíl vazby do existujícího PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Prevést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridat do stávajícího PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Vochy\AppData\Roaming\Mozilla\Firefox\Profiles\x3gdfzsr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1037839443-943794815-1717235523-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{65136AE9-CFE3-900C-5A30-0C1AFBB0874E}*]
"oahhilhhkikahahhljedkkcbikhlgc"=hex:6a,61,6b,64,61,6f,69,63,70,61,70,63,65,67,
70,63,6f,69,68,6b,00,00
"pajggbekdbfbnanfincmjifebldobncb"=hex:6b,61,65,64,68,63,6d,63,62,67,6c,6b,6a,
69,6e,6b,6f,61,63,64,70,61,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(920)
c:\windows\system32\wvauth.DLL
.
- - - - - - - > 'Explorer.exe'(5308)
c:\windows\system32\VirtualExpander\VEShellExt.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Trust\GXT14 Mouse\StartAutorun.exe
c:\program files\Trust\GXT14 Mouse\RapooV1Process.exe
.
**************************************************************************
.
Celkový čas: 2013-04-18 08:40:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-18 06:40
.
Před spuštěním: Volných bajtů: 95 414 210 560
Po spuštění: Volných bajtů: 95 080 800 256
.
- - End Of File - - 391C9F8E5DCE7F69C973D8015D1F535C

Trosku jste to popletl, tam neni navod k aplikovani a pak se obraceni na nase stranky, tam je to obracene. O tom navodu samozrejme vim, jelikoz jeho preklad tvoril tym naseho fora

Použití ComboFixu

Pokud potřebujete asistenci při odvirovávání počítače, úplně nejdříve si založte vlastní téma na některém z internetových fór uvedených ke konci tohoto návodu a na něm požádejte o pomoc. Na každém z těchto fór platí rozdílná pravidla a skutečnosti, jimiž je třeba se řídit, proto si vždy pročtěte tamější důležité informace a oznámení, abyste věděli, jak přesně máte postupovat. Pokud Vás rádce požádal o vytvoření logu z ComboFixu, ukážeme si nyní, jak jeden takový zhotovit.

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V okne Additional Option zakliknete vsechny moznosti
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

12:57:48.0080 4492 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:57:48.0745 4492 ============================================================
12:57:48.0745 4492 Current date / time: 2013/04/18 12:57:48.0745
12:57:48.0745 4492 SystemInfo:
12:57:48.0745 4492
12:57:48.0745 4492 OS Version: 6.1.7601 ServicePack: 1.0
12:57:48.0745 4492 Product type: Workstation
12:57:48.0746 4492 ComputerName: AIRFIREWALL
12:57:48.0746 4492 UserName: Vochy
12:57:48.0746 4492 Windows directory: C:\Windows
12:57:48.0746 4492 System windows directory: C:\Windows
12:57:48.0746 4492 Processor architecture: Intel x86
12:57:48.0746 4492 Number of processors: 3
12:57:48.0746 4492 Page size: 0x1000
12:57:48.0746 4492 Boot type: Normal boot
12:57:48.0746 4492 ============================================================
12:57:49.0585 4492 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:57:49.0656 4492 Drive \Device\Harddisk5\DR5 - Size: 0x3DF80000 (0.97 Gb), SectorSize: 0x200, Cylinders: 0x7E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:57:49.0657 4492 ============================================================
12:57:49.0657 4492 \Device\Harddisk0\DR0:
12:57:49.0658 4492 MBR partitions:
12:57:49.0658 4492 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x32000
12:57:49.0658 4492 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x247E7000
12:57:49.0658 4492 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x26019800, BlocksNum 0x2483E000
12:57:49.0658 4492 \Device\Harddisk5\DR5:
12:57:49.0659 4492 MBR partitions:
12:57:49.0659 4492 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x1EFBE0
12:57:49.0659 4492 ============================================================
12:57:49.0678 4492 C: <-> \Device\Harddisk0\DR0\Partition2
12:57:49.0708 4492 D: <-> \Device\Harddisk0\DR0\Partition3
12:57:49.0708 4492 ============================================================
12:57:49.0708 4492 Initialize success
12:57:49.0708 4492 ============================================================
12:58:15.0416 1788 ============================================================
12:58:15.0417 1788 Scan started
12:58:15.0417 1788 Mode: Manual; SigCheck; TDLFS;
12:58:15.0417 1788 ============================================================
12:58:15.0802 1788 ================ Scan system memory ========================
12:58:15.0802 1788 System memory - ok
12:58:15.0803 1788 ================ Scan services =============================
12:58:15.0902 1788 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:58:16.0026 1788 1394ohci - ok
12:58:16.0084 1788 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:58:16.0101 1788 ACDaemon - ok
12:58:16.0111 1788 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:58:16.0125 1788 ACPI - ok
12:58:16.0133 1788 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:58:16.0187 1788 AcpiPmi - ok
12:58:16.0232 1788 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:58:16.0244 1788 AdobeARMservice - ok
12:58:16.0273 1788 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:58:16.0285 1788 AdobeFlashPlayerUpdateSvc - ok
12:58:16.0315 1788 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:58:16.0334 1788 adp94xx - ok
12:58:16.0350 1788 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:58:16.0365 1788 adpahci - ok
12:58:16.0380 1788 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:58:16.0394 1788 adpu320 - ok
12:58:16.0452 1788 [ 993F7B0BA5188A0007C085AA10257B8E ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
12:58:16.0466 1788 AdvancedSystemCareService6 - ok
12:58:16.0479 1788 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:58:16.0505 1788 AeLookupSvc - ok
12:58:16.0533 1788 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
12:58:16.0573 1788 AFD - ok
12:58:16.0601 1788 [ BCEB020D36634CADA07882E4C221E85E ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
12:58:16.0661 1788 AgereSoftModem - ok
12:58:16.0687 1788 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
12:58:16.0699 1788 agp440 - ok
12:58:16.0709 1788 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
12:58:16.0721 1788 aic78xx - ok
12:58:16.0730 1788 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
12:58:16.0757 1788 ALG - ok
12:58:16.0770 1788 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
12:58:16.0781 1788 aliide - ok
12:58:16.0798 1788 [ 60201AD353105D8C6796C1B69E6C49F0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:58:16.0835 1788 AMD External Events Utility - ok
12:58:16.0867 1788 AMD FUEL Service - ok
12:58:16.0879 1788 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:58:16.0890 1788 amdagp - ok
12:58:16.0901 1788 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
12:58:16.0912 1788 amdide - ok
12:58:16.0919 1788 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:58:16.0939 1788 AmdK8 - ok
12:58:17.0032 1788 [ 51610B74A9A1D84DC86FCE1019BEAFF4 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:58:17.0158 1788 amdkmdag - ok
12:58:17.0175 1788 [ CD1D86AB81EECE67D7BD6F7EF9786CCC ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:58:17.0205 1788 amdkmdap - ok
12:58:17.0223 1788 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:58:17.0245 1788 AmdPPM - ok
12:58:17.0262 1788 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:58:17.0274 1788 amdsata - ok
12:58:17.0283 1788 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:58:17.0296 1788 amdsbs - ok
12:58:17.0308 1788 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:58:17.0319 1788 amdxata - ok
12:58:17.0337 1788 [ 66F4DE5876DC1A47BA1ACE909FA9AEEF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
12:58:17.0348 1788 AODDriver4.2 - ok
12:58:17.0371 1788 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
12:58:17.0453 1788 AppID - ok
12:58:17.0474 1788 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:58:17.0509 1788 AppIDSvc - ok
12:58:17.0531 1788 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
12:58:17.0576 1788 Appinfo - ok
12:58:17.0618 1788 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:58:17.0630 1788 arc - ok
12:58:17.0637 1788 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:58:17.0649 1788 arcsas - ok
12:58:17.0683 1788 [ 1738EAC9C95AE14E471F51778940C111 ] ASLSvc C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe
12:58:17.0699 1788 ASLSvc ( UnsignedFile.Multi.Generic ) - warning
12:58:17.0699 1788 ASLSvc - detected UnsignedFile.Multi.Generic (1)
12:58:17.0712 1788 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:58:17.0791 1788 AsyncMac - ok
12:58:17.0812 1788 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
12:58:17.0822 1788 atapi - ok
12:58:17.0843 1788 [ C7C4A32657EA691895DC5A270EB1DE77 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
12:58:17.0891 1788 AtiHDAudioService - ok
12:58:17.0903 1788 [ 430449D04B05348879244C9090D405B4 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
12:58:17.0914 1788 AtiHdmiService - ok
12:58:17.0998 1788 [ 51610B74A9A1D84DC86FCE1019BEAFF4 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:58:18.0058 1788 atikmdag - ok
12:58:18.0068 1788 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
12:58:18.0078 1788 AtiPcie - ok
12:58:18.0101 1788 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
12:58:18.0117 1788 atksgt - ok
12:58:18.0145 1788 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:58:18.0184 1788 AudioEndpointBuilder - ok
12:58:18.0204 1788 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:58:18.0228 1788 Audiosrv - ok
12:58:18.0340 1788 [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
12:58:18.0464 1788 AVGIDSAgent - ok
12:58:18.0481 1788 [ EF67527CC2AD77D22AB1405C6470407E ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
12:58:18.0493 1788 AVGIDSDriver - ok
12:58:18.0521 1788 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfilterx.sys
12:58:18.0531 1788 AVGIDSFilter - ok
12:58:18.0556 1788 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
12:58:18.0566 1788 AVGIDSHX - ok
12:58:18.0586 1788 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
12:58:18.0597 1788 AVGIDSShim - ok
12:58:18.0619 1788 [ 6671345A6E2669AF1966BAF68EC5620F ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
12:58:18.0633 1788 Avgldx86 - ok
12:58:18.0651 1788 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
12:58:18.0661 1788 Avgmfx86 - ok
12:58:18.0692 1788 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
12:58:18.0702 1788 Avgrkx86 - ok
12:58:18.0734 1788 [ 1647C720358DCC98ACF51E597C461C4D ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
12:58:18.0749 1788 Avgtdix - ok
12:58:18.0767 1788 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
12:58:18.0779 1788 avgwd - ok
12:58:18.0794 1788 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:58:18.0819 1788 AxInstSV - ok
12:58:18.0843 1788 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
12:58:18.0859 1788 b06bdrv - ok
12:58:18.0872 1788 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:58:18.0898 1788 b57nd60x - ok
12:58:18.0935 1788 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
12:58:18.0946 1788 BcmSqlStartupSvc - ok
12:58:18.0966 1788 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
12:58:18.0995 1788 BDESVC - ok
12:58:19.0006 1788 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
12:58:19.0029 1788 Beep - ok
12:58:19.0058 1788 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
12:58:19.0099 1788 BFE - ok
12:58:19.0126 1788 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
12:58:19.0183 1788 BITS - ok
12:58:19.0202 1788 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:58:19.0221 1788 blbdrive - ok
12:58:19.0243 1788 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:58:19.0275 1788 bowser - ok
12:58:19.0284 1788 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:58:19.0337 1788 BrFiltLo - ok
12:58:19.0349 1788 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:58:19.0375 1788 BrFiltUp - ok
12:58:19.0401 1788 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:58:19.0425 1788 BridgeMP - ok
12:58:19.0454 1788 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
12:58:19.0484 1788 Browser - ok
12:58:19.0505 1788 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:58:19.0530 1788 Brserid - ok
12:58:19.0547 1788 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:58:19.0569 1788 BrSerWdm - ok
12:58:19.0582 1788 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:58:19.0595 1788 BrUsbMdm - ok
12:58:19.0604 1788 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:58:19.0616 1788 BrUsbSer - ok
12:58:19.0621 1788 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:58:19.0651 1788 BTHMODEM - ok
12:58:19.0676 1788 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
12:58:19.0714 1788 bthserv - ok
12:58:19.0744 1788 [ 1778EBA872274C1226D869CD9486847E ] Capture Device Service C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
12:58:19.0755 1788 Capture Device Service - ok
12:58:19.0797 1788 catchme - ok
12:58:19.0809 1788 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:58:19.0846 1788 cdfs - ok
12:58:19.0867 1788 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:58:19.0890 1788 cdrom - ok
12:58:19.0914 1788 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
12:58:19.0947 1788 CertPropSvc - ok
12:58:19.0964 1788 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:58:19.0977 1788 circlass - ok
12:58:19.0991 1788 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
12:58:20.0006 1788 CLFS - ok
12:58:20.0062 1788 [ 4642B5A3E0D2E61D08163DE95FC5B949 ] CLKMSVC10_E92D8507 C:\Program Files\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
12:58:20.0076 1788 CLKMSVC10_E92D8507 - ok
12:58:20.0118 1788 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:58:20.0129 1788 clr_optimization_v2.0.50727_32 - ok
12:58:20.0162 1788 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:58:20.0175 1788 clr_optimization_v4.0.30319_32 - ok
12:58:20.0184 1788 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:58:20.0211 1788 CmBatt - ok
12:58:20.0226 1788 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:58:20.0237 1788 cmdide - ok
12:58:20.0270 1788 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
12:58:20.0293 1788 CNG - ok
12:58:20.0299 1788 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:58:20.0311 1788 Compbatt - ok
12:58:20.0328 1788 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:58:20.0358 1788 CompositeBus - ok
12:58:20.0361 1788 COMSysApp - ok
12:58:20.0376 1788 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:58:20.0388 1788 crcdisk - ok
12:58:20.0416 1788 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:58:20.0440 1788 CryptSvc - ok
12:58:20.0462 1788 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
12:58:20.0498 1788 DcomLaunch - ok
12:58:20.0522 1788 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
12:58:20.0556 1788 defragsvc - ok
12:58:20.0575 1788 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:58:20.0608 1788 DfsC - ok
12:58:20.0655 1788 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
12:58:20.0667 1788 dg_ssudbus - ok
12:58:20.0691 1788 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:58:20.0718 1788 Dhcp - ok
12:58:20.0734 1788 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
12:58:20.0767 1788 discache - ok
12:58:20.0785 1788 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:58:20.0797 1788 Disk - ok
12:58:20.0819 1788 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:58:20.0843 1788 Dnscache - ok
12:58:20.0870 1788 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
12:58:20.0909 1788 dot3svc - ok
12:58:20.0938 1788 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
12:58:20.0969 1788 DPS - ok
12:58:20.0980 1788 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:58:21.0001 1788 drmkaud - ok
12:58:21.0031 1788 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:58:21.0063 1788 DXGKrnl - ok
12:58:21.0079 1788 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
12:58:21.0103 1788 EapHost - ok
12:58:21.0158 1788 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
12:58:21.0244 1788 ebdrv - ok
12:58:21.0262 1788 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
12:58:21.0281 1788 EFS - ok
12:58:21.0324 1788 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:58:21.0364 1788 ehRecvr - ok
12:58:21.0384 1788 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
12:58:21.0405 1788 ehSched - ok
12:58:21.0428 1788 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:58:21.0449 1788 elxstor - ok
12:58:21.0469 1788 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:58:21.0491 1788 ErrDev - ok
12:58:21.0525 1788 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
12:58:21.0550 1788 EventSystem - ok
12:58:21.0586 1788 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
12:58:21.0608 1788 ew_hwusbdev - ok
12:58:21.0631 1788 [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
12:58:21.0657 1788 ew_usbenumfilter - ok
12:58:21.0674 1788 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
12:58:21.0709 1788 exfat - ok
12:58:21.0726 1788 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:58:21.0763 1788 fastfat - ok
12:58:21.0789 1788 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
12:58:21.0824 1788 Fax - ok
12:58:21.0839 1788 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:58:21.0861 1788 fdc - ok
12:58:21.0879 1788 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
12:58:21.0917 1788 fdPHost - ok
12:58:21.0935 1788 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
12:58:21.0958 1788 FDResPub - ok
12:58:21.0963 1788 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:58:21.0975 1788 FileInfo - ok
12:58:22.0026 1788 [ F10D002C2F961950FF8B01AFBF3828D1 ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
12:58:22.0036 1788 FileMonitor - ok
12:58:22.0043 1788 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:58:22.0065 1788 Filetrace - ok
12:58:22.0091 1788 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:58:22.0128 1788 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:58:22.0128 1788 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:58:22.0141 1788 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:58:22.0167 1788 flpydisk - ok
12:58:22.0187 1788 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:58:22.0201 1788 FltMgr - ok
12:58:22.0235 1788 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
12:58:22.0279 1788 FontCache - ok
12:58:22.0318 1788 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:58:22.0328 1788 FontCache3.0.0.0 - ok
12:58:22.0341 1788 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:58:22.0353 1788 FsDepends - ok
12:58:22.0367 1788 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:58:22.0377 1788 fssfltr - ok
12:58:22.0431 1788 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
12:58:22.0473 1788 fsssvc - ok
12:58:22.0491 1788 [ CBE5F69A5E5B918225F420BA748F3742 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
12:58:22.0496 1788 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
12:58:22.0496 1788 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
12:58:22.0512 1788 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:58:22.0524 1788 Fs_Rec - ok
12:58:22.0557 1788 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:58:22.0574 1788 fvevol - ok
12:58:22.0582 1788 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:58:22.0593 1788 gagp30kx - ok
12:58:22.0618 1788 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
12:58:22.0652 1788 gpsvc - ok
12:58:22.0693 1788 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files\Acer\Registration\GregHSRW.exe
12:58:22.0727 1788 Greg_Service - ok
12:58:22.0773 1788 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:58:22.0784 1788 gupdate - ok
12:58:22.0789 1788 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:58:22.0799 1788 gupdatem - ok
12:58:22.0814 1788 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:58:22.0835 1788 hcw85cir - ok
12:58:22.0863 1788 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:58:22.0880 1788 HdAudAddService - ok
12:58:22.0894 1788 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:58:22.0908 1788 HDAudBus - ok
12:58:22.0912 1788 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:58:22.0936 1788 HidBatt - ok
12:58:22.0948 1788 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:58:22.0968 1788 HidBth - ok
12:58:22.0985 1788 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:58:23.0011 1788 HidIr - ok
12:58:23.0031 1788 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
12:58:23.0063 1788 hidserv - ok
12:58:23.0081 1788 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:58:23.0107 1788 HidUsb - ok
12:58:23.0128 1788 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:58:23.0162 1788 hkmsvc - ok
12:58:23.0181 1788 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:58:23.0214 1788 HomeGroupListener - ok
12:58:23.0236 1788 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:58:23.0257 1788 HomeGroupProvider - ok
12:58:23.0273 1788 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:58:23.0285 1788 HpSAMD - ok
12:58:23.0309 1788 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:58:23.0338 1788 HTTP - ok
12:58:23.0368 1788 [ B73B6816BE98F6CAE539EB458626C411 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
12:58:23.0394 1788 huawei_cdcacm - ok
12:58:23.0412 1788 [ 12CA899F967E6B6F14E080705DF68932 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
12:58:23.0484 1788 huawei_enumerator - ok
12:58:23.0514 1788 [ AB58FF5B1A2B23C751E29975081E8015 ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
12:58:23.0541 1788 huawei_ext_ctrl - ok
12:58:23.0560 1788 [ 3DE02030C22EB5916A3D2A1CEA01B234 ] huawei_wwanecm C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
12:58:23.0581 1788 huawei_wwanecm - ok
12:58:23.0603 1788 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:58:23.0614 1788 hwpolicy - ok
12:58:23.0630 1788 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:58:23.0685 1788 i8042prt - ok
12:58:23.0704 1788 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:58:23.0720 1788 iaStorV - ok
12:58:23.0752 1788 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:58:23.0784 1788 idsvc - ok
12:58:23.0805 1788 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:58:23.0817 1788 iirsp - ok
12:58:23.0839 1788 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
12:58:23.0891 1788 IKEEXT - ok
12:58:23.0921 1788 [ 1F0AEDCBD294A0A3B479896B278AD343 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
12:58:23.0939 1788 IMFservice - ok
12:58:23.0999 1788 [ 134A2F1211EBDCC6C061A5BC426A55AE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:58:24.0071 1788 IntcAzAudAddService - ok
12:58:24.0090 1788 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
12:58:24.0101 1788 intelide - ok
12:58:24.0114 1788 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:58:24.0140 1788 intelppm - ok
12:58:24.0166 1788 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:58:24.0201 1788 IPBusEnum - ok
12:58:24.0216 1788 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:58:24.0239 1788 IpFilterDriver - ok
12:58:24.0270 1788 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:58:24.0322 1788 iphlpsvc - ok
12:58:24.0333 1788 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:58:24.0358 1788 IPMIDRV - ok
12:58:24.0378 1788 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:58:24.0401 1788 IPNAT - ok
12:58:24.0410 1788 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:58:24.0440 1788 IRENUM - ok
12:58:24.0452 1788 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:58:24.0464 1788 isapnp - ok
12:58:24.0480 1788 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:58:24.0495 1788 iScsiPrt - ok
12:58:24.0509 1788 [ 76F9267AB1223A5EA5230625A0031BDC ] IT9135BDA C:\Windows\system32\Drivers\IT9135BDA.sys
12:58:24.0527 1788 IT9135BDA - ok
12:58:24.0541 1788 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:58:24.0552 1788 kbdclass - ok
12:58:24.0561 1788 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:58:24.0573 1788 kbdhid - ok
12:58:24.0579 1788 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
12:58:24.0592 1788 KeyIso - ok
12:58:24.0621 1788 [ 54C3B8E2C5D5C28FCF2C968D577C3561 ] KmGameMouseServiceV1 C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe
12:58:24.0641 1788 KmGameMouseServiceV1 ( UnsignedFile.Multi.Generic ) - warning
12:58:24.0641 1788 KmGameMouseServiceV1 - detected UnsignedFile.Multi.Generic (1)
12:58:24.0656 1788 [ 769E2846280AEAD581227F6AB861FBC6 ] KMWDFilterV1 C:\Windows\System32\Drivers\RPGMOUSEV1.sys
12:58:24.0659 1788 KMWDFilterV1 ( UnsignedFile.Multi.Generic ) - warning
12:58:24.0659 1788 KMWDFilterV1 - detected UnsignedFile.Multi.Generic (1)
12:58:24.0683 1788 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:58:24.0695 1788 KSecDD - ok
12:58:24.0713 1788 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:58:24.0726 1788 KSecPkg - ok
12:58:24.0746 1788 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
12:58:24.0786 1788 KtmRm - ok
12:58:24.0817 1788 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
12:58:24.0855 1788 LanmanServer - ok
12:58:24.0883 1788 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:58:24.0918 1788 LanmanWorkstation - ok
12:58:24.0981 1788 [ 55AFD4A9D5ED4AD40D5215CCDF4D65F3 ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
12:58:25.0042 1788 Lavasoft Ad-Aware Service - ok
12:58:25.0064 1788 [ 6C4A3804510AD8E0F0C07B5BE3D44DDB ] Lavasoft Kernexplorer C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
12:58:25.0074 1788 Lavasoft Kernexplorer - ok
12:58:25.0092 1788 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
12:58:25.0103 1788 lirsgt - ok
12:58:25.0116 1788 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:58:25.0150 1788 lltdio - ok
12:58:25.0181 1788 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:58:25.0216 1788 lltdsvc - ok
12:58:25.0233 1788 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
12:58:25.0264 1788 lmhosts - ok
12:58:25.0298 1788 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
12:58:25.0309 1788 lmimirr - ok
12:58:25.0313 1788 LMIRfsClientNP - ok
12:58:25.0325 1788 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
12:58:25.0336 1788 LMIRfsDriver - ok
12:58:25.0351 1788 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:58:25.0364 1788 LSI_FC - ok
12:58:25.0374 1788 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:58:25.0387 1788 LSI_SAS - ok
12:58:25.0394 1788 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:58:25.0405 1788 LSI_SAS2 - ok
12:58:25.0420 1788 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:58:25.0433 1788 LSI_SCSI - ok
12:58:25.0441 1788 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
12:58:25.0476 1788 luafv - ok
12:58:25.0497 1788 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus.sys
12:58:25.0518 1788 MarvinBus - ok
12:58:25.0582 1788 [ 664C76BD160F1B65BA06089FDAC2D867 ] MbnExt C:\Program Files\T-Mobile\Web'n'walk Manager\MbnExt.dll
12:58:25.0596 1788 MbnExt - ok
12:58:25.0619 1788 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:58:25.0633 1788 Mcx2Svc - ok
12:58:25.0646 1788 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:58:25.0657 1788 megasas - ok
12:58:25.0673 1788 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:58:25.0687 1788 MegaSR - ok
12:58:25.0743 1788 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
12:58:25.0754 1788 Microsoft Office Groove Audit Service - ok
12:58:25.0774 1788 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
12:58:25.0798 1788 MMCSS - ok
12:58:25.0802 1788 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
12:58:25.0824 1788 Modem - ok
12:58:25.0839 1788 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:58:25.0859 1788 monitor - ok
12:58:25.0877 1788 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:58:25.0888 1788 mouclass - ok
12:58:25.0896 1788 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:58:25.0922 1788 mouhid - ok
12:58:25.0950 1788 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:58:25.0962 1788 mountmgr - ok
12:58:25.0987 1788 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:58:26.0000 1788 MozillaMaintenance - ok
12:58:26.0017 1788 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
12:58:26.0030 1788 mpio - ok
12:58:26.0040 1788 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:58:26.0077 1788 mpsdrv - ok
12:58:26.0102 1788 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:58:26.0138 1788 MpsSvc - ok
12:58:26.0161 1788 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:58:26.0177 1788 MRxDAV - ok
12:58:26.0205 1788 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:58:26.0246 1788 mrxsmb - ok
12:58:26.0274 1788 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:58:26.0298 1788 mrxsmb10 - ok
12:58:26.0311 1788 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:58:26.0323 1788 mrxsmb20 - ok
12:58:26.0344 1788 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
12:58:26.0356 1788 msahci - ok
12:58:26.0367 1788 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:58:26.0380 1788 msdsm - ok
12:58:26.0397 1788 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
12:58:26.0425 1788 MSDTC - ok
12:58:26.0449 1788 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:58:26.0498 1788 Msfs - ok
12:58:26.0510 1788 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:58:26.0547 1788 mshidkmdf - ok
12:58:26.0575 1788 [ 2F51C135AC2B81F5242C20A47C307CBE ] MSILiveVirtualCamera C:\Windows\system32\DRIVERS\MSILiveVirtualCamera.sys
12:58:26.0594 1788 MSILiveVirtualCamera - ok
12:58:26.0614 1788 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:58:26.0625 1788 msisadrv - ok
12:58:26.0639 1788 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:58:26.0671 1788 MSiSCSI - ok
12:58:26.0675 1788 msiserver - ok
12:58:26.0689 1788 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:58:26.0711 1788 MSKSSRV - ok
12:58:26.0722 1788 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:58:26.0753 1788 MSPCLOCK - ok
12:58:26.0767 1788 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:58:26.0798 1788 MSPQM - ok
12:58:26.0814 1788 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:58:26.0826 1788 MsRPC - ok
12:58:26.0837 1788 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:58:26.0848 1788 mssmbios - ok
12:58:26.0887 1788 MSSQL$MSSMLBIZ - ok
12:58:26.0911 1788 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
12:58:26.0921 1788 MSSQLServerADHelper - ok
12:58:26.0936 1788 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:58:26.0958 1788 MSTEE - ok
12:58:26.0973 1788 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:58:26.0992 1788 MTConfig - ok
12:58:26.0997 1788 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
12:58:27.0008 1788 Mup - ok
12:58:27.0034 1788 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
12:58:27.0073 1788 napagent - ok
12:58:27.0096 1788 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:58:27.0113 1788 NativeWifiP - ok
12:58:27.0149 1788 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:58:27.0182 1788 NDIS - ok
12:58:27.0191 1788 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:58:27.0214 1788 NdisCap - ok
12:58:27.0226 1788 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:58:27.0263 1788 NdisTapi - ok
12:58:27.0288 1788 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:58:27.0324 1788 Ndisuio - ok
12:58:27.0349 1788 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:58:27.0379 1788 NdisWan - ok
12:58:27.0399 1788 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:58:27.0434 1788 NDProxy - ok
12:58:27.0484 1788 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
12:58:27.0517 1788 Nero BackItUp Scheduler 4.0 - ok
12:58:27.0526 1788 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:58:27.0564 1788 NetBIOS - ok
12:58:27.0595 1788 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:58:27.0618 1788 NetBT - ok
12:58:27.0629 1788 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
12:58:27.0640 1788 Netlogon - ok
12:58:27.0663 1788 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
12:58:27.0689 1788 Netman - ok
12:58:27.0703 1788 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
12:58:27.0738 1788 netprofm - ok
12:58:27.0766 1788 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:58:27.0778 1788 NetTcpPortSharing - ok
12:58:27.0792 1788 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:58:27.0803 1788 nfrd960 - ok
12:58:27.0828 1788 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:58:27.0851 1788 NlaSvc - ok
12:58:27.0878 1788 [ B0A67DE1A128389AEA4D42C5A56215FD ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
12:58:27.0901 1788 nmwcd - ok
12:58:27.0914 1788 [ 025C54F9F8C8BC1894EA38529C742C54 ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
12:58:27.0937 1788 nmwcdc - ok
12:58:27.0958 1788 [ 4F0DE685A96DC843CCC8A861B3FAC12D ] nmwcdnsu C:\Windows\system32\drivers\nmwcdnsu.sys
12:58:27.0982 1788 nmwcdnsu - ok
12:58:28.0010 1788 [ 578117C0C0CF10D99C8853E83C4BC63C ] nmwcdnsuc C:\Windows\system32\drivers\nmwcdnsuc.sys
12:58:28.0045 1788 nmwcdnsuc - ok
12:58:28.0049 1788 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:58:28.0072 1788 Npfs - ok
12:58:28.0091 1788 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
12:58:28.0115 1788 nsi - ok
12:58:28.0128 1788 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:58:28.0165 1788 nsiproxy - ok
12:58:28.0221 1788 [ 9CDAEBE5160B9AF02AE17C62BDB6C4B5 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:58:28.0256 1788 Ntfs - ok
12:58:28.0288 1788 [ BD691091AC7D9713D8F0B07C6B099E6C ] NTI IScheduleSvc C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
12:58:28.0297 1788 NTI IScheduleSvc - ok
12:58:28.0302 1788 [ 6DCAA65F49EF3B97A5CFFC0CB5DE1C2F ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
12:58:28.0312 1788 NTIDrvr - ok
12:58:28.0325 1788 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
12:58:28.0363 1788 Null - ok
12:58:28.0382 1788 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:58:28.0394 1788 nvraid - ok
12:58:28.0413 1788 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:58:28.0427 1788 nvstor - ok
12:58:28.0442 1788 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:58:28.0454 1788 nv_agp - ok
12:58:28.0496 1788 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:58:28.0516 1788 odserv - ok
12:58:28.0535 1788 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:58:28.0560 1788 ohci1394 - ok
12:58:28.0585 1788 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:58:28.0597 1788 ose - ok
12:58:28.0644 1788 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:58:28.0676 1788 p2pimsvc - ok
12:58:28.0712 1788 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
12:58:28.0740 1788 p2psvc - ok
12:58:28.0779 1788 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:58:28.0804 1788 Parport - ok
12:58:28.0828 1788 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:58:28.0840 1788 partmgr - ok
12:58:28.0849 1788 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
12:58:28.0861 1788 Parvdm - ok
12:58:28.0875 1788 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:58:28.0891 1788 PcaSvc - ok
12:58:28.0907 1788 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
12:58:28.0932 1788 pccsmcfd - ok
12:58:28.0953 1788 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
12:58:28.0966 1788 pci - ok
12:58:28.0984 1788 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
12:58:28.0995 1788 pciide - ok
12:58:29.0016 1788 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\Windows\system32\drivers\pclepci.sys
12:58:29.0032 1788 PCLEPCI ( UnsignedFile.Multi.Generic ) - warning
12:58:29.0032 1788 PCLEPCI - detected UnsignedFile.Multi.Generic (1)
12:58:29.0050 1788 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:58:29.0064 1788 pcmcia - ok
12:58:29.0076 1788 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
12:58:29.0088 1788 pcw - ok
12:58:29.0102 1788 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:58:29.0142 1788 PEAUTH - ok
12:58:29.0196 1788 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
12:58:29.0264 1788 pla - ok
12:58:29.0293 1788 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:58:29.0317 1788 PlugPlay - ok
12:58:29.0337 1788 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:58:29.0362 1788 PNRPAutoReg - ok
12:58:29.0385 1788 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:58:29.0399 1788 PNRPsvc - ok
12:58:29.0418 1788 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:58:29.0452 1788 PolicyAgent - ok
12:58:29.0487 1788 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
12:58:29.0510 1788 Power - ok
12:58:29.0521 1788 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:58:29.0552 1788 PptpMiniport - ok
12:58:29.0565 1788 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:58:29.0577 1788 Processor - ok
12:58:29.0605 1788 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
12:58:29.0630 1788 ProfSvc - ok
12:58:29.0645 1788 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:58:29.0657 1788 ProtectedStorage - ok
12:58:29.0669 1788 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:58:29.0706 1788 Psched - ok
12:58:29.0729 1788 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
12:58:29.0740 1788 PSI_SVC_2 - ok
12:58:29.0767 1788 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:58:29.0813 1788 ql2300 - ok
12:58:29.0833 1788 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:58:29.0846 1788 ql40xx - ok
12:58:29.0861 1788 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
12:58:29.0890 1788 QWAVE - ok
12:58:29.0903 1788 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:58:29.0917 1788 QWAVEdrv - ok
12:58:29.0942 1788 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
12:58:29.0955 1788 RapiMgr - ok
12:58:29.0963 1788 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:58:29.0996 1788 RasAcd - ok
12:58:30.0021 1788 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:58:30.0052 1788 RasAgileVpn - ok
12:58:30.0068 1788 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
12:58:30.0092 1788 RasAuto - ok
12:58:30.0106 1788 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:58:30.0141 1788 Rasl2tp - ok
12:58:30.0171 1788 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
12:58:30.0208 1788 RasMan - ok
12:58:30.0227 1788 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:58:30.0250 1788 RasPppoe - ok
12:58:30.0255 1788 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:58:30.0285 1788 RasSstp - ok
12:58:30.0302 1788 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:58:30.0338 1788 rdbss - ok
12:58:30.0352 1788 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:58:30.0365 1788 rdpbus - ok
12:58:30.0383 1788 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:58:30.0414 1788 RDPCDD - ok
12:58:30.0434 1788 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:58:30.0465 1788 RDPENCDD - ok
12:58:30.0481 1788 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:58:30.0514 1788 RDPREFMP - ok
12:58:30.0540 1788 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:58:30.0552 1788 RdpVideoMiniport - ok
12:58:30.0587 1788 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:58:30.0619 1788 RDPWD - ok
12:58:30.0651 1788 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:58:30.0665 1788 rdyboost - ok
12:58:30.0700 1788 [ 349447385B15FCE50E5E964CC5C1A8D6 ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys
12:58:30.0710 1788 RegFilter - ok
12:58:30.0733 1788 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
12:58:30.0771 1788 RemoteAccess - ok
12:58:30.0801 1788 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:58:30.0836 1788 RemoteRegistry - ok
12:58:30.0851 1788 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:58:30.0895 1788 RpcEptMapper - ok
12:58:30.0915 1788 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
12:58:30.0943 1788 RpcLocator - ok
12:58:30.0970 1788 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
12:58:30.0995 1788 RpcSs - ok
12:58:31.0009 1788 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:58:31.0048 1788 rspndr - ok
12:58:31.0062 1788 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
12:58:31.0073 1788 SamSs - ok
12:58:31.0090 1788 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:58:31.0102 1788 sbp2port - ok
12:58:31.0112 1788 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:58:31.0143 1788 SCardSvr - ok
12:58:31.0166 1788 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:58:31.0198 1788 scfilter - ok
12:58:31.0229 1788 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
12:58:31.0268 1788 Schedule - ok
12:58:31.0289 1788 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:58:31.0311 1788 SCPolicySvc - ok
12:58:31.0337 1788 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:58:31.0360 1788 SDRSVC - ok
12:58:31.0389 1788 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:58:31.0423 1788 secdrv - ok
12:58:31.0447 1788 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
12:58:31.0482 1788 seclogon - ok
12:58:31.0536 1788 [ D7F978C1B6387544FE132EB5B915ED1A ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
12:58:31.0571 1788 SecureStorageService ( UnsignedFile.Multi.Generic ) - warning
12:58:31.0571 1788 SecureStorageService - detected UnsignedFile.Multi.Generic (1)
12:58:31.0585 1788 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
12:58:31.0620 1788 SENS - ok
12:58:31.0626 1788 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:58:31.0647 1788 SensrSvc - ok
12:58:31.0652 1788 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:58:31.0671 1788 Serenum - ok
12:58:31.0691 1788 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:58:31.0713 1788 Serial - ok
12:58:31.0732 1788 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:58:31.0743 1788 sermouse - ok
12:58:31.0782 1788 [ 668043F192AB9659761A349A4703600D ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:58:31.0812 1788 ServiceLayer - ok
12:58:31.0844 1788 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
12:58:31.0886 1788 SessionEnv - ok
12:58:31.0906 1788 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:58:31.0943 1788 sffdisk - ok
12:58:31.0961 1788 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:58:31.0985 1788 sffp_mmc - ok
12:58:32.0001 1788 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:58:32.0013 1788 sffp_sd - ok
12:58:32.0022 1788 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:58:32.0041 1788 sfloppy - ok
12:58:32.0076 1788 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:58:32.0115 1788 SharedAccess - ok
12:58:32.0140 1788 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:58:32.0176 1788 ShellHWDetection - ok
12:58:32.0201 1788 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:58:32.0213 1788 sisagp - ok
12:58:32.0223 1788 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:58:32.0235 1788 SiSRaid2 - ok
12:58:32.0250 1788 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:58:32.0263 1788 SiSRaid4 - ok
12:58:32.0313 1788 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:58:32.0324 1788 SkypeUpdate - ok
12:58:32.0351 1788 [ BF302072DC8374CF4E118FD88AA817A2 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
12:58:32.0360 1788 SmartDefragDriver - ok
12:58:32.0374 1788 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:58:32.0397 1788 Smb - ok
12:58:32.0424 1788 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:58:32.0449 1788 SNMPTRAP - ok
12:58:32.0520 1788 [ CB403D702D0C6B558CF656646E71DB7F ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
12:58:32.0596 1788 SNP2UVC - ok
12:58:32.0613 1788 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
12:58:32.0624 1788 spldr - ok
12:58:32.0658 1788 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
12:58:32.0684 1788 Spooler - ok
12:58:32.0748 1788 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
12:58:32.0841 1788 sppsvc - ok
12:58:32.0867 1788 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:58:32.0902 1788 sppuinotify - ok
12:58:32.0933 1788 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys
12:58:32.0933 1788 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
12:58:32.0936 1788 sptd ( LockedFile.Multi.Generic ) - warning
12:58:32.0936 1788 sptd - detected LockedFile.Multi.Generic (1)
12:58:32.0953 1788 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:58:32.0965 1788 SQLBrowser - ok
12:58:32.0985 1788 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:58:32.0995 1788 SQLWriter - ok
12:58:33.0019 1788 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:58:33.0054 1788 srv - ok
12:58:33.0071 1788 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:58:33.0086 1788 srv2 - ok
12:58:33.0097 1788 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:58:33.0109 1788 srvnet - ok
12:58:33.0129 1788 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:58:33.0166 1788 SSDPSRV - ok
12:58:33.0184 1788 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:58:33.0207 1788 SstpSvc - ok
12:58:33.0236 1788 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
12:58:33.0248 1788 ssudmdm - ok
12:58:33.0268 1788 [ 54946449A0EB74915A4BB34F7EE51A5A ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys
12:58:33.0280 1788 ss_bus - ok
12:58:33.0304 1788 [ 4450BC0B2E9D7D9B90E3C3DE4EA00A78 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys
12:58:33.0313 1788 ss_mdfl - ok
12:58:33.0337 1788 [ 30B8D0DD01EAD1243F329CAF7D7D1517 ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys
12:58:33.0349 1788 ss_mdm - ok
12:58:33.0361 1788 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
12:58:33.0365 1788 StarOpen ( UnsignedFile.Multi.Generic ) - warning
12:58:33.0365 1788 StarOpen - detected UnsignedFile.Multi.Generic (1)
12:58:33.0393 1788 Steam Client Service - ok
12:58:33.0413 1788 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:58:33.0424 1788 stexstor - ok
12:58:33.0454 1788 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
12:58:33.0500 1788 StiSvc - ok
12:58:33.0526 1788 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
12:58:33.0538 1788 swenum - ok
12:58:33.0577 1788 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:58:33.0593 1788 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
12:58:33.0593 1788 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
12:58:33.0609 1788 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
12:58:33.0649 1788 swprv - ok
12:58:33.0683 1788 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
12:58:33.0717 1788 SysMain - ok
12:58:33.0740 1788 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:58:33.0770 1788 TabletInputService - ok
12:58:33.0796 1788 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
12:58:33.0831 1788 TapiSrv - ok
12:58:33.0858 1788 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
12:58:33.0882 1788 TBS - ok
12:58:33.0923 1788 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:58:33.0968 1788 Tcpip - ok
12:58:33.0995 1788 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:58:34.0021 1788 TCPIP6 - ok
12:58:34.0041 1788 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:58:34.0062 1788 tcpipreg - ok
12:58:34.0093 1788 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:58:34.0112 1788 TDPIPE - ok
12:58:34.0139 1788 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:58:34.0159 1788 TDTCP - ok
12:58:34.0175 1788 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:58:34.0206 1788 tdx - ok
12:58:34.0323 1788 [ 6B1B2F8D62D606B200C2072564090104 ] TeamViewer8 C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
12:58:34.0376 1788 TeamViewer8 - ok
12:58:34.0413 1788 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
12:58:34.0435 1788 teamviewervpn - ok
12:58:34.0453 1788 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:58:34.0465 1788 TermDD - ok
12:58:34.0493 1788 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
12:58:34.0543 1788 TermService - ok
12:58:34.0566 1788 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
12:58:34.0594 1788 Themes - ok
12:58:34.0607 1788 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
12:58:34.0631 1788 THREADORDER - ok
12:58:34.0654 1788 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
12:58:34.0693 1788 TrkWks - ok
12:58:34.0742 1788 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:58:34.0781 1788 TrustedInstaller - ok
12:58:34.0799 1788 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:58:34.0835 1788 tssecsrv - ok
12:58:34.0861 1788 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:58:34.0873 1788 TsUsbFlt - ok
12:58:34.0892 1788 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:58:34.0924 1788 tunnel - ok
12:58:34.0954 1788 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:58:34.0967 1788 uagp35 - ok
12:58:34.0981 1788 [ D79C0B9BB011218B93705CBF77FA3E5E ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
12:58:34.0991 1788 UBHelper - ok
12:58:35.0015 1788 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:58:35.0039 1788 udfs - ok
12:58:35.0053 1788 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:58:35.0080 1788 UI0Detect - ok
12:58:35.0138 1788 [ 45DC49296C70BC7990863ACA79B7D907 ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
12:58:35.0147 1788 UleadBurningHelper - ok
12:58:35.0163 1788 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:58:35.0175 1788 uliagpkx - ok
12:58:35.0192 1788 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:58:35.0217 1788 umbus - ok
12:58:35.0232 1788 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:58:35.0256 1788 UmPass - ok
12:58:35.0307 1788 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
12:58:35.0320 1788 Updater Service - ok
12:58:35.0331 1788 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
12:58:35.0369 1788 upnphost - ok
12:58:35.0389 1788 [ 78B74AF8727A28C128E164E9B53A5413 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
12:58:35.0432 1788 upperdev - ok
12:58:35.0459 1788 [ 50FAFF9AD8E9B25D067628CA01AAC8B6 ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys
12:58:35.0469 1788 UrlFilter - ok
12:58:35.0490 1788 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:58:35.0504 1788 usbaudio - ok
12:58:35.0521 1788 [ CCCECE399B1990D63BFC8DE8161DD838 ] usbbus C:\Windows\system32\DRIVERS\lgusbbus.sys
12:58:35.0543 1788 usbbus - ok
12:58:35.0574 1788 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:58:35.0587 1788 usbccgp - ok
12:58:35.0599 1788 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:58:35.0613 1788 usbcir - ok
12:58:35.0623 1788 [ B2EF4693E17404A178DA88318C5236B8 ] UsbDiag C:\Windows\system32\DRIVERS\lgusbdiag.sys
12:58:35.0633 1788 UsbDiag - ok
12:58:35.0656 1788 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:58:35.0667 1788 usbehci - ok
12:58:35.0692 1788 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:58:35.0719 1788 usbhub - ok
12:58:35.0738 1788 [ EB16939525ED91FB649EC68AFC865DCE ] USBModem C:\Windows\system32\DRIVERS\lgusbmodem.sys
12:58:35.0749 1788 USBModem - ok
12:58:35.0770 1788 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:58:35.0782 1788 usbohci - ok
12:58:35.0798 1788 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:58:35.0811 1788 usbprint - ok
12:58:35.0829 1788 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:58:35.0842 1788 usbscan - ok
12:58:35.0866 1788 [ 4F8FBC51A1C0A17310846B417A447F91 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
12:58:35.0898 1788 UsbserFilt - ok
12:58:35.0923 1788 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:58:35.0948 1788 USBSTOR - ok
12:58:35.0965 1788 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:58:35.0987 1788 usbuhci - ok
12:58:36.0004 1788 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:58:36.0027 1788 usbvideo - ok
12:58:36.0046 1788 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
12:58:36.0083 1788 UxSms - ok
12:58:36.0103 1788 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
12:58:36.0115 1788 VaultSvc - ok
12:58:36.0125 1788 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:58:36.0137 1788 vdrvroot - ok
12:58:36.0162 1788 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
12:58:36.0200 1788 vds - ok
12:58:36.0218 1788 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:58:36.0240 1788 vga - ok
12:58:36.0261 1788 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:58:36.0297 1788 VgaSave - ok
12:58:36.0321 1788 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:58:36.0335 1788 vhdmp - ok
12:58:36.0348 1788 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:58:36.0359 1788 viaagp - ok
12:58:36.0370 1788 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
12:58:36.0391 1788 ViaC7 - ok
12:58:36.0433 1788 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
12:58:36.0444 1788 viaide - ok
12:58:36.0454 1788 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:58:36.0465 1788 volmgr - ok
12:58:36.0477 1788 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:58:36.0492 1788 volmgrx - ok
12:58:36.0505 1788 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:58:36.0519 1788 volsnap - ok
12:58:36.0531 1788 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:58:36.0544 1788 vsmraid - ok
12:58:36.0578 1788 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
12:58:36.0641 1788 VSS - ok
12:58:36.0657 1788 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:58:36.0693 1788 vwifibus - ok
12:58:36.0717 1788 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
12:58:36.0760 1788 W32Time - ok
12:58:36.0782 1788 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:58:36.0803 1788 WacomPen - ok
12:58:36.0825 1788 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:58:36.0858 1788 WANARP - ok
12:58:36.0864 1788 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:58:36.0885 1788 Wanarpv6 - ok
12:58:36.0931 1788 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:58:36.0978 1788 WatAdminSvc - ok
12:58:37.0006 1788 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
12:58:37.0061 1788 wbengine - ok
12:58:37.0078 1788 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:58:37.0103 1788 WbioSrvc - ok
12:58:37.0131 1788 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
12:58:37.0147 1788 WcesComm - ok
12:58:37.0177 1788 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:58:37.0196 1788 wcncsvc - ok
12:58:37.0211 1788 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:58:37.0224 1788 WcsPlugInService - ok
12:58:37.0237 1788 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:58:37.0248 1788 Wd - ok
12:58:37.0283 1788 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:58:37.0308 1788 Wdf01000 - ok
12:58:37.0325 1788 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:58:37.0341 1788 WdiServiceHost - ok
12:58:37.0347 1788 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:58:37.0361 1788 WdiSystemHost - ok
12:58:37.0381 1788 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
12:58:37.0413 1788 WebClient - ok
12:58:37.0420 1788 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:58:37.0446 1788 Wecsvc - ok
12:58:37.0460 1788 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:58:37.0498 1788 wercplsupport - ok
12:58:37.0512 1788 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
12:58:37.0552 1788 WerSvc - ok
12:58:37.0569 1788 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:58:37.0592 1788 WfpLwf - ok
12:58:37.0602 1788 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:58:37.0613 1788 WIMMount - ok
12:58:37.0659 1788 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:58:37.0704 1788 WinDefend - ok
12:58:37.0714 1788 WinHttpAutoProxySvc - ok
12:58:37.0760 1788 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:58:37.0795 1788 Winmgmt - ok
12:58:37.0838 1788 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
12:58:37.0888 1788 WinRM - ok
12:58:37.0929 1788 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:58:37.0943 1788 WinUsb - ok
12:58:37.0972 1788 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:58:38.0020 1788 Wlansvc - ok
12:58:38.0066 1788 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:58:38.0076 1788 wlcrasvc - ok
12:58:38.0127 1788 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:58:38.0163 1788 wlidsvc - ok
12:58:38.0182 1788 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:58:38.0193 1788 WmiAcpi - ok
12:58:38.0214 1788 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:58:38.0227 1788 wmiApSrv - ok
12:58:38.0281 1788 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:58:38.0325 1788 WMPNetworkSvc - ok
12:58:38.0343 1788 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:58:38.0368 1788 WPCSvc - ok
12:58:38.0396 1788 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:58:38.0410 1788 WPDBusEnum - ok
12:58:38.0434 1788 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:58:38.0468 1788 ws2ifsl - ok
12:58:38.0487 1788 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
12:58:38.0517 1788 wscsvc - ok
12:58:38.0523 1788 WSearch - ok
12:58:38.0595 1788 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:58:38.0654 1788 wuauserv - ok
12:58:38.0683 1788 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:58:38.0695 1788 WudfPf - ok
12:58:38.0724 1788 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:58:38.0747 1788 WUDFRd - ok
12:58:38.0767 1788 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:58:38.0781 1788 wudfsvc - ok
12:58:38.0815 1788 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:58:38.0831 1788 WwanSvc - ok
12:58:38.0864 1788 [ 30B73EB97218A16CBC6DE535782A1B35 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
12:58:38.0886 1788 yukonw7 - ok
12:58:38.0916 1788 ================ Scan global ===============================
12:58:38.0946 1788 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
12:58:38.0973 1788 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
12:58:38.0979 1788 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
12:58:38.0996 1788 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
12:58:39.0017 1788 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
12:58:39.0020 1788 [Global] - ok
12:58:39.0020 1788 ================ Scan MBR ==================================
12:58:39.0025 1788 [ 70E629B51C16B3C007730C6AE57144C9 ] \Device\Harddisk0\DR0
12:58:41.0150 1788 \Device\Harddisk0\DR0 - ok
12:58:41.0158 1788 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR5
12:58:41.0352 1788 \Device\Harddisk5\DR5 - ok
12:58:41.0353 1788 ================ Scan VBR ==================================
12:58:41.0355 1788 [ C12843D16606F5D498EDA11884062555 ] \Device\Harddisk0\DR0\Partition1
12:58:41.0356 1788 \Device\Harddisk0\DR0\Partition1 - ok
12:58:41.0367 1788 [ 3A7EC513ECCE3A4E172927764F1216DF ] \Device\Harddisk0\DR0\Partition2
12:58:41.0368 1788 \Device\Harddisk0\DR0\Partition2 - ok
12:58:41.0381 1788 [ B9C85FF717FC3C14911A46E48F2AB6FA ] \Device\Harddisk0\DR0\Partition3
12:58:41.0382 1788 \Device\Harddisk0\DR0\Partition3 - ok
12:58:41.0386 1788 [ 2F8D0F2002D3E58202163B0A440D9BD3 ] \Device\Harddisk5\DR5\Partition1
12:58:41.0387 1788 \Device\Harddisk5\DR5\Partition1 - ok
12:58:41.0388 1788 ============================================================
12:58:41.0388 1788 Scan finished
12:58:41.0388 1788 ============================================================
12:58:41.0394 4452 Detected object count: 10
12:58:41.0394 4452 Actual detected object count: 10
12:58:59.0125 4452 ASLSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:59.0125 4452 ASLSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:59.0125 4452 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:59.0125 4452 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:59.0126 4452 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:59.0126 4452 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:59.0127 4452 KmGameMouseServiceV1 ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:59.0127 4452 KmGameMouseServiceV1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:59.0128 4452 KMWDFilterV1 ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:59.0128 4452 KMWDFilterV1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:59.0129 4452 PCLEPCI ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:59.0129 4452 PCLEPCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:59.0130 4452 SecureStorageService ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:59.0130 4452 SecureStorageService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:59.0131 4452 sptd ( LockedFile.Multi.Generic ) - skipped by user
12:58:59.0131 4452 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
12:58:59.0132 4452 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:59.0132 4452 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:59.0133 4452 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:59.0133 4452 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

Vypada to na falesnou detekci AVG, co jsem cetl i na jinych forech

Trvate na AVG, u nas neni moc obliben - vyssi zatez systemu, slabsi detekci, spise takova parodie na antivir

Děkuji Vám za ochotu,
Jen jestli by jste mi mohl teda doporučit jaký free antivir použít?
Na notebooku mám týden poslední Avast, takže ho vlastně zkouším, ale zdá se mi, že zpomaluje ještě víc jak Avg.
Děkuji

Tak jeste uklidime

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Avast patri mezi spicku bezpecnostiho SW, mezi free asi k nejlepsimu co jde sehnat

A pokud nejsou problemy ci dotazy, je to z me strany vse

Děkuji za pomoc a přeji hodně dalších úspěchů ve světě havěti.

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat